Re: Dropping 386 support
Andres Salomon wrote:
> Hi,
>
> The kernel team is considering dropping 386 support (the 80386
> processor, not the i386 arch) from Debian. Currently, in order to
> support 386, we include a 486 emulation patch (the patch can be viewed
> from here:
> <http://svn.debian.org/viewcvs/kernel/trunk/kernel/source/kernel-source-2.6..8-2.6.8/debian/patches/x86-i486_emu.dpatch>).
> The patch is a requirement for 386 machines, as debian's gcc
> generates binaries with 486 opcodes. This patch is known to be
> buggy (see bug #250468), and is considered unreleasable. The
> members of the kernel team don't have the hardware, time, and/or
> desire to fix it, and the upstream author is too busy to fix it. As
> d-i rc2 is about to be released (and that is presumably what sarge
> will release with), we need to make the decision what to do. We
> have two options; we can either keep the patch in, risk releasing
> sarge w/ 386 support containing known security holes, and hope
> someone someone fixes the problem soon; or, we can drop 386 support
> completely.
I've read the patch from within the source package. If I read it
correctly, the three instructions will only be emulated if the CPU
raised an 'illegal instraction' exception. Hence, the emulation will
only run on real i386 machines but not on i486 and above. Hence, the
security problems Arjan mentioned only affect real i386 machines.
Since, only real i386 machines are affected from these security
issues, and they couldn't be supported at all otherwise, I'd say go
with the security problems but document them in the release notes.
I'd be glad if we cold include a working patch, of course.
It's better to tell admins to kick off the users of their i386 boxes
than throw them away, imho.
Regards,
Joey
--
We all know Linux is great... it does infinite loops in 5 seconds.
-- Linus Torvalds
Please always Cc to me when replying to me on the lists.
Reply to: