CVS commit: src

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src
From: "Maxime Villard" <maxv%netbsd.org@localhost>
Date: Sat, 8 Feb 2020 07:07:07 +0000

Module Name:    src
Committed By:   maxv
Date:           Sat Feb  8 07:07:07 UTC 2020

Modified Files:
        src/share/man/man4: options.4
        src/share/mk: bsd.sys.mk
        src/sys/arch/amd64/conf: ALL GENERIC
        src/sys/arch/amd64/include: param.h
        src/sys/conf: files ssp.mk
        src/sys/kern: files.kern subr_pool.c sys_syscall.c
        src/sys/sys: systm.h
        src/sys/uvm: uvm_km.c
Removed Files:
        src/sys/arch/amd64/include: kleak.h
        src/sys/kern: subr_kleak.c
        src/usr.sbin/kleak: Makefile kleak.c

Log Message:
Retire KLEAK.

KLEAK was a nice feature and served its purpose; it allowed us to detect
dozens of info leaks on the kernel->userland boundary, and thanks to it we
tackled a good part of the infoleak problem 1.5 years ago.

Nowadays however, we have kMSan, which can detect uninitialized memory in
the kernel. kMSan supersedes KLEAK: it can detect what KLEAK was able to
detect, but in addition, (1) it operates in all of the kernel and not just
the kernel->userland boundary, (2) it requires no user interaction, and (3)
it is deterministic and not statistical.

That makes kMSan the feature of choice to detect info leaks nowadays;
people interested in detecting info leaks should boot a kMSan kernel and
just wait for the magic to happen.

KLEAK was a good ride, and a fun project, but now is time for it to go.

Discussed with several people, including Thomas Barabosch.


To generate a diff of this commit:
cvs rdiff -u -r1.507 -r1.508 src/share/man/man4/options.4
cvs rdiff -u -r1.298 -r1.299 src/share/mk/bsd.sys.mk
cvs rdiff -u -r1.144 -r1.145 src/sys/arch/amd64/conf/ALL
cvs rdiff -u -r1.560 -r1.561 src/sys/arch/amd64/conf/GENERIC
cvs rdiff -u -r1.1 -r0 src/sys/arch/amd64/include/kleak.h
cvs rdiff -u -r1.35 -r1.36 src/sys/arch/amd64/include/param.h
cvs rdiff -u -r1.1254 -r1.1255 src/sys/conf/files
cvs rdiff -u -r1.4 -r1.5 src/sys/conf/ssp.mk
cvs rdiff -u -r1.42 -r1.43 src/sys/kern/files.kern
cvs rdiff -u -r1.2 -r0 src/sys/kern/subr_kleak.c
cvs rdiff -u -r1.265 -r1.266 src/sys/kern/subr_pool.c
cvs rdiff -u -r1.12 -r1.13 src/sys/kern/sys_syscall.c
cvs rdiff -u -r1.292 -r1.293 src/sys/sys/systm.h
cvs rdiff -u -r1.153 -r1.154 src/sys/uvm/uvm_km.c
cvs rdiff -u -r1.1 -r0 src/usr.sbin/kleak/Makefile src/usr.sbin/kleak/kleak.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/usr.sbin/altq/altqstat
Next by Date: CVS commit: src/sys/dev/pci
Previous by Thread: CVS commit: src/usr.sbin/altq/altqstat
Next by Thread: CVS commit: src/sys/dev/pci
Indexes:

Home | Main Index | Thread Index | Old Index