[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: BPF_MISC+BPF_COP and BPF_COPX
I think it's slightly unfair to propose a new extension for BPF
without any in-tree users.
Is this going to be some external commercial coprocessor?
On 4 August 2013 12:55, Mindaugas Rasiukevicius <rmind%netbsd.org@localhost>
> Rui Paulo <rpaulo%felyko.com@localhost> wrote:
>> > Comments?
>> Why do you need this in the first place?
> It provides us a capability to offload more complex packet processing.
> My primary user would be NPF in NetBSD, e.g. one of the operations is to
> lookup an IP address in a table/ipset.
>> Are you sure this is a safe design? Adding this functionality to BPF
>> makes me a little nervous as an error in the implementation leads to
>> kernel code execution (I could be able to call random kernel functions).
> This is functionality is for a custom use of BPF. There would be no
> coprocessor by default and the instruction would essentially be a NOP.
> Perhaps I was not clear on bpf_set_cop(9) - it is a kernel routine, so
> the user would be a kernel subsystem which has a full control over the
> functions it provides. The functions are predetermined, not random.
> freebsd-net%freebsd.org@localhost mailing list
> To unsubscribe, send any mail to
Main Index |
Thread Index |