lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 8 Jul 2015 16:04:03 +0200
From:	Ingo Molnar <mingo@...nel.org>
To:	Thomas Gleixner <tglx@...utronix.de>
Cc:	Arjan van de Ven <arjan@...ux.intel.com>,
	Andy Lutomirski <luto@...nel.org>, x86@...nel.org,
	LKML <linux-kernel@...r.kernel.org>,
	Oleg Nesterov <oleg@...hat.com>,
	Kees Cook <keescook@...omium.org>,
	Peter Zijlstra <peterz@...radead.org>,
	Borislav Petkov <bp@...en8.de>,
	Linus Torvalds <torvalds@...ux-foundation.org>
Subject: Re: [PATCH] x86/kconfig/32: Mark CONFIG_VM86 as BROKEN


* Thomas Gleixner <tglx@...utronix.de> wrote:

> On Tue, 7 Jul 2015, Arjan van de Ven wrote:
> 
> > On 7/7/2015 6:25 PM, Andy Lutomirski wrote:
> > > VM86 is entirely broken if ptrace, syscall auditing, or NOHZ_FULL is
> > > in use.  The code is a big undocumented mess, it's a real PITA to
> > > test, and it looks like a big chunk of vm86_32.c is dead code.  It
> > > also plays awful games with the entry asm.
> > > 
> > > No one should be using it anyway.  Use DOSBOX or KVM instead.
> > > 
> > > Mark it BROKEN.  I want to remove some (obviously incorrect) exit
> > > asm that it depends on, and I don't want to figure out how to run
> > > severely obsolete programs just to test something that no one uses
> > > for anything other than exploits anyway.
> > > 
> > 
> > while it is never great to deprecate features, in this case I am not sure
> > there is another choice unless someone steps up to seriously revamp this code.
> > (and look at it from a PREEMPT, NO_HZ etc etc angle)
> 
> Aside of being broken in so many aspects it's even more obsolete than
> 386 support, we should just remove it right away.

Yes - marking is BROKEN essentially makes it impossible to build it without 
changing the kernel source, so the next patch(es) could remove it.

But the 'marking BROKEN' patch will be much easier to backport, so I'd like to 
keep it separate.

Thanks,

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ