On 2016-04-15 00:41, Kees Cook wrote: > On Thu, Apr 14, 2016 at 6:02 PM, Linus Torvalds > <torvalds at linux-foundation.org> wrote: >> On Thu, Apr 14, 2016 at 1:27 PM, Emrah Demir <ed at abdsec.com> wrote: >>> On 2016-04-14 13:40, Linus Torvalds wrote: >> I've pushed out my attempt at fixing things properly. Please check >> that kexec works - and if kexec ends up reading that file as non-root, >> I don't know what to say/do. >> >> Here's the three relevant cases: >> >> cat /proc/iomem >> sudo cat /proc/iomem >> sudo cat < /proc/iomem >> >> and two of them will now show the resource ranges as just plain >> zeroes. But yes, it needed extra infrastructure to be able to get this >> right. >> > > Yup, that's why I was saying I was going to try to cook something up > for -next. It isn't a trivial change. :) Thanks for fixing it up! > file_ns_capable bring some problems. I used capable and now there is no problem as far as I tested. It'is attached. Note: I couldn't write "Noted-by:, Reported-by:" Could you write them -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-proc-iomem-only-expose-physical-resource-addresses-t.patch Type: text/x-diff Size: 1918 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/kexec/attachments/20160415/6793cdb9/attachment.bin>
