Re: [linux-pm] [RFC] userland swsusp

[Pavel Machek]

Hi!

>  > > Just for info: If this goes in, Red Hat/Fedora kernels will fork
>  > > swsusp development, as this method just will not work there.
>  > > (We have a restricted /dev/mem that prevents writes to arbitary
>  > >  memory regions, as part of a patchset to prevent rootkits)
>  > 
>  > Perhaps it is trying to tell you that you should be using SELinux rules
>  > not kernel hacks for this purpose ?
> 
> I don't think selinux can give you the granularity to say
> "process can access this bit of the file only", at least not yet.
> 
> Even if that was capable however, it still doesn't solve the problem.
> Pavel's implementation wants to write to arbitary address spaces, which is
> what we're trying to prevent. The two are at odds with each other.

I do not think thats a security problem. By definition, suspending code
can change arbitrary things in memory -- it could just write image with
changes it desires, then resume from it. Whether this code is in kernel
or not, it has to be trusted.
-- 
64 bytes from 195.113.31.123: icmp_seq=28 ttl=51 time=448769.1 ms         

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/