lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 13 Feb 2024 13:49:05 +0200
From: Nikolay Borisov <nik.borisov@...e.com>
To: Borislav Petkov <bp@...en8.de>, Hanno Böck
 <hanno@...eck.de>
Cc: tglx@...utronix.de, mingo@...hat.com, dave.hansen@...ux.intel.com,
 x86@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86: Improve description of
 IA32_EMULATION_DEFAULT_DISABLED



On 6.02.24 г. 16:58 ч., Borislav Petkov wrote:
> On Tue, Jan 30, 2024 at 10:45:43AM +0100, Hanno Böck wrote:
>> The description of the option disables a default, but does not mention
>> how to change that default. To make it easier to find out, mention boot
>> parameter ia32_emulation.
>>
>> Signed-off-by: Hanno Böck <hanno@...eck.de>
>> ---
>>
>> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
>> index 5edec175b..a65ff33e0 100644
>> --- a/arch/x86/Kconfig
>> +++ b/arch/x86/Kconfig
>> @@ -3006,8 +3006,10 @@ config IA32_EMULATION_DEFAULT_DISABLED
>>   	depends on IA32_EMULATION
>>   	help
>>   	  Make IA32 emulation disabled by default. This prevents loading 32-bit
>> -	  processes and access to 32-bit syscalls. If unsure, leave it to its
>> -	  default value.
>> +	  processes and access to 32-bit syscalls. If set, IA32 emulation can be
>> +	  re-enabled with the boot parameter ia32_emulation=true.
> 
> That sentence should say one can enable it *dynamically* with the cmdline
> param.
> 
> But this text reads weird: if I want to enable it, then I won't set
> IA32_EMULATION_DEFAULT_DISABLED in the first place and I won't have that
> problem.
> 
> So the use case must be something along the lines of, ia32 emu is
> default-disabled at build time but for certain cases where one wants it,
> one can still enable it per-boot with a cmdline param.
> 
> So what's the story here?

The use case is if a distribution wants to disable ia32 emu by default 
but at the same time wants to give users the ability to override it. 
Which is pretty much the use case you presented.

> 
> Thx.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ