lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 08 Jul 2015 14:54:34 -0400
From:	Austin S Hemmelgarn <ahferroin7@...il.com>
To:	Linus Torvalds <torvalds@...ux-foundation.org>,
	Andy Lutomirski <luto@...capital.net>
CC:	Arjan van de Ven <arjan@...ux.intel.com>,
	Andy Lutomirski <luto@...nel.org>,
	the arch/x86 maintainers <x86@...nel.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Oleg Nesterov <oleg@...hat.com>,
	Kees Cook <keescook@...omium.org>,
	Peter Zijlstra <peterz@...radead.org>,
	Borislav Petkov <bp@...en8.de>
Subject: Re: [PATCH] x86/kconfig/32: Mark CONFIG_VM86 as BROKEN

On 2015-07-08 13:55, Linus Torvalds wrote:
> On Wed, Jul 8, 2015 at 10:49 AM, Andy Lutomirski <luto@...capital.net> wrote:
>>
>> I don't know how to tell whether something is trying to use real mode,
>> but I can play this just fine in DOSEMU on my 64-bit laptop:
>
> So a 64-bit distro obviously will never have used vm86 mode - it
> doesn't work there. Never has. There's no sane way to get to vm86 mode
> from long mode, that's just how the 64-bit extensions worked.
>
> (64-bit hardware obviously does support vm86 mode, but you have to
> play games with mixing long mode and CPL0 32-bit protected mode to get
> there, and we never did that).
>
> It's the 32-bit distros I would worry about. The ones that may have
> well disabled emulation, because they have vm86 mode enabled.
>
Other than the enterprise distros (which _probably_ don't even have 
dosemu packages, and I'm 99% certain would have VM86 enabled only for 
'backwards compatibility'), I highly doubt that there are any modern 
ones that have real-mode emulation disabled in dosemu, there's just too 
high of a chance of a security minded user building their own kernel 
with VM86 disabled (or they just have it disabled anyway in the distro 
kernel, Ubuntu does this, and I'm pretty sure that Debian and Fedora do 
also).  FWIW, there's no easy way to disable such emulation on Gentoo 
(it is possible, it just requires some significant configuration file 
hacking for portage).



Download attachment "smime.p7s" of type "application/pkcs7-signature" (2967 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ