lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20141208071125.GA27435@1wt.eu>
Date:	Mon, 8 Dec 2014 08:11:25 +0100
From:	Willy Tarreau <w@....eu>
To:	Ben Hutchings <ben@...adent.org.uk>
Cc:	linux-kernel@...r.kernel.org, stable@...r.kernel.org,
	"H. Peter Anvin" <hpa@...or.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: Re: [ 10/25] x86, espfix: Make it possible to disable 16-bit support

On Mon, Dec 08, 2014 at 02:58:54AM +0000, Ben Hutchings wrote:
> On Sat, 2014-12-06 at 18:41 +0100, Willy Tarreau wrote:
> > 2.6.32-longterm review patch.  If anyone has any objections, please let me know.
> > 
> > ------------------
> > 
> > From: "H. Peter Anvin" <hpa@...or.com>
> > 
> > commit 34273f41d57ee8d854dcd2a1d754cbb546cb548f upstream.
> > 
> > Embedded systems, which may be very memory-size-sensitive, are
> > extremely unlikely to ever encounter any 16-bit software, so make it
> > a CONFIG_EXPERT option to turn off support for any 16-bit software
> > whatsoever.
> > 
> > Signed-off-by: H. Peter Anvin <hpa@...or.com>
> > Link: http://lkml.kernel.org/r/1398816946-3351-1-git-send-email-hpa@linux.intel.com
> > Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> > Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
> > (cherry picked from 3.2 commit 70d87cbbd92a3611655b39003176ee1033796bf7)
> > [wt: backport notes for 2.6.32 :
> >   - Fixed arch/x86/kernel/ldt.c (no IS_ENABLED on 2.6.32).
> >   - No CONFIG_EXPERT condition in 2.6.32.
> > /wt]
> [...]
> 
> It used to be called CONFIG_EMBEDDED, so you could s/EXPERT/EMBEDDED/,
> but it doesn't matter much.

I hesitated on this one and thought that EMBEDDED was currently not selected
by most server configs and users would not necessarily think about enabling
it to discover the new option, since it was made for a different purpose. In
the end, presenting the new option to users is not a bad thing considering
that the purpose is to help them improve their security.

Regards,
Willy

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ