lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sun, 10 Jan 2010 22:45:04 -0800 (PST)
From:	David Miller <davem@...emloft.net>
To:	romieu@...zoreil.com
Cc:	ben@...adent.org.uk, eric.dumazet@...il.com, nhorman@...driver.com,
	netdev@...r.kernel.org
Subject: Re: [PATCH RFC] r8169: straighten out overlength frame detection
 (v3)

From: Francois Romieu <romieu@...zoreil.com>
Date: Mon, 11 Jan 2010 00:50:17 +0100

> Iff the FirstFrag and LastFrag bits can not be set on these packets,
> it should be enough to (1) do the fragmented_frame test sooner and
> return the descriptor to the chipset. Otherwise we can (2) take a
> complete reset on the first suspect packet (whose pattern is more
> specific) to stop the challenger here.
> 
> FWIW, a netratelimited printk of the source mac address may help too.
> 
> I am biased in favor of (2) as:
> - it will not inhibit multi-desc packets
> - the challenger is supposed to be in the LAN and can already hurt
>   quite a lot anyway
> 
> Comments ?

In my opinion if you reset, you give them more power.

Instead of just dropping the next few frames, you allow them
to cause a drop of how ever many RX frames can arrive during
the reset period _PLUS_ the amount of other RX frames which
were in the receive ring at the point of detection.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists