[arch-dev-public] Kernel Feature request #24043
https://bugs.archlinux.org/task/24043 Hi shall we enable it too? Thanks for your opinion. greetings tpowa -- Tobias Powalowski Archlinux Developer & Package Maintainer (tpowa) http://www.archlinux.org tpowa@archlinux.org
On 03/05/11 15:26, Tobias Powalowski wrote:
https://bugs.archlinux.org/task/24043
Hi shall we enable it too? Thanks for your opinion.
I am not very informed on kernel stuff so I could be wrong here... This seems a good idea for a what seems a minor(?) increase in security, but at the expense of making debugging kernel issues more difficult. I guess the people who want to attach gdb and debug the kernel are probably building their own from upstream git anyway, so I lean slightly on the side of enabling it. Allan
Am Tue, 03 May 2011 16:11:11 +1000 schrieb Allan McRae <allan@archlinux.org>:
On 03/05/11 15:26, Tobias Powalowski wrote:
https://bugs.archlinux.org/task/24043
Hi shall we enable it too? Thanks for your opinion.
I am not very informed on kernel stuff so I could be wrong here...
This seems a good idea for a what seems a minor(?) increase in security, but at the expense of making debugging kernel issues more difficult. I guess the people who want to attach gdb and debug the kernel are probably building their own from upstream git anyway, so I lean slightly on the side of enabling it.
Allan
Generally I'm against adding more and more debugging stuff. This makes our kernel larger and slower. When users have a certain kernel issue they will need to rebuild and gitbisect custom kernels anyway where they can enable the required debug stuff. -Andy
On Tue, May 3, 2011 at 7:26 AM, Tobias Powalowski <t.powa@gmx.de> wrote:
https://bugs.archlinux.org/task/24043
Hi shall we enable it too? Thanks for your opinion. greetings tpowa -- Tobias Powalowski Archlinux Developer & Package Maintainer (tpowa) http://www.archlinux.org tpowa@archlinux.org
I've been running this in my kernel without issues, so +1 for me.
On Tue, May 3, 2011 at 7:26 AM, Tobias Powalowski <t.powa@gmx.de> wrote:
https://bugs.archlinux.org/task/24043
Hi shall we enable it too? Thanks for your opinion. greetings tpowa
Sounds like a good idea to me, and I have not heard of any problems with it. +1 from me. -t
Am 03.05.2011 07:26, schrieb Tobias Powalowski:
https://bugs.archlinux.org/task/24043
Hi shall we enable it too? Thanks for your opinion. greetings tpowa
I am a bit concerned about the "slight performance impact" on x86_64. By now, we have enabled tons of features which have a "slight performance impact" (especially the debugging features that are needed for stuff like powertop). Doesn't that sum up to a huge performance impact by now? Has anyone ever looked at our config and made a list of everything with a "slight" impact? That said, I am generally in favor of protection from kernel exploits - there is no privilege separation in Linux kernel space at all. Once you can execute code there, you can do anything.
Am 03.05.2011 10:52, schrieb Thomas Bächler:
Am 03.05.2011 07:26, schrieb Tobias Powalowski:
https://bugs.archlinux.org/task/24043
Hi shall we enable it too? Thanks for your opinion. greetings tpowa
I am a bit concerned about the "slight performance impact" on x86_64. By now, we have enabled tons of features which have a "slight performance impact" (especially the debugging features that are needed for stuff like powertop). Doesn't that sum up to a huge performance impact by now? Has anyone ever looked at our config and made a list of everything with a "slight" impact?
According to my last comment on the bug report, the statement about the "performance impact" is not part of the kernel help pages.
On Tue, May 3, 2011 at 11:02 AM, Thomas Bächler <thomas@archlinux.org> wrote:
Am 03.05.2011 10:52, schrieb Thomas Bächler:
Am 03.05.2011 07:26, schrieb Tobias Powalowski:
https://bugs.archlinux.org/task/24043
Hi shall we enable it too? Thanks for your opinion. greetings tpowa
I am a bit concerned about the "slight performance impact" on x86_64. By now, we have enabled tons of features which have a "slight performance impact" (especially the debugging features that are needed for stuff like powertop). Doesn't that sum up to a huge performance impact by now? Has anyone ever looked at our config and made a list of everything with a "slight" impact?
According to my last comment on the bug report, the statement about the "performance impact" is not part of the kernel help pages.
It seems to refer to a very old help text, so should hopefully not be an issue any more. -t
participants (6)
-
Allan McRae
-
Andreas Radke
-
Jan Steffens
-
Thomas Bächler
-
Tobias Powalowski
-
Tom Gundersen