From: Stas Sergeev <stsp@list.ru>
To: Andrew Bird <ajb@spheresystems.co.uk>
Cc: Felix Miata <mrmazda@earthlink.net>, linux-msdos@vger.kernel.org
Subject: Re: Warning about kernel 4.2 performance (revised)
Date: Mon, 5 Oct 2015 14:20:41 +0300 [thread overview]
Message-ID: <56125D09.4000108@list.ru> (raw)
In-Reply-To: <20151005104705.7b2df50cac63a976412ecc22@spheresystems.co.uk>
05.10.2015 12:47, Andrew Bird пишет:
> Mmm, that thread is full of the same old rhetoric (i.e. it must be a risk as no one can be bothered/has time to check it and users
> must be prevented from hurting themselves even if they've already jumped through hoops to enable mm.vm_addr=0, which is a known security
> risk, so that dosemu can function with cpuemu=off). I do fail to see why the default can't have the vm86() syscall compiled in, but
> disabled by default at run time.
As Felix pointed, this is exactly what happens.
But really, having never delivering dosemu, keeping vm86
ON is pretty useless for them, so I won't bet on this to
stay forever. But now as it can be disabled at run-time -
the chances are big they'll no longer re-visit this subject
and leave it as is.
Note that AFAIK dosemu can't use vm86 on fedora even if
enabled both compile-time and run-time, because selinux
then prevents mapping zero page even if you enabled it in
mmap_min_addr (but I may be wrong, someone needs to double-check
also this). The security threat may come from the fact
that you need to disable selinux.
> Regarding RHEL kernels, I've used CentOS 3, 4, 5 and 6 successfully with Dosemu cpuemu=off, so CONFIG_VM86=y was set on those.
Have you disabled selinux?
--
To unsubscribe from this list: send the line "unsubscribe linux-msdos" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2015-10-05 11:20 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-03 7:56 Warning about kernel 4.2 performance Andrew Bird
2015-10-04 4:27 ` solarflow99
2015-10-04 7:16 ` Andrew Bird
2015-10-04 8:35 ` Felix Miata
2015-10-04 9:27 ` Andrew Bird
2015-10-04 10:32 ` Warning about kernel 4.2 performance (revised) Andrew Bird
2015-10-04 17:26 ` Felix Miata
2015-10-04 17:36 ` Stas Sergeev
2015-10-05 9:47 ` Andrew Bird
2015-10-05 11:20 ` Stas Sergeev [this message]
2015-10-05 12:03 ` Andrew Bird
[not found] ` <CABHtM7Wn44rMU11iKx8H2Z3gZMwWzLKfD7b+KZP8m+1RRmxQ3A@mail.gmail.com>
2015-10-14 18:46 ` Fwd: " Bart Oldeman
2015-10-14 19:10 ` Paul Crawford
2015-10-14 22:08 ` Stas Sergeev
2015-10-16 2:07 ` solarflow99
2015-10-16 20:20 ` Stas Sergeev
2015-10-04 16:55 ` Warning about kernel 4.2 performance Stas Sergeev
2015-10-04 20:45 ` solarflow99
2015-10-05 9:33 ` Andrew Bird
2015-10-05 10:05 ` Stas Sergeev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56125D09.4000108@list.ru \
--to=stsp@list.ru \
--cc=ajb@spheresystems.co.uk \
--cc=linux-msdos@vger.kernel.org \
--cc=mrmazda@earthlink.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.