From: Jiri Slaby <jirislaby@kernel.org>
To: Thomas Gleixner <tglx@linutronix.de>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Nikolay Borisov <nik.borisov@suse.com>,
x86@kernel.org
Cc: linux-kernel@vger.kernel.org, mhocko@suse.com
Subject: Re: [PATCH 3/3] x86: Disable running 32bit processes if ia32_disabled is passed
Date: Thu, 8 Jun 2023 08:29:02 +0200 [thread overview]
Message-ID: <2a64981c-ee53-f146-32a4-e97d4c036259@kernel.org> (raw)
In-Reply-To: <871qimkdft.ffs@tglx>
On 08. 06. 23, 2:25, Thomas Gleixner wrote:
>> For usecases where there ought not to be any 32bit code at all (and
>> there absolutely are), it would be lovely if this could be enforced,
>> rather than relying on blind hope that it doesn't happen.
>
> I think it's rather clear what needs to be done here to achieve that,
> but that's completely orthogonal to the intent of the patch series in
> question which aims to make CONFIG_IA32_EMULATION a boot time decision.
Agreed. The original intent was only to disable the 32bit paths in the
kernel. I.e. set CONFIG_IA32_EMULATION=n by a runtime switch.
Then we came up with idea to disallow loading 32bit binaries to WARN
people as the bins won't (mostly) work anyway. (We are/were aware this
doesn't forbid running 32bit code.)
But now, when we are doing that, I think we should disable 32 bits
completely by the switch. I.e. don't provide 32bit segments and
whatever. And make that clear and documented in the series. Because as
it stands now, it's half-way. Agreed? This whole attempt served as a
call for opinions which we got and which is perfect.
thanks,
--
js
suse labs
next prev parent reply other threads:[~2023-06-08 6:29 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-07 7:29 [RFC PATCH 0/3] Add ability to disable ia32 at boot time Nikolay Borisov
2023-06-07 7:29 ` [PATCH 1/3] x86: Introduce ia32_disabled boot parameter Nikolay Borisov
2023-06-07 8:55 ` Thomas Gleixner
2023-06-07 7:29 ` [PATCH 2/3] x86/entry: Disable IA32 syscalls in the presence of ia32_disabled Nikolay Borisov
2023-06-07 9:11 ` Thomas Gleixner
2023-06-08 3:18 ` Brian Gerst
2023-06-07 7:29 ` [PATCH 3/3] x86: Disable running 32bit processes if ia32_disabled is passed Nikolay Borisov
2023-06-07 12:01 ` Thomas Gleixner
2023-06-07 12:19 ` Nikolay Borisov
2023-06-07 12:53 ` Thomas Gleixner
2023-06-07 13:38 ` Nikolay Borisov
2023-06-07 14:49 ` Thomas Gleixner
2023-06-07 17:25 ` Andrew Cooper
2023-06-07 21:52 ` Thomas Gleixner
2023-06-07 23:43 ` Andrew Cooper
2023-06-08 0:25 ` Thomas Gleixner
2023-06-08 6:16 ` Jiri Slaby
2023-06-08 6:36 ` Jiri Slaby
2023-06-08 15:30 ` Thomas Gleixner
2023-06-08 15:32 ` Andrew Cooper
2023-06-08 6:29 ` Jiri Slaby [this message]
2023-06-08 11:25 ` Andrew Cooper
2023-06-08 15:56 ` Thomas Gleixner
2023-06-08 21:29 ` Nikolay Borisov
2023-06-07 12:55 ` Thomas Gleixner
2023-06-08 4:37 ` Brian Gerst
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2a64981c-ee53-f146-32a4-e97d4c036259@kernel.org \
--to=jirislaby@kernel.org \
--cc=andrew.cooper3@citrix.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mhocko@suse.com \
--cc=nik.borisov@suse.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).