From: Ingo Molnar <mingo@elte.hu>
To: Linus Torvalds <torvalds@osdl.org>
Cc: Andrew Morton <akpm@osdl.org>, Zachary Amsden <zach@vmware.com>,
jakub@redhat.com, rusty@rustcorp.com.au,
linux-kernel@vger.kernel.org, virtualization@lists.osdl.org,
kraxel@suse.de
Subject: Re: [PATCH] Gerd Hoffman's move-vsyscall-into-user-address-range patch
Date: Mon, 22 May 2006 21:09:47 +0200 [thread overview]
Message-ID: <20060522190947.GA6730@elte.hu> (raw)
In-Reply-To: <Pine.LNX.4.64.0605221045140.3697@g5.osdl.org>
* Linus Torvalds <torvalds@osdl.org> wrote:
> Backwards compatibility is absolutely paramount. Much more important
> than just about anything else.
ok, and i agree that in this particular case we should not break older
glibc. And that's the primary direction i'm going into: i've been trying
to create CONFIG_COMPAT_VDSO [which defaults to =y] variants that both
keep old glibc working and still have the randomization code active.
Having the code active by default is very important because breakages
get noticed early on, etc.
But wrt. binary compatibility, the vdso (ignoring for a moment that it's
tied to other parts of glibc) is kind of border line. Nothing but glibc
knows about its internal structure. So i dont think "binary
compatibility" per se is violated: no app breaks. This is more analogous
to the situation where say old modutils cannot read new modules and the
kernel wont boot at all.
The _real_ argument i think, and the biggest practical difference is
that glibc is _much harder to upgrade_ than other system utilities. So
by _that_ argument i'd say we should avoid forcing a glibc dependency
whenever possible - and that might as well be the right thing to do in
this particular case.
Also, what makes this a bit different for me is that this is a security
feature which always has a "should the fire-door be default-open or
default-closed" type of question, and that's why i'm reluctant to give
up - and at least have compat-vdso code working that triggers most of
the randomization codepaths too.
Ingo
next prev parent reply other threads:[~2006-05-22 19:09 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-05-16 6:03 [PATCH] Gerd Hoffman's move-vsyscall-into-user-address-range patch Rusty Russell
2006-05-16 6:47 ` Ingo Molnar
2006-05-16 8:16 ` Zachary Amsden
2006-05-16 8:40 ` Chris Wright
2006-05-16 8:59 ` Zachary Amsden
2006-05-17 7:49 ` Rusty Russell
2006-05-18 7:54 ` Ingo Molnar
2006-05-18 8:29 ` Gerd Hoffmann
2006-05-20 0:43 ` Andrew Morton
2006-05-20 1:03 ` Ingo Molnar
2006-05-20 1:11 ` Andrew Morton
2006-05-20 1:15 ` Linus Torvalds
2006-05-20 8:53 ` [patch] i386, vdso=[0|1] boot option and /proc/sys/vm/vdso_enabled Ingo Molnar
2006-05-20 9:26 ` Andrew Morton
2006-05-20 9:30 ` Zachary Amsden
2006-05-20 9:43 ` Zachary Amsden
2006-05-20 9:48 ` Andrew Morton
2006-05-20 10:04 ` Zachary Amsden
2006-05-21 4:38 ` Rusty Russell
2006-05-21 9:35 ` Rusty Russell
2006-05-21 9:52 ` Andrew Morton
2006-05-21 10:41 ` Ingo Molnar
2006-05-21 11:06 ` Rusty Russell
2006-05-20 9:54 ` Ingo Molnar
2006-05-20 10:16 ` [patch] add print_fatal_signals support Ingo Molnar
2006-05-21 11:03 ` [patch] i386, vdso=[0|1] boot option and /proc/sys/vm/vdso_enabled Ingo Molnar
2006-05-21 11:38 ` Ingo Molnar
2006-05-21 12:33 ` Andrew Morton
2006-05-21 14:10 ` Arjan van de Ven
2006-05-22 14:32 ` Alexey Kuznetsov
2006-05-20 1:16 ` [PATCH] Gerd Hoffman's move-vsyscall-into-user-address-range patch Zachary Amsden
2006-05-20 1:49 ` Andi Kleen
2006-05-20 1:24 ` Arjan van de Ven
2006-05-22 16:29 ` Jakub Jelinek
2006-05-22 16:44 ` Zachary Amsden
2006-05-22 17:14 ` Andrew Morton
2006-05-22 17:27 ` Ingo Molnar
2006-05-22 17:46 ` Linus Torvalds
2006-05-22 19:09 ` Ingo Molnar [this message]
2006-05-22 19:40 ` Linus Torvalds
2006-05-22 19:14 ` Adrian Bunk
2006-05-22 19:45 ` Linus Torvalds
2006-05-22 17:53 ` Andrew Morton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060522190947.GA6730@elte.hu \
--to=mingo@elte.hu \
--cc=akpm@osdl.org \
--cc=jakub@redhat.com \
--cc=kraxel@suse.de \
--cc=linux-kernel@vger.kernel.org \
--cc=rusty@rustcorp.com.au \
--cc=torvalds@osdl.org \
--cc=virtualization@lists.osdl.org \
--cc=zach@vmware.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox