| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 Sep 2022 15:15:15 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: Kees Cook <keescook@...omium.org>, Ard Biesheuvel <ardb@...nel.org>
Cc: Guenter Roeck <linux@...ck-us.net>,
Peter Zijlstra <peterz@...radead.org>,
Dave Hansen <dave.hansen@...ux.intel.com>,
linux-kernel@...r.kernel.org, Darren Hart <dvhart@...radead.org>,
Andy Shevchenko <andy@...radead.org>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
x86@...nel.org, linux-efi@...r.kernel.org,
"H. Peter Anvin" <hpa@...or.com>
Subject: Re: [PATCH] x86/mm+efi: Avoid creating W+X mappings
On 9/23/22 14:19, Kees Cook wrote:
>> But currently, PAE is not even enabled in the i386_defconfig, and
>> defaults to off. This means people that are unaware of this won't
>> enable it, and will be running without NX support.
> And they all make me cry. ;)
It's been like that for a long time, presumably because the defconfig
should *boot* in as many cases as possible. It wouldn't be hard to
change. It also wouldn't be hard to default to HIGHMEM4G (non-PAE) on
targeted builds for CPUs that don't support it. Patch attached to do
that, if anyone else has an opinion.
We should probably just leave i386 alone, but it breaks my heart to see
Kees in tears.
View attachment "pae.patch" of type "text/x-patch" (924 bytes)
Powered by blists - more mailing lists