On Thu, Mar 25, 2021 at 08:46:10PM -0600, Theo de Raadt wrote: > Balder Oddson <ola...@gmail.com> wrote: > > > On Thu, Mar 25, 2021 at 03:40:15PM -0600, Theo de Raadt wrote: > > > Stuart Henderson <s...@spacehopper.org> wrote: > > > > > > > > Not having read the code, case in point on principle, I'm arguing that > > > > > there should be solid reasoning to enable it by default, as those > > > > > with a > > > > > need for it can certainly enable it and build a kernel. > > > > > > > > It's not that simple, using a custom kernel means you can't use > > > > syspatches > > > > so are more likely to stay on a vulnerable version if a kernel bug is > > > > fixed. > > > > > > I am perfectly happy if Balder is running a custom kernel. > > > > I am also happy if your kernel finds good use for the compression and > > deflation code, perhaps fiddling with microcode can be of use to make > > sure there is no instruction or data prefetch involved. > > > > Many interesting points about the immediate consequences for the code, > > perhapts its re-used and touching too many things? > > To summarize for the public, Balder is insinuating that the PPP > (historical CSLIP) compression code might be a security risk; apparently > to bolster his case that we should remove it from the kernel because it > (maybe) harms his strange usage case.
So I had a weird experience at the release of 6.8. Went to the BSD blog reporting on Nannis hackathon report. Found that one of the pages were blocked by pf-badhost. When I rebooted, a loud "pop" sound occured before the bootloader and the machine powered off (t430s). This made me curious because I actually had newer firmware with a fix for the EC firmware, wondering if something had tried to place itself there. > Your proposed change will go nowhere, and increasing rhetoric is not > helping the case. > > Balder, please got shove a fork or spoon into your eye and leave us > alone. Furthermore if perforate both eyes, you won't need to see the > code again!!! This is not an experience where I can complain that machines crash in specific racks everytime they turn aggregates for the cooling system on and off, and whether someone can measure the power and look for sharp spikes in the current propagating backwards where no UPS or protection against it is in place. Not sure if all good choices can be found in the code.
