tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: BPF_MISC+BPF_COP and BPF_COPX



I think it's slightly unfair to propose a new extension for BPF
without any in-tree users.

Is this going to be some external commercial coprocessor?



-adrian


On 4 August 2013 12:55, Mindaugas Rasiukevicius <rmind%netbsd.org@localhost> 
wrote:
> Rui Paulo <rpaulo%felyko.com@localhost> wrote:
>> >
>> > Comments?
>>
>>
>> Why do you need this in the first place?
>
> It provides us a capability to offload more complex packet processing.
> My primary user would be NPF in NetBSD, e.g. one of the operations is to
> lookup an IP address in a table/ipset.
>
>> Are you sure this is a safe design? Adding this functionality to BPF
>> makes me a little nervous as an error in the implementation leads to
>> kernel code execution (I could be able to call random kernel functions).
>
> This is functionality is for a custom use of BPF.  There would be no
> coprocessor by default and the instruction would essentially be a NOP.
> Perhaps I was not clear on bpf_set_cop(9) - it is a kernel routine, so
> the user would be a kernel subsystem which has a full control over the
> functions it provides.  The functions are predetermined, not random.
>
> --
> Mindaugas
> _______________________________________________
> freebsd-net%freebsd.org@localhost mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to 
> "freebsd-net-unsubscribe%freebsd.org@localhost"


Home | Main Index | Thread Index | Old Index