* Removal of the kernel code/data/bss resources does break kexec/kdump
@ 2016-04-14 10:14 Freeman Zhang
2016-04-14 11:07 ` Emrah Demir
2016-04-14 11:26 ` Baoquan He
0 siblings, 2 replies; 13+ messages in thread
From: Freeman Zhang @ 2016-04-14 10:14 UTC (permalink / raw)
To: torvalds; +Cc: ed, kexec
Mr. Torvalds,
I do notice your recent commit:
> commit c4004b02f8e5b9ce357a0bb1641756cc86962664
> Author: Linus Torvalds <torvalds@linux-foundation.org>
> Date: Wed Apr 6 13:45:07 2016 -0700
>
> x86: remove the kernel code/data/bss resources from /proc/iomem
>
> Let's see if anybody even notices. I doubt anybody uses this, and it
> does expose addresses that should be randomized, so let's just remove
> the code. It's old and traditional, and it used to be cute, but we
> should have removed this long ago.
>
> If it turns out anybody notices and this breaks something, we'll have to
> revert this, and maybe we'll end up using other approaches instead
> (using %pK or similar). But removing unnecessary code is always the
> preferred option.
Removal of these information causes 'kexec/kdump' to fail in the newer
kernel, as 'kexec/arch/i386/crashdump-x86.c' is coded this way:
/* Read kernel physical load addr from the file returned by proc_iomem()
* (Kernel Code) and store in kexec_info */
static int get_kernel_paddr(struct kexec_info *UNUSED(info),
struct crash_elf_info *elf_info)
{
...
if (parse_iomem_single("Kernel code\n", &start, NULL) == 0) {
elf_info->kern_paddr_start = start;
dbgprintf("kernel load physical addr start = 0x%016Lx\n",
(unsigned long long)start);
return 0;
}
fprintf(stderr, "Cannot determine kernel physical load addr\n");
return -1;
}
Should we revert this commit, or update kexec/kdump code?
Great respect!
Freeman
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
^ permalink raw reply [flat|nested] 13+ messages in thread* Re: Removal of the kernel code/data/bss resources does break kexec/kdump 2016-04-14 10:14 Removal of the kernel code/data/bss resources does break kexec/kdump Freeman Zhang @ 2016-04-14 11:07 ` Emrah Demir 2016-04-14 17:40 ` Linus Torvalds 2016-04-14 11:26 ` Baoquan He 1 sibling, 1 reply; 13+ messages in thread From: Emrah Demir @ 2016-04-14 11:07 UTC (permalink / raw) To: Freeman Zhang; +Cc: kexec, torvalds On 2016-04-14 06:14, Freeman Zhang wrote: > Mr. Torvalds, > > I do notice your recent commit: > >> commit c4004b02f8e5b9ce357a0bb1641756cc86962664 >> Author: Linus Torvalds <torvalds@linux-foundation.org> >> Date: Wed Apr 6 13:45:07 2016 -0700 >> >> x86: remove the kernel code/data/bss resources from /proc/iomem >> >> Let's see if anybody even notices. I doubt anybody uses this, and it >> does expose addresses that should be randomized, so let's just remove >> the code. It's old and traditional, and it used to be cute, but we >> should have removed this long ago. >> >> If it turns out anybody notices and this breaks something, we'll have >> to >> revert this, and maybe we'll end up using other approaches instead >> (using %pK or similar). But removing unnecessary code is always the >> preferred option. > > Removal of these information causes 'kexec/kdump' to fail in the newer > kernel, as 'kexec/arch/i386/crashdump-x86.c' is coded this way: > > > /* Read kernel physical load addr from the file returned by > proc_iomem() > * (Kernel Code) and store in kexec_info */ > static int get_kernel_paddr(struct kexec_info *UNUSED(info), > struct crash_elf_info *elf_info) > { > ... > > if (parse_iomem_single("Kernel code\n", &start, NULL) == 0) { > elf_info->kern_paddr_start = start; > dbgprintf("kernel load physical addr start = 0x%016Lx\n", > (unsigned long long)start); > return 0; > } > > fprintf(stderr, "Cannot determine kernel physical load addr\n"); > return -1; > } > > > Should we revert this commit, or update kexec/kdump code? > Ubuntu also has some issues with this patch. I think there are several issue that hasn't been noticed. It would be better you to revert this patch. Updating kexec/kdump might not solve this problem. Kees Cook proposed to write a %pK formatted patch. This would solve most of the problems. https://lkml.org/lkml/2016/4/14/18 Best regards! Emrah Demir _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: Removal of the kernel code/data/bss resources does break kexec/kdump 2016-04-14 11:07 ` Emrah Demir @ 2016-04-14 17:40 ` Linus Torvalds 2016-04-14 20:27 ` Emrah Demir 0 siblings, 1 reply; 13+ messages in thread From: Linus Torvalds @ 2016-04-14 17:40 UTC (permalink / raw) To: Emrah Demir; +Cc: Freeman Zhang, kexec On Thu, Apr 14, 2016 at 4:07 AM, Emrah Demir <ed@abdsec.com> wrote: > > Kees Cook proposed to write a %pK formatted patch. This would solve most of > the problems. Actually, %pK is horrible in /proc and /sys files, and does the wrong thing. It uses the current creds for deciding what to do, which is exactly the wrong thing (for all the usual reasons) for a file access from a security standpoint. Sadly, almost every use of %pK gets this wrong. Thankfully, it's much less of a problem for reads than for writes, but it's still wrong. A file access should use "file->f_cred", but the seq_file interface sadly doesn't expose any way to do that. I'll take a look, but it's non-trivial to get right. %pK turns out to have been seriously mis-designed, and is basically almost always a bug. Linus _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: Removal of the kernel code/data/bss resources does break kexec/kdump 2016-04-14 17:40 ` Linus Torvalds @ 2016-04-14 20:27 ` Emrah Demir 2016-04-15 1:02 ` Linus Torvalds 0 siblings, 1 reply; 13+ messages in thread From: Emrah Demir @ 2016-04-14 20:27 UTC (permalink / raw) To: Linus Torvalds; +Cc: Freeman Zhang, linus971, kexec On 2016-04-14 13:40, Linus Torvalds wrote: > > Actually, %pK is horrible in /proc and /sys files, and does the wrong > thing. > I agree with that, but for now there is no way to make things right in /proc or /sys. > > A file access should use "file->f_cred", but the seq_file interface > sadly doesn't expose any way to do that. > > I'll take a look, but it's non-trivial to get right. %pK turns out to > have been seriously mis-designed, and is basically almost always a > bug. > > Linus In another way, maybe it's good to remove code dependencies on /proc sensitive files like /proc/iomem. Kees Coook: "it looks like at least Ubuntu's kernel security test suite expects to find these entries (when it verifies that STRICT_DEVMEM hasn't regressed)" Freeman Zhang: "Removal of these information causes 'kexec/kdump' to fail in the newer kernel" Removing such dependencies would make things better and code/bss/data sections could be removed. _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: Removal of the kernel code/data/bss resources does break kexec/kdump 2016-04-14 20:27 ` Emrah Demir @ 2016-04-15 1:02 ` Linus Torvalds 2016-04-15 4:41 ` Kees Cook 2016-04-19 9:04 ` Dave Young 0 siblings, 2 replies; 13+ messages in thread From: Linus Torvalds @ 2016-04-15 1:02 UTC (permalink / raw) To: Emrah Demir Cc: Kees Cook, Baoquan He, Freeman Zhang, kexec, Zhengyu Zhang, Dave Young On Thu, Apr 14, 2016 at 1:27 PM, Emrah Demir <ed@abdsec.com> wrote: > On 2016-04-14 13:40, Linus Torvalds wrote: >> >> >> Actually, %pK is horrible in /proc and /sys files, and does the wrong >> thing. > > I agree with that, but for now there is no way to make things right in /proc > or /sys. Well, there is now. I've pushed out my attempt at fixing things properly. Please check that kexec works - and if kexec ends up reading that file as non-root, I don't know what to say/do. Here's the three relevant cases: cat /proc/iomem sudo cat /proc/iomem sudo cat < /proc/iomem and two of them will now show the resource ranges as just plain zeroes. But yes, it needed extra infrastructure to be able to get this right. Note that while %pK is always wrong in /proc and /sys files, in this case it would have been particularly wrong, since the values can be 64-bit even on a 32-bit architecture, so trying to show them as pointers would have gotten not just the capability handling wrong, it would have truncated a 64-bit value to 32 bits in that case. Linus _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: Removal of the kernel code/data/bss resources does break kexec/kdump 2016-04-15 1:02 ` Linus Torvalds @ 2016-04-15 4:41 ` Kees Cook 2016-04-15 15:46 ` Emrah Demir 2016-04-19 9:04 ` Dave Young 1 sibling, 1 reply; 13+ messages in thread From: Kees Cook @ 2016-04-15 4:41 UTC (permalink / raw) To: Linus Torvalds Cc: Baoquan He, Freeman Zhang, Kexec Mailing List, Zhengyu Zhang, Emrah Demir, Dave Young On Thu, Apr 14, 2016 at 6:02 PM, Linus Torvalds <torvalds@linux-foundation.org> wrote: > On Thu, Apr 14, 2016 at 1:27 PM, Emrah Demir <ed@abdsec.com> wrote: >> On 2016-04-14 13:40, Linus Torvalds wrote: >>> >>> >>> Actually, %pK is horrible in /proc and /sys files, and does the wrong >>> thing. >> >> I agree with that, but for now there is no way to make things right in /proc >> or /sys. > > Well, there is now. > > I've pushed out my attempt at fixing things properly. Please check > that kexec works - and if kexec ends up reading that file as non-root, > I don't know what to say/do. > > Here's the three relevant cases: > > cat /proc/iomem > sudo cat /proc/iomem > sudo cat < /proc/iomem > > and two of them will now show the resource ranges as just plain > zeroes. But yes, it needed extra infrastructure to be able to get this > right. > > Note that while %pK is always wrong in /proc and /sys files, in this > case it would have been particularly wrong, since the values can be > 64-bit even on a 32-bit architecture, so trying to show them as > pointers would have gotten not just the capability handling wrong, it > would have truncated a 64-bit value to 32 bits in that case. Yup, that's why I was saying I was going to try to cook something up for -next. It isn't a trivial change. :) Thanks for fixing it up! -Kees -- Kees Cook Chrome OS & Brillo Security _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: Removal of the kernel code/data/bss resources does break kexec/kdump 2016-04-15 4:41 ` Kees Cook @ 2016-04-15 15:46 ` Emrah Demir 2016-04-15 16:48 ` Linus Torvalds 0 siblings, 1 reply; 13+ messages in thread From: Emrah Demir @ 2016-04-15 15:46 UTC (permalink / raw) To: Kees Cook Cc: Baoquan He, Freeman Zhang, Kexec Mailing List, Zhengyu Zhang, Linus Torvalds, keescook, Dave Young [-- Attachment #1: Type: text/plain, Size: 1041 bytes --] On 2016-04-15 00:41, Kees Cook wrote: > On Thu, Apr 14, 2016 at 6:02 PM, Linus Torvalds > <torvalds@linux-foundation.org> wrote: >> On Thu, Apr 14, 2016 at 1:27 PM, Emrah Demir <ed@abdsec.com> wrote: >>> On 2016-04-14 13:40, Linus Torvalds wrote: >> I've pushed out my attempt at fixing things properly. Please check >> that kexec works - and if kexec ends up reading that file as non-root, >> I don't know what to say/do. >> >> Here's the three relevant cases: >> >> cat /proc/iomem >> sudo cat /proc/iomem >> sudo cat < /proc/iomem >> >> and two of them will now show the resource ranges as just plain >> zeroes. But yes, it needed extra infrastructure to be able to get this >> right. >> > > Yup, that's why I was saying I was going to try to cook something up > for -next. It isn't a trivial change. :) Thanks for fixing it up! > file_ns_capable bring some problems. I used capable and now there is no problem as far as I tested. It'is attached. Note: I couldn't write "Noted-by:, Reported-by:" Could you write them [-- Warning: decoded text below may be mangled, UTF-8 assumed --] [-- Attachment #2: 0001-proc-iomem-only-expose-physical-resource-addresses-t.patch --] [-- Type: text/x-diff; name=0001-proc-iomem-only-expose-physical-resource-addresses-t.patch, Size: 1918 bytes --] From 3f17bf8b1e9e129cdaf478a9e83a648b27f6fe73 Mon Sep 17 00:00:00 2001 From: Emrah Demir <ed@abdsec.com> Date: Fri, 15 Apr 2016 18:34:12 +0300 Subject: [PATCH] /proc/iomem: only expose physical resource addresses to top user fixing capability MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In commit 51d7b120418e99d6b3bf8df9eb3cc31e8171dee4 file_ns_capable used in order to show value as 0, but while building some problems coming up. kernel/resource.c: In function ‘r_show’: kernel/resource.c:116:23: error: ‘struct seq_file’ has no member named ‘file’ if (file_ns_capable(m->file, &init_user_ns, CAP_SYS_ADMIN)) { ^ scripts/Makefile.build:291: recipe for target 'kernel/resource.o' failed make[1]: *** [kernel/resource.o] Error 1 so instead of file_ns_capable using capable solves problem. It's now working. ltr@reces-0:~$ cat /proc/iomem 00000000-00000000 : reserved 00000000-00000000 : System RAM 00000000-00000000 : reserved 00000000-00000000 : PCI Bus 0000:00 00000000-00000000 : Video ROM 00000000-00000000 : Adapter ROM 00000000-00000000 : reserved root@reces-0:/home/ltr# cat /proc/iomem 00000000-00000fff : reserved 00001000-0009dbff : System RAM 0009dc00-0009ffff : reserved 000a0000-000bffff : PCI Bus 0000:00 000c0000-000cedff : Video ROM 000cf000-000cffff : Adapter ROM 000e0000-000fffff : reserved Signed-off-by: Emrah Demir <ed@abdsec.com> --- kernel/resource.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/resource.c b/kernel/resource.c index c7727db..52a27e3 100644 --- a/kernel/resource.c +++ b/kernel/resource.c @@ -113,7 +113,7 @@ static int r_show(struct seq_file *m, void *v) if (p->parent == root) break; - if (file_ns_capable(m->file, &init_user_ns, CAP_SYS_ADMIN)) { + if (capable(CAP_SYS_ADMIN)) { start = r->start; end = r->end; } else { -- 2.8.0.rc3 [-- Attachment #3: Type: text/plain, Size: 143 bytes --] _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec ^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: Removal of the kernel code/data/bss resources does break kexec/kdump 2016-04-15 15:46 ` Emrah Demir @ 2016-04-15 16:48 ` Linus Torvalds 2016-04-15 17:08 ` Emrah Demir 0 siblings, 1 reply; 13+ messages in thread From: Linus Torvalds @ 2016-04-15 16:48 UTC (permalink / raw) To: Emrah Demir Cc: Kees Cook, Baoquan He, Freeman Zhang, Kexec Mailing List, Zhengyu Zhang, Kees Cook, Dave Young On Fri, Apr 15, 2016 at 8:46 AM, Emrah Demir <ed@abdsec.com> wrote: > > file_ns_capable bring some problems. No it does not. file_ns_capable() is _required_ for security. We have had several security issues with file IO doing "capable()", and it's wrong and insecure. > I used capable and now there is no problem as far as I tested. You just screwed up the security, and with your change, a suid application can be fooled into making the hidden data available to non-secure users. "capable()" is wrong. For file reading, you *have* to use file_ns_capable(). It really is that simple. You should not test the capabilities of the process, you should be testing the capabilities of the file descriptor, which comes from the *open-time* capabilities. It sounds like you applied just the patch to kernel/resource.c, without applying the infrastructure patch. You also need commit 34dbbcdbf633 ("Make file credentials available to the seqfile interfaces"). Linus _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: Removal of the kernel code/data/bss resources does break kexec/kdump 2016-04-15 16:48 ` Linus Torvalds @ 2016-04-15 17:08 ` Emrah Demir 0 siblings, 0 replies; 13+ messages in thread From: Emrah Demir @ 2016-04-15 17:08 UTC (permalink / raw) To: Linus Torvalds Cc: Kees Cook, Baoquan He, Freeman Zhang, linus971, Kexec Mailing List, Zhengyu Zhang, Kees Cook, Dave Young On 2016-04-15 12:48, Linus Torvalds wrote: > On Fri, Apr 15, 2016 at 8:46 AM, Emrah Demir <ed@abdsec.com> wrote: >> >> file_ns_capable bring some problems. > > No it does not. file_ns_capable() is _required_ for security. We have > had several security issues with file IO doing "capable()", and it's > wrong and insecure. Of course file_ns_capable() is required, I didn't know you made some changes in include/linux/seq_file.h file >> I used capable and now there is no problem as far as I tested. > > You just screwed up the security, and with your change, a suid > application can be fooled into making the hidden data available to > non-secure users. > Sorry for screwing up the security. I would never wish to do that. As you said a suid application could screw up things. > "capable()" is wrong. For file reading, you *have* to use > file_ns_capable(). It really is that simple. You should not test the > capabilities of the process, you should be testing the capabilities of > the file descriptor, which comes from the *open-time* capabilities. > > It sounds like you applied just the patch to kernel/resource.c, > without applying the infrastructure patch. > > You also need commit 34dbbcdbf633 ("Make file credentials available to > the seqfile interfaces"). > Yeah, you are right. I didn't see that commit. It's okay now. Thank you! -Emrah _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: Removal of the kernel code/data/bss resources does break kexec/kdump 2016-04-15 1:02 ` Linus Torvalds 2016-04-15 4:41 ` Kees Cook @ 2016-04-19 9:04 ` Dave Young 2016-04-19 16:20 ` Linus Torvalds 1 sibling, 1 reply; 13+ messages in thread From: Dave Young @ 2016-04-19 9:04 UTC (permalink / raw) To: Linus Torvalds Cc: Kees Cook, Baoquan He, Freeman Zhang, kexec, Zhengyu Zhang, Emrah Demir On 04/14/16 at 06:02pm, Linus Torvalds wrote: > On Thu, Apr 14, 2016 at 1:27 PM, Emrah Demir <ed@abdsec.com> wrote: > > On 2016-04-14 13:40, Linus Torvalds wrote: > >> > >> > >> Actually, %pK is horrible in /proc and /sys files, and does the wrong > >> thing. > > > > I agree with that, but for now there is no way to make things right in /proc > > or /sys. > > Well, there is now. > > I've pushed out my attempt at fixing things properly. Please check > that kexec works - and if kexec ends up reading that file as non-root, > I don't know what to say/do. > Checked kexec/kdump, for kdump it will read /proc/kcore, /proc/kcore is root only thus it will be fine with the changes. Though in the comment of kexec_load syscall it says "for obvious reasons only root may call it", but in the code it is using: if (!capable(CAP_SYS_BOOT) || kexec_load_disabled) return -EPERM; So for kexec CAP_SYS_BOOT is enough, not necessarily to be root. It is not clear how to handle it, maybe we can assume nobody is using it as non-root, leave it as is or just add |CAP_SYS_BOOT for /proc/iomem? Thanks Dave _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: Removal of the kernel code/data/bss resources does break kexec/kdump 2016-04-19 9:04 ` Dave Young @ 2016-04-19 16:20 ` Linus Torvalds 2016-04-20 1:13 ` Dave Young 0 siblings, 1 reply; 13+ messages in thread From: Linus Torvalds @ 2016-04-19 16:20 UTC (permalink / raw) To: Dave Young Cc: Kees Cook, Baoquan He, Freeman Zhang, Kexec Mailing List, Zhengyu Zhang, Emrah Demir On Tue, Apr 19, 2016 at 2:04 AM, Dave Young <dyoung@redhat.com> wrote: > > It is not clear how to handle it, maybe we can assume nobody is using it as > non-root, leave it as is or just add |CAP_SYS_BOOT for /proc/iomem? Pretty much nobody uses fine-grained capabilities anyway - they are one of those bad security things that generally add more complexity than value(*) - so I wouldn't worry about it unless you actually find something that cares. Linus (*) The one exception tends to be certain network services that can use CAP_NET_BIND_SERVICE like things to really lower their attack surface. But certainly not one-time things like kexec. _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: Removal of the kernel code/data/bss resources does break kexec/kdump 2016-04-19 16:20 ` Linus Torvalds @ 2016-04-20 1:13 ` Dave Young 0 siblings, 0 replies; 13+ messages in thread From: Dave Young @ 2016-04-20 1:13 UTC (permalink / raw) To: Linus Torvalds Cc: Kees Cook, Baoquan He, Freeman Zhang, Kexec Mailing List, Zhengyu Zhang, Emrah Demir On 04/19/16 at 09:20am, Linus Torvalds wrote: > On Tue, Apr 19, 2016 at 2:04 AM, Dave Young <dyoung@redhat.com> wrote: > > > > It is not clear how to handle it, maybe we can assume nobody is using it as > > non-root, leave it as is or just add |CAP_SYS_BOOT for /proc/iomem? > > Pretty much nobody uses fine-grained capabilities anyway - they are > one of those bad security things that generally add more complexity > than value(*) - so I wouldn't worry about it unless you actually find > something that cares. Agreed that leaving it as is should be fine according to you said about fine-grained capabilities usage. Thanks Dave _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: Removal of the kernel code/data/bss resources does break kexec/kdump 2016-04-14 10:14 Removal of the kernel code/data/bss resources does break kexec/kdump Freeman Zhang 2016-04-14 11:07 ` Emrah Demir @ 2016-04-14 11:26 ` Baoquan He 1 sibling, 0 replies; 13+ messages in thread From: Baoquan He @ 2016-04-14 11:26 UTC (permalink / raw) To: Freeman Zhang; +Cc: kexec, ed, torvalds On 04/14/16 at 06:14pm, Freeman Zhang wrote: > Mr. Torvalds, > > I do notice your recent commit: > > > commit c4004b02f8e5b9ce357a0bb1641756cc86962664 > > Author: Linus Torvalds <torvalds@linux-foundation.org> > > Date: Wed Apr 6 13:45:07 2016 -0700 > > > > x86: remove the kernel code/data/bss resources from /proc/iomem > > > > Let's see if anybody even notices. I doubt anybody uses this, and it > > does expose addresses that should be randomized, so let's just remove > > the code. It's old and traditional, and it used to be cute, but we > > should have removed this long ago. > > > > If it turns out anybody notices and this breaks something, we'll have to > > revert this, and maybe we'll end up using other approaches instead > > (using %pK or similar). But removing unnecessary code is always the > > preferred option. > > Removal of these information causes 'kexec/kdump' to fail in the newer > kernel, as 'kexec/arch/i386/crashdump-x86.c' is coded this way: Yes, kdump need this to construct the program header of elf file for kernel text because users want kernel text included in /proc/vmcore. Now kexec utility relies on /proc/iomem to get the phisical addr of _text. Without /proc/iomem we may need to pass it out or take other ways. > > > /* Read kernel physical load addr from the file returned by proc_iomem() > * (Kernel Code) and store in kexec_info */ > static int get_kernel_paddr(struct kexec_info *UNUSED(info), > struct crash_elf_info *elf_info) > { > ... > > if (parse_iomem_single("Kernel code\n", &start, NULL) == 0) { > elf_info->kern_paddr_start = start; > dbgprintf("kernel load physical addr start = 0x%016Lx\n", > (unsigned long long)start); > return 0; > } > > fprintf(stderr, "Cannot determine kernel physical load addr\n"); > return -1; > } > > > Should we revert this commit, or update kexec/kdump code? > > > Great respect! > Freeman > > _______________________________________________ > kexec mailing list > kexec@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/kexec _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec ^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2016-04-20 1:13 UTC | newest] Thread overview: 13+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2016-04-14 10:14 Removal of the kernel code/data/bss resources does break kexec/kdump Freeman Zhang 2016-04-14 11:07 ` Emrah Demir 2016-04-14 17:40 ` Linus Torvalds 2016-04-14 20:27 ` Emrah Demir 2016-04-15 1:02 ` Linus Torvalds 2016-04-15 4:41 ` Kees Cook 2016-04-15 15:46 ` Emrah Demir 2016-04-15 16:48 ` Linus Torvalds 2016-04-15 17:08 ` Emrah Demir 2016-04-19 9:04 ` Dave Young 2016-04-19 16:20 ` Linus Torvalds 2016-04-20 1:13 ` Dave Young 2016-04-14 11:26 ` Baoquan He
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox