On Thu, Nov 07, 2013 at 10:46:37AM -0200, Henrique de Moraes Holschuh wrote: > Package: linux > Severity: normal > Tags: security > > Please refer to: > https://lkml.org/lkml/2013/11/5/448 > https://lkml.org/lkml/2013/11/6/633 > > The issue is not yet closed in LKML, but basically OABI_COMPAT enabled seems > to be a danger: at least seccomp and audit should not be used with OABI, and > to top it off it is not "free" as far as performance goes, either: a fair > amount of added complexity, and an extra D-cache miss on every syscall.
AUDITSYSCALL cannot be enabled if OABI_COMPAT is enabled. I wasn't aware of the problem with seccomp mode 2 but I agree it's serious. I doubt there's any significant demand for OABI_COMPAT and I already disabled it for some of the size-constrained armel flavours. I'll wait for input from the ARM porters, but I think it would be reasonable to disable it for the rest. Ben. -- Ben Hutchings It is easier to change the specification to fit the program than vice versa. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
