lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 10 Dec 2014 11:41:55 -0800
From:	Dave Hansen <dave.hansen@...ux.intel.com>
To:	Linus Torvalds <torvalds@...ux-foundation.org>,
	Thomas Gleixner <tglx@...utronix.de>
CC:	LKML <linux-kernel@...r.kernel.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	the arch/x86 maintainers <x86@...nel.org>
Subject: Re: [GIT pull] x86 mpx support for 3.19

On 12/10/2014 11:05 AM, Linus Torvalds wrote:
> Why would I want to enable this in my kernel when there are no actual
> CPU's out yet that support it? And even when there are, why would I do
> it if the CPU I have doesn't support it?

For folks that build their own kernels and know what CPU they have,
you'd never want to enable it other than compile testing (or maybe some
basic runtime testing to make sure we didn't mess up the #BR code on
CPUs without the feature).

But, this is the kind of option that we want to be *sure* is enabled
unless folks know exactly what they are doing, so we should probably
hide it behind CONFIG_EXPERT as well, just as SMEP is.

We might be getting to the point where we need to bury all these
Intel-specific options somewhere, but that's a patch for another day.

Patch is attached to convert it over to this:

config X86_INTEL_MPX
        prompt "Intel MPX (Memory Protection Extensions)" if EXPERT
        def_bool y
        depends on CPU_SUP_INTEL
        ---help---
          MPX provides hardware features that can be used in
          conjunction with compiler-instrumented code to check
          memory references.  It is designed to detect buffer
          overflow or underflow bugs.

          Enabling this option will make the kernel larger and
          slightly increase the size of some data structures.

          If unsure, say Y.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists