On Thu, Mar 25, 2021 at 03:40:15PM -0600, Theo de Raadt wrote: > Stuart Henderson <s...@spacehopper.org> wrote: > > > > Not having read the code, case in point on principle, I'm arguing that > > > there should be solid reasoning to enable it by default, as those with a > > > need for it can certainly enable it and build a kernel. > > > > It's not that simple, using a custom kernel means you can't use syspatches > > so are more likely to stay on a vulnerable version if a kernel bug is fixed. > > I am perfectly happy if Balder is running a custom kernel.
I am also happy if your kernel finds good use for the compression and deflation code, perhaps fiddling with microcode can be of use to make sure there is no instruction or data prefetch involved. Many interesting points about the immediate consequences for the code, perhapts its re-used and touching too many things?
