From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [PATCH 1/2] linux: Disable io_uring Date: Sat, 14 Oct 2023 12:40:57 +0100 Message-ID: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5066634790900949986==" List-Id: --===============5066634790900949986== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello Peter, > On 13 Oct 2023, at 10:03, Peter M=C3=BCller wr= ote: >=20 > This subsystem has been a frequent source of security vulnerabilities > affecting the Linux kernel; as a result, Google announced on June 14, > 2023, that they would disable it in their environment as widely as > possible. >=20 > IPFire does not depend on the availability of io_uring. Therefore, > disable this subsystem as well in order to preemptively cut attack > surface. Do we not? I do not see how this would affect IPFire. > See also: https://security.googleblog.com/2023/06/learnings-from-kctf-vrps-= 42-linux.html "While io_uring brings performance benefits, and promptly reacts to security = issues with comprehensive security fixes (like backporting the 5.15 version t= o the 5.10 stable tree), it is a fairly new part of the kernel. As such, io_u= ring continues to be actively developed, but it is still affected by severe v= ulnerabilities and also provides strong exploitation primitives. For these re= asons, we currently consider it safe only for use by trusted components.=E2= =80=9D We technically only run =E2=80=9Ctrusted components=E2=80=9D. I could not fin= d any means how these issues can be exploited remotely. Do you have any repor= ts/vulnerabilities that I have missed? >=20 > Signed-off-by: Peter M=C3=BCller > --- > config/kernel/kernel.config.aarch64-ipfire | 3 +-- > config/kernel/kernel.config.x86_64-ipfire | 3 +-- > 2 files changed, 2 insertions(+), 4 deletions(-) >=20 > diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/ker= nel.config.aarch64-ipfire > index 96944c3d5..0d7c1ba8a 100644 > --- a/config/kernel/kernel.config.aarch64-ipfire > +++ b/config/kernel/kernel.config.aarch64-ipfire > @@ -229,7 +229,7 @@ CONFIG_TIMERFD=3Dy > CONFIG_EVENTFD=3Dy > CONFIG_SHMEM=3Dy > CONFIG_AIO=3Dy > -CONFIG_IO_URING=3Dy > +# CONFIG_IO_URING is not set > CONFIG_ADVISE_SYSCALLS=3Dy > CONFIG_MEMBARRIER=3Dy > CONFIG_KALLSYMS=3Dy > @@ -7824,7 +7824,6 @@ CONFIG_NLS_MAC_TURKISH=3Dm > CONFIG_NLS_UTF8=3Dm > # CONFIG_DLM is not set > # CONFIG_UNICODE is not set > -CONFIG_IO_WQ=3Dy > # end of File systems >=20 > # > diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kern= el.config.x86_64-ipfire > index 129e0d209..48fdbd8ff 100644 > --- a/config/kernel/kernel.config.x86_64-ipfire > +++ b/config/kernel/kernel.config.x86_64-ipfire > @@ -249,7 +249,7 @@ CONFIG_TIMERFD=3Dy > CONFIG_EVENTFD=3Dy > CONFIG_SHMEM=3Dy > CONFIG_AIO=3Dy > -CONFIG_IO_URING=3Dy > +# CONFIG_IO_URING is not set > CONFIG_ADVISE_SYSCALLS=3Dy > CONFIG_MEMBARRIER=3Dy > CONFIG_KALLSYMS=3Dy > @@ -7047,7 +7047,6 @@ CONFIG_DLM=3Dm > # CONFIG_DLM_DEPRECATED_API is not set > # CONFIG_DLM_DEBUG is not set > # CONFIG_UNICODE is not set > -CONFIG_IO_WQ=3Dy > # end of File systems >=20 > # This patch is missing the change for the RISC-V kernel configuration. -Michael > --=20 > 2.35.3 --===============5066634790900949986==--