Dne P? 1. ?ervence 2011 16:46:41 Ingo Molnar napsal(a):

* Christoph Hellwig [off-list ref] wrote:

quoted

On Fri, Jul 01, 2011 at 04:37:35PM +0200, Ingo Molnar wrote:

quoted

After initial modules have loaded i essentially disable crash.ko
via /proc/sys/kernel/modules_disabled so rootkits have to work a
bit harder than that.

Not sure for fedora as I don'[t have a kernel tree at hand right
now, but for x86 systems at least RHEL6 has the module built in.
[...]

Fedora Rawhide has it modular:

 # grep CRASH /boot/config-2.6.38-0.rc7.git2.3.fc16.x86_64
 CONFIG_CRASH=m

 # rpm -ql kernel-2.6.38-0.rc7.git2.3.fc16.x86_64 | grep crash
 /lib/modules/2.6.38-0.rc7.git2.3.fc16.x86_64/kernel/drivers/char/crash.ko

quoted

[...]  Either way we'll need some way to support crash properly in
mainline, preferably in a boot-time opt-in way. [...]

Yes, boot-time opt-in was what i suggested.

quoted

[...] I'd tend slightly toward optionally enabling /dev/mem for it
instead of a separate driver, but if people prefer a different
route I'm fine, too.

No, sharing the driver is perfectly fine and sane as long as this
weird usage is not enabled widely.

Note that if you want to solve the Fedora case, you want to make STRICT_DEVMEM 
run-time configurable. My patch set does nothing about it. It merely tries to 
fix the highmem deficiency (actually, the first patch is a plain bugfix on any 
architecture where loff_t is larger than long).

The STRICT_DEVMEM logic is implemented in range_is_allowed(), and I leave it 
as-is.

quoted

Note that for normal crash usage read only access is just fine.

That's true as well. Petr?

Yes, that's true. Although there is some write support in crash, I have never 
ever felt the need to use it, and I've been using crash a lot in the last 5 
years.

Thanks,
Petr Tesarik