| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Jul 2015 08:34:23 -0700 From: Andy Lutomirski <luto@...nel.org> To: x86@...nel.org, linux-kernel@...r.kernel.org Cc: Oleg Nesterov <oleg@...hat.com>, Kees Cook <keescook@...omium.org>, Arjan van de Ven <arjan@...ux.intel.com>, Peter Zijlstra <peterz@...radead.org>, Borislav Petkov <bp@...en8.de>, Linus Torvalds <torvalds@...ux-foundation.org>, Austin S Hemmelgarn <ahferroin7@...il.com>, Brian Gerst <brgerst@...il.com>, Matthew Garrett <mjg59@...f.ucam.org>, Andy Lutomirski <luto@...nel.org> Subject: [PATCH v3] x86/kconfig/32: Rename CONFIG_VM86 and default it to n VM86 is entirely broken if ptrace, syscall auditing, or NOHZ_FULL is in use. The code is a big undocumented mess, it's a real PITA to test, and it looks like a big chunk of vm86_32.c is dead code. It also plays awful games with the entry asm. No one should be using it anyway. Use DOSBOX or KVM instead. Let's accelerate its slow death. Remove it from EXPERT and default it to n. Distros should not enable it. In the unlikely event that some user needs it, they can easily re-enable it. While we're at it, rename it to CONFIG_LEGACY_VM86 so that 'make oldconfig' users will be prompted again. I left CONFIG_VM86 as an alias to avoid a treewide replacement of the names. We can clean that up once the current asm and vm86 code churn settles down. Signed-off-by: Andy Lutomirski <luto@...nel.org> --- Take three, this time with a rename at Linus' suggestion. Given that both Brian and I have pending patches that involve the name 'CONFIG_VM86', I left that name as an alias in Kconfig. We can fix that later. arch/x86/Kconfig | 35 ++++++++++++++++++++++++++++------- 1 file changed, 28 insertions(+), 7 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index aa94fd014fa2..45d95e1ab047 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -996,15 +996,36 @@ config X86_THERMAL_VECTOR def_bool y depends on X86_MCE_INTEL -config VM86 - bool "Enable VM86 support" if EXPERT - default y +config LEGACY_VM86 + bool "Legacy VM86 support (obsolete)" + default n depends on X86_32 ---help--- - This option is required by programs like DOSEMU to run - 16-bit real mode legacy code on x86 processors. It also may - be needed by software like XFree86 to initialize some video - cards via BIOS. Disabling this option saves about 6K. + This option allows user programs to put the CPU into V8086 + mode, which is an 80286-era approximation of 16-bit real mode. + + Some very old versions of X and/or vbetool require this option + for user mode setting. Similarly, DOSEMU will use it if + available to accelerate real mode DOS programs. However, any + recent version of DOSEMU, X, or vbetool should be fully + functional even without kernel VM86 support, as they will all + fall back to software emulation. + + Anything that works on a 64-bit kernel is unlikely to need + this option, as 64-bit kernels don't, and can't, support V8086 + mode. This option is also unrelated to 16-bit protected mode + and is not needed to run most 16-bit programs under Wine. + + Enabling this option adds considerable attack surface to the + kernel and slows down system calls and exception handling. + + Unless you use very old userspace or need the last drop of + performance in your real mode DOS games and can't use KVM, say + N here. + +config VM86 + bool + default LEGACY_VM86 config X86_16BIT bool "Enable support for 16-bit segments" if EXPERT -- 2.4.3 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists