Re: Proposal: Disable autoload of compat_xyz modules

To: Taylor R Campbell <campbell+netbsd-tech-kern%mumble.net@localhost>, tech-kern%NetBSD.org@localhost
Subject: Re: Proposal: Disable autoload of compat_xyz modules
From: Maxime Villard <max%m00nbsd.net@localhost>
Date: Tue, 1 Aug 2017 13:12:38 +0200

Le 31/07/2017 à 23:39, Taylor R Campbell a écrit :

Many of our binary compatibility modules are notoriously ridden with
bugs.  We currently have no way to automatically test them.  Some of
them are maintained; some of them are not.  The value of having NetBSD
automatically try to execute a SCO Unix binary, for example, seems
rather weak compared to the security risk of the attack surface.

So I propose to exclude all non-NetBSD, non-ELF/a.out compat modules
from autoloading by exec, and remove them from all GENERIC kernels.
Under this proposal, if you want them in your system, you can add them
to your kernel config or modload them explicitly.


Yes, that's the right thing to do.

I haven't rechecked, but as far as I remember, there will be some issues with
the compat layers that have several #ifdefs deep into the machdep code.

Apart from that, several files could usefully be moved into the appropriate
compat_xyz directory, instead of polluting sys/arch/. For example:

	sys/arch/amd64/amd64/linux_*    ->   sys/compat/linux/arch/amd64/
	sys/arch/amd64/amd64/linux32_*  ->   sys/compat/linux32/arch/amd64/

This would provide a better encapsulation.

Follow-Ups:
- Re: Proposal: Disable autoload of compat_xyz modules
  - From: Jaromír Doleček

References:
- Proposal: Disable autoload of compat_xyz modules
  - From: Taylor R Campbell

Prev by Date: Re: ndis [was Re: Proposal: Disable autoload of compat_xyz modules]
Next by Date: Re: kmem_alloc(0, f)
Previous by Thread: Re: Proposal: Disable autoload of compat_xyz modules
Next by Thread: Re: Proposal: Disable autoload of compat_xyz modules
Indexes:

Home | Main Index | Thread Index | Old Index