On Mon, 4 Jul 2022 at 18:38, Will Deacon <will@xxxxxxxxxx> wrote: > > On Mon, Jul 04, 2022 at 10:34:07PM +0800, guanghui.fgh wrote: > > Thanks. > > > > 在 2022/7/4 22:23, Will Deacon 写道: > > > On Mon, Jul 04, 2022 at 10:11:27PM +0800, guanghui.fgh wrote: ... > > > > Namely, it's need to use non block/section mapping for crashkernel mem > > > > before shringking. > > > > > > Well, yes, but we can change arch_kexec_[un]protect_crashkres() not to do > > > that if we're leaving the thing mapped, no? > > > > > I think we should use arch_kexec_[un]protect_crashkres for crashkernel mem. > > > > Because when invalid crashkernel mem pagetable, there is no chance to rd/wr > > the crashkernel mem by mistake. > > > > If we don't use arch_kexec_[un]protect_crashkres to invalid crashkernel mem > > pagetable, there maybe some write operations to these mem by mistake which > > may cause crashkernel boot error and vmcore saving error. > > I don't really buy this line of reasoning. The entire main kernel is > writable, so why do we care about protecting the crashkernel so much? The > _code_ to launch the crash kernel is writable! If you care about preventing > writes to memory which should not be writable, then you should use > rodata=full. > This is not entirely true - the core kernel text and rodata are remapped r/o in the linear map, whereas all module code and rodata are left writable when rodata != full. But the conclusion is the same, imo: if you can't be bothered to protect a good chunk of the code and rodata that the kernel relies on, why should the crashkernel be treated any differently?
