From: Ingo Molnar <mingo@elte.hu>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: pageexec@freemail.hu, Andi Kleen <andi@firstfloor.org>,
Andy Lutomirski <luto@mit.edu>,
x86@kernel.org, Thomas Gleixner <tglx@linutronix.de>,
linux-kernel@vger.kernel.org, Jesper Juhl <jj@chaosbits.net>,
Borislav Petkov <bp@alien8.de>,
Andrew Morton <akpm@linux-foundation.org>,
Arjan van de Ven <arjan@infradead.org>,
Jan Beulich <JBeulich@novell.com>,
richard -rw- weinberger <richard.weinberger@gmail.com>,
Mikael Pettersson <mikpe@it.uu.se>,
Brian Gerst <brgerst@gmail.com>,
Louis Rilling <Louis.Rilling@kerlabs.com>,
Valdis.Kletnieks@vt.edu
Subject: Re: [PATCH v5 9/9] x86-64: Add CONFIG_UNSAFE_VSYSCALLS to feature-removal-schedule
Date: Mon, 6 Jun 2011 23:45:45 +0200 [thread overview]
Message-ID: <20110606214545.GA6492@elte.hu> (raw)
In-Reply-To: <BANLkTi=choqfXPYmnivznYBbEFeg2UfbuA@mail.gmail.com>
* Linus Torvalds <torvalds@linux-foundation.org> wrote:
> We *definitely* don't want to name it in a way that makes some
> random person just turn it off because it's scary, since the random
> person *shouldn't* turn it off today. Comprende?
Agreed, and that's fixed now.
> And the annoying part about the whole patch series is how the whole
> re-sending has gone on forever. Just pick some approach, do it, and
> don't even bother making it a config option for now. If we can
> replace the vsyscall page with a page fault or int3 or whatever,
> and it's only used for the 'time()' system call, just do it.
Ok, we can certainly remove CONFIG_LEGACY_VTIME - that would further
simplify things!
I was unsure how big of a problem the time() slowdown was and the
config option was easy enough to provide. My preference would be to
just remove the config option and simplify the code - complexity is
the #1 enemy of security.
> The series is now extended with the cleanup patches so the end
> result looks reasonable, but why have the whole "first implement
> it, then clean it up" and sending it as a whole series. That's
> annoying. Just send the cleaned-up end result to begin with.
Do you think x86/vdso is worth rebasing at this stage? Right now it
has:
feba7e97df8c: x86-64: Rename COMPAT_VSYSCALLS to LEGACY_VTIME and clarify documentation
7dc0452808b7: x86-64: Clean up vsyscall emulation and remove fixed-address ret
8d6316596441: x86-64: Fix outdated comments in vsyscall_64.c
1593843e2ada: x86-64, vsyscalls: Rename UNSAFE_VSYSCALLS to COMPAT_VSYSCALLS
764611c8dfb5: x86-64, vdso, seccomp: Fix !CONFIG_SECCOMP build
38172403a978: x86-64: Add CONFIG_UNSAFE_VSYSCALLS to feature-removal-schedule
d55ed1d30b82: x86-64: Emulate legacy vsyscalls
5dfcea629a08: x86-64: Fill unused parts of the vsyscall page with 0xcc
bb5fe2f78ead: x86-64: Remove vsyscall number 3 (venosys)
d319bb79afa4: x86-64: Map the HPET NX
0d7b8547fb67: x86-64: Remove kernel.vsyscall64 sysctl
9fd67b4ed071: x86-64: Give vvars their own page
8b4777a4b50c: x86-64: Document some of entry_64.S
6879eb2deed7: x86-64: Fix alignment of jiffies variable
it's reasonably tested by now. We'd keep about 80% of the commits
after the rebase.
Thanks,
Ingo
next prev parent reply other threads:[~2011-06-06 21:46 UTC|newest]
Thread overview: 112+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-05 17:50 [PATCH v5 0/9] Remove syscall instructions at fixed addresses Andy Lutomirski
2011-06-05 17:50 ` [PATCH v5 1/9] x86-64: Fix alignment of jiffies variable Andy Lutomirski
2011-06-06 8:31 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski
2011-06-05 17:50 ` [PATCH v5 2/9] x86-64: Document some of entry_64.S Andy Lutomirski
2011-06-06 8:31 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski
2011-06-05 17:50 ` [PATCH v5 3/9] x86-64: Give vvars their own page Andy Lutomirski
2011-06-06 8:32 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski
2011-06-05 17:50 ` [PATCH v5 4/9] x86-64: Remove kernel.vsyscall64 sysctl Andy Lutomirski
2011-06-06 8:32 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski
2011-12-05 18:27 ` [PATCH v5 4/9] " Matthew Maurer
2011-06-05 17:50 ` [PATCH v5 5/9] x86-64: Map the HPET NX Andy Lutomirski
2011-06-06 8:33 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski
2011-06-05 17:50 ` [PATCH v5 6/9] x86-64: Remove vsyscall number 3 (venosys) Andy Lutomirski
2011-06-06 8:33 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski
2011-06-05 17:50 ` [PATCH v5 7/9] x86-64: Fill unused parts of the vsyscall page with 0xcc Andy Lutomirski
2011-06-06 8:34 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski
2011-06-05 17:50 ` [PATCH v5 8/9] x86-64: Emulate legacy vsyscalls Andy Lutomirski
2011-06-05 19:30 ` Ingo Molnar
2011-06-05 20:01 ` Andrew Lutomirski
2011-06-06 7:39 ` Ingo Molnar
2011-06-06 9:42 ` pageexec
2011-06-06 11:19 ` Andrew Lutomirski
2011-06-06 11:56 ` pageexec
2011-06-06 12:43 ` Andrew Lutomirski
2011-06-06 13:58 ` pageexec
2011-06-06 14:07 ` Brian Gerst
2011-06-07 23:32 ` pageexec
2011-06-07 23:49 ` Andrew Lutomirski
2011-06-08 6:32 ` pageexec
2011-06-06 15:26 ` Ingo Molnar
2011-06-06 15:48 ` pageexec
2011-06-06 15:59 ` Ingo Molnar
2011-06-06 16:19 ` pageexec
2011-06-06 16:47 ` Ingo Molnar
2011-06-06 22:49 ` pageexec
2011-06-06 22:57 ` david
2011-06-07 9:07 ` Ingo Molnar
2011-06-07 6:59 ` Pekka Enberg
2011-06-07 8:30 ` Ingo Molnar
2011-06-07 23:24 ` pageexec
2011-06-08 5:55 ` Pekka Enberg
2011-06-08 6:19 ` pageexec
2011-06-08 6:48 ` Ingo Molnar
2011-06-08 9:02 ` pageexec
2011-06-08 9:11 ` Andi Kleen
2011-06-08 9:35 ` pageexec
2011-06-08 10:06 ` Andi Kleen
2011-06-08 10:26 ` pageexec
2011-06-08 10:39 ` Ingo Molnar
2011-06-08 10:35 ` Ingo Molnar
2011-06-08 9:15 ` Ingo Molnar
2011-06-08 7:16 ` Ingo Molnar
2011-06-08 9:29 ` pageexec
2011-06-06 14:01 ` Linus Torvalds
2011-06-06 14:55 ` pageexec
2011-06-06 15:33 ` Ingo Molnar
2011-06-06 15:58 ` pageexec
2011-06-06 15:41 ` Ingo Molnar
2011-06-06 8:34 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski
2011-06-06 8:35 ` [tip:x86/vdso] x86-64, vdso, seccomp: Fix !CONFIG_SECCOMP build tip-bot for Ingo Molnar
2011-06-07 7:49 ` [tip:x86/vdso] x86-64: Emulate legacy vsyscalls tip-bot for Andy Lutomirski
2011-06-07 8:03 ` tip-bot for Andy Lutomirski
2011-06-05 17:50 ` [PATCH v5 9/9] x86-64: Add CONFIG_UNSAFE_VSYSCALLS to feature-removal-schedule Andy Lutomirski
2011-06-06 8:34 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski
2011-06-06 8:46 ` [PATCH v5 9/9] " Linus Torvalds
2011-06-06 9:31 ` Andi Kleen
2011-06-06 10:39 ` pageexec
2011-06-06 13:56 ` Linus Torvalds
2011-06-06 18:46 ` pageexec
2011-06-06 20:40 ` Linus Torvalds
2011-06-06 20:51 ` Andrew Lutomirski
2011-06-06 21:54 ` Ingo Molnar
2011-06-06 21:45 ` Ingo Molnar [this message]
2011-06-06 21:48 ` Ingo Molnar
[not found] ` <BANLkTi==uw_h78oaep1cCOCzwY0edLUU_Q@mail.gmail.com>
2011-06-07 8:03 ` [PATCH, v6] x86-64: Emulate legacy vsyscalls Ingo Molnar
2011-06-06 21:53 ` [PATCH v5 9/9] x86-64: Add CONFIG_UNSAFE_VSYSCALLS to feature-removal-schedule pageexec
2011-06-06 14:44 ` Ingo Molnar
2011-06-06 15:01 ` pageexec
2011-06-06 15:15 ` Ingo Molnar
2011-06-06 15:29 ` pageexec
2011-06-06 16:54 ` Ingo Molnar
2011-06-06 18:59 ` pageexec
2011-06-06 19:25 ` Ingo Molnar
2011-06-07 0:34 ` pageexec
2011-06-07 9:51 ` Ingo Molnar
2011-06-07 23:24 ` pageexec
2011-06-10 11:19 ` Ingo Molnar
2011-06-14 0:48 ` pageexec
2011-06-15 19:42 ` Valdis.Kletnieks
2011-06-06 14:52 ` Ingo Molnar
2011-06-06 10:24 ` [PATCH] x86-64, vsyscalls: Rename UNSAFE_VSYSCALLS to COMPAT_VSYSCALLS Ingo Molnar
2011-06-06 11:20 ` pageexec
2011-06-06 12:47 ` Ingo Molnar
2011-06-06 12:48 ` Ingo Molnar
2011-06-06 18:04 ` pageexec
2011-06-06 19:12 ` Ingo Molnar
2011-06-07 0:02 ` pageexec
2011-06-07 9:56 ` Ingo Molnar
2011-06-07 23:24 ` pageexec
2011-06-09 6:48 ` Ingo Molnar
2011-06-09 23:33 ` pageexec
2011-06-07 10:05 ` Ingo Molnar
2011-06-07 23:24 ` pageexec
2011-06-09 7:02 ` Ingo Molnar
2011-06-09 23:33 ` pageexec
2011-06-07 10:13 ` Ingo Molnar
2011-06-07 23:24 ` pageexec
2011-06-06 12:19 ` Ted Ts'o
2011-06-06 12:33 ` Andrew Lutomirski
2011-06-06 12:37 ` Ingo Molnar
2011-06-06 14:34 ` [tip:x86/vdso] " tip-bot for Ingo Molnar
2011-06-05 20:05 ` [PATCH v5 0/9] Remove syscall instructions at fixed addresses Andrew Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110606214545.GA6492@elte.hu \
--to=mingo@elte.hu \
--cc=JBeulich@novell.com \
--cc=Louis.Rilling@kerlabs.com \
--cc=Valdis.Kletnieks@vt.edu \
--cc=akpm@linux-foundation.org \
--cc=andi@firstfloor.org \
--cc=arjan@infradead.org \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=jj@chaosbits.net \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@mit.edu \
--cc=mikpe@it.uu.se \
--cc=pageexec@freemail.hu \
--cc=richard.weinberger@gmail.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.