From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754100AbaDMDN2 (ORCPT ); Sat, 12 Apr 2014 23:13:28 -0400 Received: from mail-vc0-f174.google.com ([209.85.220.174]:45490 "EHLO mail-vc0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751158AbaDMDN0 (ORCPT ); Sat, 12 Apr 2014 23:13:26 -0400 MIME-Version: 1.0 In-Reply-To: <87lhvahr7z.fsf@tassilo.jf.intel.com> References: <6f5f98f2-aa96-433f-9ee8-5ba216624957@email.android.com> <20140412193541.GA30697@pd.tnic> <21a22ace-fbc3-4f97-a277-9cdf4f2253eb@email.android.com> <5349BD3F.6000402@zytor.com> <87lhvahr7z.fsf@tassilo.jf.intel.com> Date: Sat, 12 Apr 2014 20:13:25 -0700 X-Google-Sender-Auth: tMiBGXjprhjYgKwBOpo5BAOCMpI Message-ID: Subject: Re: [tip:x86/urgent] x86-64, modify_ldt: Ban 16-bit segments on 64-bit kernels From: Linus Torvalds To: Andi Kleen Cc: "H. Peter Anvin" , Borislav Petkov , Brian Gerst , Ingo Molnar , Linux Kernel Mailing List , Thomas Gleixner , stable , "H. Peter Anvin" Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Apr 12, 2014 at 7:56 PM, Andi Kleen wrote: > > Why? Either it works or it doesn't. > > If it works it doesn't make any sense to have a sysctl. BS. It "works" exactly like mmap() at NULL "works". It is a potential security leak, because x86-64 screwed up the architecture definition in this area. So it should definitely be disabled by default, exactly like mmap_min_addr is non-zero by default. Linus