Re: CVS commit: src/sys

[Manuel Bouyer <bouyer%antioche.eu.org@localhost>]

On Thu, Jun 15, 2017 at 07:12:41AM +0200, Maxime Villard wrote:
> Le 14/06/2017 à 20:07, Manuel Bouyer a écrit :
> > On Wed, Jun 14, 2017 at 05:48:41PM +0000, Maxime Villard wrote:
> > > Module Name:	src
> > > Committed By:	maxv
> > > Date:		Wed Jun 14 17:48:41 UTC 2017
> > > 
> > > Modified Files:
> > > 	src/sys/arch/x86/x86: pmc.c
> > > 	src/sys/secmodel/suser: secmodel_suser.c
> > > 	src/sys/sys: kauth.h
> > > 
> > > Log Message:
> > > Make the PMC syscalls privileged.
> > 
> > I though the consensus was to have it controlled by a sysctl ?
> > 
> 
> Sysctl? I didn't hear about that consensus

There were several strong objections to our change in this thread:
http://mail-index.netbsd.org/tech-kern/2017/03/28/msg021705.html

I proposed to have a sysctl to turn on/off the restriction,
mouse proposed a compile-time option.
in
http://mail-index.netbsd.org/tech-kern/2017/03/28/msg021710.html
you wrote
"My original plan was to use a sysctl - as suggested by Manuel. One to
enable/disable the feature, another to log the segfaults."

There was no more comments about the sysctl so, for me, implementing
the feature with a sysctl to turn it off is OK.

in any case, from this thread implementing this restriction without
any way to turn it off is not acceptable.

BTW, it should probably be a SIGILL, not a a SIGSEGV

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--