Re: [ 10/25] x86, espfix: Make it possible to disable 16-bit support

[Willy Tarreau]

On Mon, Dec 08, 2014 at 02:58:54AM +0000, Ben Hutchings wrote:
> On Sat, 2014-12-06 at 18:41 +0100, Willy Tarreau wrote:
> > 2.6.32-longterm review patch.  If anyone has any objections, please let me know.
> > 
> > ------------------
> > 
> > From: "H. Peter Anvin" <hpa@xxxxxxxxx>
> > 
> > commit 34273f41d57ee8d854dcd2a1d754cbb546cb548f upstream.
> > 
> > Embedded systems, which may be very memory-size-sensitive, are
> > extremely unlikely to ever encounter any 16-bit software, so make it
> > a CONFIG_EXPERT option to turn off support for any 16-bit software
> > whatsoever.
> > 
> > Signed-off-by: H. Peter Anvin <hpa@xxxxxxxxx>
> > Link: http://lkml.kernel.org/r/1398816946-3351-1-git-send-email-hpa@xxxxxxxxxxxxxxx
> > Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
> > Signed-off-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
> > (cherry picked from 3.2 commit 70d87cbbd92a3611655b39003176ee1033796bf7)
> > [wt: backport notes for 2.6.32 :
> >   - Fixed arch/x86/kernel/ldt.c (no IS_ENABLED on 2.6.32).
> >   - No CONFIG_EXPERT condition in 2.6.32.
> > /wt]
> [...]
> 
> It used to be called CONFIG_EMBEDDED, so you could s/EXPERT/EMBEDDED/,
> but it doesn't matter much.

I hesitated on this one and thought that EMBEDDED was currently not selected
by most server configs and users would not necessarily think about enabling
it to discover the new option, since it was made for a different purpose. In
the end, presenting the new option to users is not a bad thing considering
that the purpose is to help them improve their security.

Regards,
Willy

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/