lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20090430182339.GA16896@cuplxvomd02.corp.sa.net>
Date:	Thu, 30 Apr 2009 11:23:39 -0700
From:	David VomLehn <dvomlehn@...co.com>
To:	David Miller <davem@...emloft.net>
Cc:	netdev@...r.kernel.org
Subject: Re: [Patch 1/1][RFC] NETDEV: Find network bugs by validating the
	sk_buff state

On Thu, Apr 30, 2009 at 11:05:49AM -0700, David Miller wrote:
> From: David VomLehn <dvomlehn@...co.com>
> Date: Thu, 30 Apr 2009 10:59:13 -0700
> 
> > Your description is general enough that I may misunderstand your idea,
> > but it sounds like, if debugging was on, you'd be recording every call to
> > alloc_skb and kfree_skb in your table. This would use a lot of memory.
> > You can't simply have a circular list, because an sk_buff might be allocated
> > for a very long time before being used and you would overwrite its entry.
> > This would reduce the reliability of the information, which is the last thing
> > you want in a debugging tool. So, I'm considering approaches without this
> > drawback.
> 
> A developer trying to diagnose something is explicitly turning
> this on then trying to reproduce.  Since it's only on when wanted
> we can either 1) make it really large or 2) allow the sysctl itself
> to specify the table size.

There are two risks:
1.	You allocate so much memory that you perturb the behavior of the
	system and the bug you are looking for doesn't occur.
2.	You lose the data you are looking for, which is almost guaranteed to
	be something that is difficult to reproduce.

An approach that can avoid these from the start seems better. Right now, I
think such approaches exist.

David VomLehn
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ