On Tue, 7 Jan 2003, Nate Lawson wrote:
> On Tue, 7 Jan 2003, Bosko Milekic wrote:
[...]
> > An "attacker" might as well just
> > rely on temperature to guess at how to interpret what he/she's seeing
> > in those few bytes. The data in our case is probably DMA'd straight
> > out of the mb
On Tue, 7 Jan 2003, Bosko Milekic wrote:
> On Tue, Jan 07, 2003 at 02:15:02PM -0800, Nate Lawson wrote:
> > The short of it is that if a tx packet is < 64 bytes (min ethernet frame
> > len), data can be leaked if the driver transmits 64 bytes. It seems our
> > use of mbufs would prevent leakage bu
Doug,
| >I've run into this bug since about 4.6-stable of some time. I use netgraph
| >to connect to a tap device in vmnet mode since in vmnet mode it is
| >persistan. In tap mode if comes and goes depending on whether or not I
| >have the device open. Anyways I couldn't get data to come in th
On Tue, Jan 07, 2003 at 02:15:02PM -0800, Nate Lawson wrote:
> The short of it is that if a tx packet is < 64 bytes (min ethernet frame
> len), data can be leaked if the driver transmits 64 bytes. It seems our
> use of mbufs would prevent leakage but I haven't examined any drivers to
> verify thi
Might FreeBSD suffer from this issue?
Do all our drivers pad packets with zero octets properly?
http://www.kb.cert.org/vuls/id/412115
http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT
Doug,
I've run into this bug since about 4.6-stable of some time. I use netgraph
to connect to a tap device in vmnet mode since in vmnet mode it is
persistan. In tap mode if comes and goes depending on whether or not I
have the device open. Anyways I couldn't get data to come in the vmnet
node
The short of it is that if a tx packet is < 64 bytes (min ethernet frame
len), data can be leaked if the driver transmits 64 bytes. It seems our
use of mbufs would prevent leakage but I haven't examined any drivers to
verify this.
http://www.atstake.com/research/advisories/2003/atstake_etherleak_
In message: <[EMAIL PROTECTED]>
Andrew Gallatin <[EMAIL PROTECTED]> writes:
:
: M. Warner Losh writes:
: > In message: <[EMAIL PROTECTED]>
: > Andrew Gallatin <[EMAIL PROTECTED]> writes:
: > : The IFNET_RLOCK() called in if_slowtimo() is a global lock for the
: > : list
I've run into this bug since about 4.6-stable of some time. I use netgraph
to connect to a tap device in vmnet mode since in vmnet mode it is
persistan. In tap mode if comes and goes depending on whether or not I
have the device open. Anyways I couldn't get data to come in the vmnet
node through
M. Warner Losh writes:
> In message: <[EMAIL PROTECTED]>
> Andrew Gallatin <[EMAIL PROTECTED]> writes:
> : The IFNET_RLOCK() called in if_slowtimo() is a global lock for the
> : list of ifnet structs to ensure that no devices are removed or added
> : while something may be using i
User route add default x.x.x.x -ifp iface
On Sun, 5 Jan 2003, Lars Eggert wrote:
> On 1/5/2003 1:26 PM, randall ehren wrote:
> >
> > how can i assign the default gateway to use fxp0 instead?
>
> route delete default
> route add default A.B.C.D
>
> As described in the man page.
>
> Lars
> --
>
In message: <[EMAIL PROTECTED]>
Andrew Gallatin <[EMAIL PROTECTED]> writes:
: The IFNET_RLOCK() called in if_slowtimo() is a global lock for the
: list of ifnet structs to ensure that no devices are removed or added
: while something may be using it. There is one ifnet list in the syst
I'm trying to get mpd running beside ipfilter within the same box but
i'm getting strange behavior.
I've got ipfilter to:
pass (in|out) tcp/1723 and gre protocol on the outside interface
pass (in|out) all on ng*
and other rules that let pass something and block with log the rest.
When i try to ist
M. Warner Losh writes:
<..>
> However in if_slowtimo we have:
>
> if_slowtimo(arg)
> {
> ... IFNET_RLOCK();
> ... if (ifp->if_watchdog)
> (*ifp->if_watchdog)(ifp);
> ... IFNET_RUNLOCK();
> }
>
> and dc_watchdog does a DC_LOCK/UNLOCK pair). This is a Lo
I was right (and I think you are too). We do have lock issues.
dc_attach does approximately:
DC_LOCK
ether_attach() (which does a IFNET_WLOCK/UNLOCK pair)
DC_UNLOCK
(this sets the lock order to be DC_LOCK, IFNET_WLOCK).
However in if_slowtimo we have:
if_slowtimo(arg)
{
... IFNET_RLOCK()
In message: <[EMAIL PROTECTED]>
Terry Lambert <[EMAIL PROTECTED]> writes:
: "M. Warner Losh" wrote:
: > In message: <[EMAIL PROTECTED]>
: > Nate Lawson <[EMAIL PROTECTED]> writes:
: > : I was looking into some "could sleep messages" and found some bogus
: > : locking in the
"M. Warner Losh" wrote:
> In message: <[EMAIL PROTECTED]>
> Nate Lawson <[EMAIL PROTECTED]> writes:
> : I was looking into some "could sleep messages" and found some bogus
> : locking in the attach routine of many drivers. Several init a mtx in
> : their softc and then lock/unlock it i
17 matches
Mail list logo
