Module Name: src Committed By: snj Date: Fri Aug 25 05:53:12 UTC 2017
Modified Files: src/sys/arch/i386/conf [netbsd-8]: GENERIC Log Message: Pull up following revision(s) (requested by maxv in ticket #230): sys/arch/i386/conf/GENERIC: revision 1.1158 Disable vm86 by default. The use case is limited, and the potential for damage is too high. This code is fragile, and relies on a certain number of assumptions, some of which are not be totally true. For example, it relies on the fact that a 16bit process cannot perform a syscall, but verily it can. The slighest confusion in the trap frame can lead to ring0 exploits. Also, I'm not convinced that it interacts well with the compatibility layers. To generate a diff of this commit: cvs rdiff -u -r1.1156.2.2 -r1.1156.2.3 src/sys/arch/i386/conf/GENERIC Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/arch/i386/conf/GENERIC diff -u src/sys/arch/i386/conf/GENERIC:1.1156.2.2 src/sys/arch/i386/conf/GENERIC:1.1156.2.3 --- src/sys/arch/i386/conf/GENERIC:1.1156.2.2 Tue Aug 1 23:18:30 2017 +++ src/sys/arch/i386/conf/GENERIC Fri Aug 25 05:53:12 2017 @@ -1,4 +1,4 @@ -# $NetBSD: GENERIC,v 1.1156.2.2 2017/08/01 23:18:30 snj Exp $ +# $NetBSD: GENERIC,v 1.1156.2.3 2017/08/25 05:53:12 snj Exp $ # # GENERIC machine description file # @@ -22,12 +22,12 @@ include "arch/i386/conf/std.i386" options INCLUDE_CONFIG_FILE # embed config file in kernel binary -#ident "GENERIC-$Revision: 1.1156.2.2 $" +#ident "GENERIC-$Revision: 1.1156.2.3 $" maxusers 64 # estimated number of users # CPU-related options. -options VM86 # virtual 8086 emulation +#options VM86 # virtual 8086 emulation options USER_LDT # user-settable LDT; used by WINE #options PAE # PAE mode (36 bits physical addressing)