Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754316AbcDFVcd (ORCPT ); Wed, 6 Apr 2016 17:32:33 -0400 Received: from mail-io0-f177.google.com ([209.85.223.177]:33413 "EHLO mail-io0-f177.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753858AbcDFVcc (ORCPT ); Wed, 6 Apr 2016 17:32:32 -0400 MIME-Version: 1.0 In-Reply-To: References: <1459947782-5071-1-git-send-email-ed@abdsec.com> Date: Wed, 6 Apr 2016 14:32:30 -0700 X-Google-Sender-Auth: v1rdHZ0YJJFLy5FGxAvM89OAUt4 Message-ID: Subject: Re: [PATCH] KERNEL: resource: Fix bug on leakage in /proc/iomem file From: Linus Torvalds To: Kees Cook Cc: Emrah Demir , Linux Kernel Mailing List , Dan Rosenberg , "kernel-hardening@lists.openwall.com" , Dave Jones Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 493 Lines: 14 On Wed, Apr 6, 2016 at 2:27 PM, Kees Cook wrote: > > Hrm, okay. I still think just changing the perms would be less > troublesome. No, that would be much *more* trouble-some, because we have things like bug-reporting documentation that tells people to send /proc/iomem etc information on crashes. There may well be scripts like that out there. So it's much more likely that just removing the "Kernel code" etc lines is not going to break anything. Linus