lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 10 Jul 2015 09:12:51 -0500
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	Andy Lutomirski <luto@...capital.net>
Cc:	Linus Torvalds <torvalds@...ux-foundation.org>,
	Arjan van de Ven <arjan@...ux.intel.com>,
	Andy Lutomirski <luto@...nel.org>,
	"the arch\/x86 maintainers" <x86@...nel.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Oleg Nesterov <oleg@...hat.com>,
	Kees Cook <keescook@...omium.org>,
	Peter Zijlstra <peterz@...radead.org>,
	Borislav Petkov <bp@...en8.de>
Subject: Re: [PATCH] x86/kconfig/32: Mark CONFIG_VM86 as BROKEN

Andy Lutomirski <luto@...capital.net> writes:

> On Wed, Jul 8, 2015 at 9:59 AM, Linus Torvalds
> <torvalds@...ux-foundation.org> wrote:
>> On Tue, Jul 7, 2015 at 7:33 PM, Arjan van de Ven <arjan@...ux.intel.com> wrote:
>>>
>>> if this patch would not be acceptable, at minimum we need some sort of "off
>>> by default
>>> unless the sysadmin flips a sysfs thing", which is really just a huge hack.
>>
>> The only thing that matters is whether people use this or not.
>>
>
> I think that the world contains precisely two programs that use the
> vm86 syscalls.  One is dosemu, and one is a test case I wrote.

Wine used to also call vm86.

> As far as I can tell (and I'll try to test this better for real later
> this week), dosemu already knows how to emulate real mode if vm86 is
> unavailable.  So it's unclear that turning off the vm86 syscalls
> actually breaks anything whatsoever.

Yes.  This happened after 64bit kernels became common years ago, as the
lack of vm86 on 64bit nearly killed the dosemu project.

> On the other hand, sys_vm86 fails if the syscall slow path is in use.
> That means that quite a few Fedora versions (auditing), anything with
> ptrace, seccomp (before 3.16 IIRC), and anything with context tracking
> is probably actually *improved* by turning off the vm86 syscalls even
> for dosemu users.

Is there any chance that vm86 is sufficiently badly broken before this
that we can conclude vm86 is not in use?  It would really simplify this
discussion if we could point to code rot and say that it is clear that
no one has been testing this code path for ages, and that the code can't
possibly work the way it is now.  That would just let us remove vm86.

> It only says "[OK]" because my test case isn't careful enough.  That's
> a failure.  I suspect it was a much worse failure a couple versions
> ago before my ENOSYS-reworking patch went in.
>
> I'll try to confirm later this week that dosemu can really handle real
> mode without sys_vm86.

I have not looked in ages but certainly on 64bit dosemu can.

As someone else pointed out dosemu maps the zero page so that may also
be a point where vm86 support gets broken.

Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ