On Fri, 2008-11-07 at 12:34 -0500, Josh Boyer wrote: > On Fri, 07 Nov 2008 11:24:26 -0600 > Hollis Blanchard <hollisb@xxxxxxxxxx> wrote: > > > I'm not sure if there's precedent for features marked EXPERIMENTAL to be > > in the defconfig, but simply put I have not done a thorough audit of the > > KVM 440 code for security or DoS issues. (For example, until yesterday, > > the guest could trivially flood the host console because I'd left a > > printk enabled.) It just seems like asking for trouble to enable it in > > the defconfig. > > If you think it's really in rough enough shape that it's a concern for > .28, then I can change it back. Let me know soon. Well, I'm happy to have the (build) test coverage... Since KVM can only be invoked via /dev/kvm, and that device node (if automatically created) only has root permissions, I think it will be OK. > > That said, I have no complaint about having it enabled for linux-next > > builds. > > I don't have a separate defconfig for linux-next builds. We could do > that but I don't see much value. I want -next to be building (and > theoretically testing) what gets built for actual release kernels. Fair enough. -- Hollis Blanchard IBM Linux Technology Center -- To unsubscribe from this list: send the line "unsubscribe linux-next" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
