| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 10 Jan 2010 22:45:04 -0800 (PST) From: David Miller <davem@...emloft.net> To: romieu@...zoreil.com Cc: ben@...adent.org.uk, eric.dumazet@...il.com, nhorman@...driver.com, netdev@...r.kernel.org Subject: Re: [PATCH RFC] r8169: straighten out overlength frame detection (v3) From: Francois Romieu <romieu@...zoreil.com> Date: Mon, 11 Jan 2010 00:50:17 +0100 > Iff the FirstFrag and LastFrag bits can not be set on these packets, > it should be enough to (1) do the fragmented_frame test sooner and > return the descriptor to the chipset. Otherwise we can (2) take a > complete reset on the first suspect packet (whose pattern is more > specific) to stop the challenger here. > > FWIW, a netratelimited printk of the source mac address may help too. > > I am biased in favor of (2) as: > - it will not inhibit multi-desc packets > - the challenger is supposed to be in the LAN and can already hurt > quite a lot anyway > > Comments ? In my opinion if you reset, you give them more power. Instead of just dropping the next few frames, you allow them to cause a drop of how ever many RX frames can arrive during the reset period _PLUS_ the amount of other RX frames which were in the receive ring at the point of detection. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists