* Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote: > On Fri, Jul 01, 2011 at 02:58:02PM +0200, Ingo Molnar wrote: > > So what was not mentioned in your series, what is *your* motivation > > and your usecase? Enabling closed-source userspace drivers? Enabling > > the crash utility? > > He stated it pretty clearly in the thread, it's the crash utility. True. I only re-read the first patch and forgot about the resulting discussion. Sorry Petr! > > If the former then shame on you, if the latter then how do you > > explain that distros appear to disable the RAM aspect of > > /dev/mem: > > > > $ grep DEVMEM $(rpm -ql kernel-2.6.38-0.rc7.git2.3.fc16.x86_64 | grep config-2.6 ) > > CONFIG_STRICT_DEVMEM=y > > > > So the crash utility use-case does not work on unpatched, default > > kernels, right? > > Not if you have highmem. That's why Redhat or Fedora to quote your > example patch in the /dev/crash driver, which totally defeats the > CONFIG_STRICT_DEVMEM setting. But apparently it's good enough that no > one either noticed or at least doesn't care. After initial modules have loaded i essentially disable crash.ko via /proc/sys/kernel/modules_disabled so rootkits have to work a bit harder than that. But yeah, crash.ko is a rootkit-and-other-badness-enabler as it stands today. Thanks, Ingo -- To unsubscribe from this list: send the line "unsubscribe linux-ia64" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html