Module Name: src
Committed By: maxv
Date: Fri Jul 28 13:59:07 UTC 2017
Modified Files:
src/sys/arch/i386/conf: GENERIC
Log Message:
Disable vm86 by default. The use case is limited, and the potential for
damage is too high.
This code is fragile, and relies on a certain number of assumptions, some
of which are not be totally true. For example, it relies on the fact that
a 16bit process cannot perform a syscall, but verily it can. The slighest
confusion in the trap frame can lead to ring0 exploits. Also, I'm not
convinced that it interacts well with the compatibility layers.
To generate a diff of this commit:
cvs rdiff -u -r1.1157 -r1.1158 src/sys/arch/i386/conf/GENERIC
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/i386/conf/GENERIC
diff -u src/sys/arch/i386/conf/GENERIC:1.1157 src/sys/arch/i386/conf/GENERIC:1.1158
--- src/sys/arch/i386/conf/GENERIC:1.1157 Wed Jul 12 17:40:34 2017
+++ src/sys/arch/i386/conf/GENERIC Fri Jul 28 13:59:07 2017
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC,v 1.1157 2017/07/12 17:40:34 maxv Exp $
+# $NetBSD: GENERIC,v 1.1158 2017/07/28 13:59:07 maxv Exp $
#
# GENERIC machine description file
#
@@ -22,12 +22,12 @@ include "arch/i386/conf/std.i386"
options INCLUDE_CONFIG_FILE # embed config file in kernel binary
-#ident "GENERIC-$Revision: 1.1157 $"
+#ident "GENERIC-$Revision: 1.1158 $"
maxusers 64 # estimated number of users
# CPU-related options.
-options VM86 # virtual 8086 emulation
+#options VM86 # virtual 8086 emulation
options USER_LDT # user-settable LDT; used by WINE
#options PAE # PAE mode (36 bits physical addressing)
