Re: Warning about kernel 4.2 performance (revised)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


05.10.2015 12:47, Andrew Bird пишет:
> Mmm, that thread is full of the same old rhetoric (i.e. it must be a risk as no one can be bothered/has time to check it and users
> must be prevented from hurting themselves even if they've already jumped through hoops to enable mm.vm_addr=0, which is a known security
> risk, so that dosemu can function with cpuemu=off). I do fail to see why the default can't have the vm86() syscall compiled in, but
> disabled by default at run time.
As Felix pointed, this is exactly what happens.
But really, having never delivering dosemu, keeping vm86
ON is pretty useless for them, so I won't bet on this to
stay forever. But now as it can be disabled at run-time -
the chances are big they'll no longer re-visit this subject
and leave it as is.
Note that AFAIK dosemu can't use vm86 on fedora even if
enabled both compile-time and run-time, because selinux
then prevents mapping zero page even if you enabled it in
mmap_min_addr (but I may be wrong, someone needs to double-check
also this). The security threat may come from the fact
that you need to disable selinux.

> Regarding RHEL kernels, I've used CentOS 3, 4, 5 and 6 successfully with Dosemu cpuemu=off, so CONFIG_VM86=y was set on those.
Have you disabled selinux?
To unsubscribe from this list: send the line "unsubscribe linux-msdos" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at

[Index of Archives]     [Linux Console]     [Linux Audio]     [Linux for Hams]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite Camping]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Samba]     [Linux Media]     [Fedora Users]

  Powered by Linux