tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Overflow bugs in m_get &c.

> Date: Sat, 16 Jul 2022 21:34:21 -0000 (UTC)
> From: (Michael van Elst)
> (Taylor R Campbell) writes:
> >What's your alternative proposal to systematically and confidently
> >eliminate this class of bugs exposing vulnerabilities to the network?
> I'd start by removing all the open-coded mbuf code or the special
> handling of m_pkghdr, and to provide proper rules on what sizes and
> alignments are required in the different parts of the stack.
> As a result, we could probably simplify the zoo of mbuf operations.
> I'd also would make visible only one type of mbufs, no clusters, no
> external memory, except for attaching mbufs to bus_dma memory.
> All this will surely not be something that can automatically applied
> to the tree, and I wouldn't rush it out before a release.

I agree that sounds considerably more ambitious.

What I'm proposing is introducing new functions that don't _require_
any rototill but instead _enable_ incrementally pulling up fixes to
eliminate a class of bugs and reduce copypasta across drivers -- and
getting this in before the branch will make that easier.

Home | Main Index | Thread Index | Old Index