kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #138091
[Bug 1499089] Re: Please enable kconfig X86_LEGACY_VM86 for i386
We also run critical software that depends on the vm86 for performance
reasons, and we are already using dosemu with root privileges to gain
direct hardware access, so we see the potential security risks of this
are trivial. The suggestion above to have the patch back-ported to
enable vm86 only when vm.mmap_min_addr=0 seems a perfectly good way of
satisfying all user cases.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1499089
Title:
Please enable kconfig X86_LEGACY_VM86 for i386
Status in linux package in Ubuntu:
Triaged
Bug description:
In order for dosemu to reach maximum performance (a > 10x speedup) please enable kconfig X86_LEGACY_VM86 in the kernel. As of this commit http://www.spinics.net/lists/linux-tip-commits/msg30360.html
the overzealous kconfig message that seemed to suggest that the vm86() syscall was a security hazard in itself has been revised to reflect reality. Also please note that even if this kconfig option is enabled the runtime default is still off as vm86 is only actually enabled if the sysctl vm.mmap_min_addr is set to 0. That said, allowing vm.mmap_min_addr=0 is a known security risk and enabling the vm86() syscall to operate additionally would add little value to any potential attacker.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1499089/+subscriptions
References