On Jun 16, 7:18am, al...@yandex.ru (Alexander Nasonov) wrote: -- Subject: Re: dump to cgdNb device
| Christos Zoulas wrote: | > That means that either cpu_dump or the next function returned ENXIO. | > The code is very careful to dump only on partitions that are marked as | > swap and on devices it knows about to avoid accidents. Dumping on | > "software" devices is very dangerous since typically when you are dumping | > you've probably corrupted memory already. | | There is a risk even with hardware devices but it's smaller because less | software is involved. Dumping to cgd is a quite important usecase and | perhaps we should make an exception. Would it help to RO protect some | data structures like private keys? Well, we could make an exception on cgd... We have to think carefully what to do to make it safer. Perhaps it should be turned on via a sysctl or a kernel option only? christos
