Re: [linux-pm] [RFC] userland swsusp

From: Pavel Machek
Date: Sun Nov 20 2005 - 16:23:07 EST


> > > Just for info: If this goes in, Red Hat/Fedora kernels will fork
> > > swsusp development, as this method just will not work there.
> > > (We have a restricted /dev/mem that prevents writes to arbitary
> > > memory regions, as part of a patchset to prevent rootkits)
> >
> > Perhaps it is trying to tell you that you should be using SELinux rules
> > not kernel hacks for this purpose ?
> I don't think selinux can give you the granularity to say
> "process can access this bit of the file only", at least not yet.
> Even if that was capable however, it still doesn't solve the problem.
> Pavel's implementation wants to write to arbitary address spaces, which is
> what we're trying to prevent. The two are at odds with each other.

I do not think thats a security problem. By definition, suspending code
can change arbitrary things in memory -- it could just write image with
changes it desires, then resume from it. Whether this code is in kernel
or not, it has to be trusted.
64 bytes from icmp_seq=28 ttl=51 time=448769.1 ms

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at