| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Sep 2010 18:56:05 +0100 From: Alan Cox <alan@...rguk.ukuu.org.uk> To: Nick Lowe <nick.lowe@...il.com> Cc: Hans-Peter Jansen <hpj@...la.net>, linux-kernel@...r.kernel.org Subject: Re: AMD Geode NOPL emulation for kernel 2.6.36-rc2 > If a process crashes because of NOPL usage, you get the feedback loop to fix it. Trouble is that means rebuilding entire distributios, who don't neccessarily care about Geode. We had the same problem before with cmov and the VIA processors, GCC programmers didn't read the Intel PPro manual and got it wrong but it was the end users who suffered, and most of them were not in a position to rebuild their distro (and every security update, and test them all ...) and their distro didn't care. So lots of people ran a kernel with a CMOV hack in it - never got mainstream which is unfortunate because if it had it would have helped a lot more people and had the hole in it fixed. > The beauty of open source is that we can recompile to correct the bad > assumption; the latest version of binutils (GAS) finally corrects the > bad semantic that generic i686 includes NOPL. And the reality is that this won't happen. Yes you can do it but it's an enormously slow and inefficient way to tackle the problem. So the patch (corrected) makes complete sense. Alan -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists