Re: Overflow bugs in m_get &c.

To: tech-net%netbsd.org@localhost
Subject: Re: Overflow bugs in m_get &c.
From: mlelstv%serpens.de@localhost (Michael van Elst)
Date: Sat, 16 Jul 2022 20:33:38 -0000 (UTC)

riastradh%NetBSD.org@localhost (Taylor R Campbell) writes:

>3. If N > MLEN or MHLEN, the driver conditionally calls m_clget/MCLGET
>   to expand the space to MCLBYTES (typically 2048 but sometimes 1024
>   or 4096).

1024 would be strange, as most of the world asssumes that a cluster
can store an Ethernet packet of ~1500 bytes plus headers.

>  . If alignbytes + nbytes > MCLBYTES, extends m with MEXTMALLOC.

Traditionally mbufs exist, because they can be allocated and freed
in the network interrupt and don't fragment memory. That's true for
regular mbufs and clusters, but not for extended allocations.

Lots of limitations are implied, like "buffer is big enough for
everything" and "buffers are sufficiently aligned", without checking
these details for every operatioon. The code was created in a time
when every cycle counted.

If you keep that distinction but try to hide it, I would guess this
mostly adds overhead without making the code safer.

Follow-Ups:
- Re: Overflow bugs in m_get &c.
  - From: Taylor R Campbell

References:
- Overflow bugs in m_get &c.
  - From: Taylor R Campbell

Prev by Date: Overflow bugs in m_get &c.
Next by Date: Re: Overflow bugs in m_get &c.
Previous by Thread: Overflow bugs in m_get &c.
Next by Thread: Re: Overflow bugs in m_get &c.
Indexes:

Home | Main Index | Thread Index | Old Index