tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [patch] bug fix & TCP networking performance improvements

[kauth in inet6] said:
> I am not sure what the engineer who added this hunk meant when he
> added the comment "I am not going to try and really fix this" above
> that hunk of code

This code is clearly - hmm - unfinished. The new check
is just inserted after the old suser check, so it can't do
anything for you if the suser check already failed. Also,
half of the commands for which the check is done are no-ops
(or EINVALs) anyway.
I'd suggest to keep the kauth stuff seperate for now; it
is unrelated anyway and it needs some care.

So I've tried the patch. When I enabled vtw on the running
system, it locked up hard immediately. Enabled it early
before going multiuser and the boot succeeded. But when
I closed an outgoing TCP connection I got a diagnostic
panic because kmem_alloc() was called in softint context.
(from tcp_input() iirc -- had to find that savecore(8)
doesn't work anymore if the running kernel is not that
which produced the crashdump)
The (e)gid changes in the netstat(1) patch don't work.
The kmem egid is given up too early and an open
of /dev/mem fails later.

best regards

Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDirig Dr. Karl Eugen Huthmacher
Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender),
Dr. Ulrich Krafft (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt,
Prof. Dr. Sebastian M. Schmidt

Besuchen Sie uns auf unserem neuen Webauftritt unter

Home | Main Index | Thread Index | Old Index