Re: [tip:x86/asm] x86/umip: Add emulation code for UMIP instructions

From: Paolo Bonzini
Date: Wed Nov 08 2017 - 12:14:33 EST

Next message: Fengguang Wu: "Re: [vlan_device_event] BUG: unable to handle kernel paging request at 6b6b6ccf"
Previous message: Andrew Gabbasov: "[PATCH] usb: gadget: f_fs: Fix use-after-free in ffs_free_inst"
In reply to: Denys Vlasenko: "Re: [tip:x86/asm] x86/umip: Add emulation code for UMIP instructions"
Next in thread: Denys Vlasenko: "Re: [tip:x86/asm] x86/umip: Add emulation code for UMIP instructions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 08/11/2017 18:09, Denys Vlasenko wrote:
> On 11/08/2017 05:57 PM, Linus Torvalds wrote:
>> On Wed, Nov 8, 2017 at 8:53 AM, Denys Vlasenko <dvlasenk@xxxxxxxxxx>
>> wrote:
>>> We can postpone enabling UMIP by default by a year or so.
>>> By this time, new Wine will be on majority of users' machines.
>>
>> So you are suggesting we run unnecessarily insecure, only in order to
>> not do the emulation that we already have the code for and that the
>> patch implements?
>
> We ran insecure in this way for ~25 years.
>
>> Why?
>
> To avoid having to maintain more obscure, rarely executed code.

As a start, you could propose a patch to disable the emulation code
through a sysctl or Kconfig symbol. I would be surprised if it takes
more time than what you've spent writing emails in this thread.

Paolo

Next message: Fengguang Wu: "Re: [vlan_device_event] BUG: unable to handle kernel paging request at 6b6b6ccf"
Previous message: Andrew Gabbasov: "[PATCH] usb: gadget: f_fs: Fix use-after-free in ffs_free_inst"
In reply to: Denys Vlasenko: "Re: [tip:x86/asm] x86/umip: Add emulation code for UMIP instructions"
Next in thread: Denys Vlasenko: "Re: [tip:x86/asm] x86/umip: Add emulation code for UMIP instructions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]