All redhat kernels contain the patch given below which disables
lcall7/lcall27. Why? I've heared from some people that these calls are
insecure or something like that. But what is the real problem with it?
Why mainstream kernel still keeps these calls then?
Kirill
diff -urNp linux-1130/arch/i386/kernel/traps.c
linux-10000/arch/i386/kernel/traps.c
--- linux-1130/arch/i386/kernel/traps.c
+++ linux-10000/arch/i386/kernel/traps.c
@@ -1021,9 +1021,10 @@ void __init trap_init(void)
* default LDT is a single-entry callgate to lcall7 for iBCS
* and a callgate to lcall27 for Solaris/x86 binaries
*/
+#if 0
set_call_gate(&default_ldt[0],lcall7);
set_call_gate(&default_ldt[4],lcall27);
-
+#endif
/*
* Should be a barrier for any external CPU state.
*/