Re: stop breaking dosemu (Re: x86/kconfig/32: Rename CONFIG_VM86 and default it to 'n')

[Stas Sergeev]

04.09.2015 13:09, Chuck Ebbert ÐÐÑÐÑ:
> On Fri, 4 Sep 2015 00:28:04 +0300
> Stas Sergeev <stsp@xxxxxxx> wrote:
> 
>> 03.09.2015 21:51, Austin S Hemmelgarn ÐÐÑÐÑ:
>>> There are servers out there that have this enabled and _never_ use it 
>>> at all,
>> Unless I am mistaken, servers usually use special flavour of the
>> distro (different from desktop install), where of course this will
>> be disabled _compile time_.
> Many (most?) distros use just one kernel for everything, because it's
> just too much work to have a separate flavor for servers.
But for example menuconfig promotes CONFIG_PREEMPT_NONE for server
and CONFIG_PREEMPT for desktop. Also perhaps server would need an
lts version rather than latest.
I wonder if RHEL Server offers the generic desktop-suited kernel
with vm86() enabled?

In any case, if there is some generic mechanism to selectively
disable syscalls at run-time for server, then vm86() is of course
a good candidate. I wonder how many other syscalls are currently
run-time controlled? (those that are not marked as an "attack surface"
and defaulted to Y; I suppose the "attack surface" is currently only vm86())
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/