Re: Dropping 386 support
On Sun, 03 Oct 2004 11:59:33 +0200, Martin Schulze wrote:
[...]
>
> I've read the patch from within the source package. If I read it
> correctly, the three instructions will only be emulated if the CPU
> raised an 'illegal instraction' exception. Hence, the emulation will
> only run on real i386 machines but not on i486 and above. Hence, the
> security problems Arjan mentioned only affect real i386 machines.
>
That is correct; the patch is only vulnerable if one of those three
instructions (bswap, cmpxchg, or xadd) generates a SIGILL. That we know
of, anyways (there's always the possibility that some logic bug exists in
the regs->eip processing, but nothing I noticed w/ a cursory glance).
> Since, only real i386 machines are affected from these
security issues,
> and they couldn't be supported at all otherwise, I'd say go with the
> security problems but document them in the release notes.
>
I'd like to see them documented elsewhere, so that people upgrading from
woody get a big fat warning that the kernel they're about to install has
security holes (if and only if their machine lacks the capability to
handle bswap/cmpxchg/xadd).
>
I'd be glad if we cold include a working patch, of course.
>
The more I think about it, the more I like the idea of having this in
userspace; instead of having people upgrade to a new kernel before
allowing glibc to upgrade, we could simply have an ld preloaded library
that gets installed (or, include it right in glibc?). No reboot, no need
to hassle users.. But, I'm not willing to implement that, and I haven't
seen it anywhere.
<http://www-sop.inria.fr/geometrica/team/Sylvain.Pion/progs/mmx-emu/> has
the mmx stuff Alan mentioned.
> It's better to tell admins to kick off the users of their i386 boxes
> than throw them away, imho.
>
> Regards,
>
> Joey
Reply to: