Bug#834791: Add NEWS/README.Debian entry to recommend people not to enable KSM

To: 834791@bugs.debian.org
Subject: Bug#834791: Add NEWS/README.Debian entry to recommend people not to enable KSM
From: Ben Hutchings <ben@decadent.org.uk>
Date: Mon, 22 Aug 2016 00:41:24 +0100
Message-id: <[🔎] 1471822884.13300.130.camel@decadent.org.uk>
Reply-to: Ben Hutchings <ben@decadent.org.uk>, 834791@bugs.debian.org
In-reply-to: <[🔎] 20160819052157.GA17798@lorien.valinor.li>
References: <147118320112.2113.4578147884579144942.reportbug@eldamar.local> <20160815125943.ihfkqpm2gpcqutpi__15273.0018985041$1471266281$gmane$org@aurel32.net> <slrnnr9n2i.nqk.jmm@inutil.org> <[🔎] 20160819052157.GA17798@lorien.valinor.li>

On Fri, 19 Aug 2016 07:21:57 +0200 Salvatore Bonaccorso <carnil@debian.org> wrote:
> Source: linux
> Version: 3.16.7-ckt7-1
> Severity: wishlist
> 
> On Wed, Aug 17, 2016 at 11:51:14PM +0200, Moritz Mühlenhoff wrote:
> > Aurelien Jarno <aurelien@aurel32.net> schrieb:
> > > On 2016-08-14 16:00, Salvatore Bonaccorso wrote:
> > >> Package: release.debian.org
> > >> Severity: normal
> > >> Tags: jessie
> > >> User: release.debian.org@packages.debian.org
> > >> Usertags: pu
> > >> 
> > >> Dear SRM
> > >> 
> > >> I would like to propose the following hardening to src:gnupg2 which was
> > >> found during the analysis of a vulnerability report to the security team
> > >> and related to
> > >> https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_razavi.pdf
> > >> and developed by NIIBE Yutaka. The underlying problem in hardware cannot
> > >> be solved in software (and thus we don't want to issue a DSA for it, and
> > >> give possibly this false impression), and as pointed out by Florian
> > >
> > > I wonder if it would be a good idea to release an announcement without
> > > any software change recommending people to not enable KSM on their
> > > hosts?
> > 
> > I think a NEWS file for the kernel would be best?
> 
> Okay. Let's open a Bug for src:linux for this.

I disagree with this proposal.

- The issue is unrelated to any change in this package (or any package),
  so it doesn't belong in NEWS
- This is not a Debian-specific issue so it also doesn't belong in
  README.Debian (and no-one is likely to notice changes there anyway)
- Since KSM is not enabled by default, any notice about it during
  upgrades would be a nuisance to the majority of users that do not use
  it

Also, the issue is in practice mitigated by ECC DRAM (not eliminated,
but note that the results in the paper are based on a system without
ECC).

I think that a DSA is a more effective way to let system administrators
know about this issue.  We already issue DSAs for other reasons than
software updates, for example when withdrawing security support for
some package.

Also, if there is VM management software in Debian that can enable KSM,
that software should not do so by default and should warn that this
carries a risk.

Ben.

-- 
Ben Hutchings
Quantity is no substitute for quality, but it's the only one we've got.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Bug#834791: Add NEWS/README.Debian entry to recommend people not to enable KSM
  - From: Salvatore Bonaccorso <carnil@debian.org>

References:
- Bug#834791: Add NEWS/README.Debian entry to recommend people not to enable KSM
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Bug#834505: arm64 boot failure with large physical memory range
Next by Date: Bug#834505: arm64 boot failure with large physical memory range
Previous by thread: Bug#834791: Add NEWS/README.Debian entry to recommend people not to enable KSM
Next by thread: Bug#834791: Add NEWS/README.Debian entry to recommend people not to enable KSM
Index(es):
- Date
- Thread