lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20120908030311.GM17289@tassilo.jf.intel.com>
Date:	Fri, 7 Sep 2012 20:03:11 -0700
From:	Andi Kleen <ak@...ux.intel.com>
To:	George Bakos <gbakos@...inista.org>
Cc:	Jay Schulist <jschlst@...ba.org>, netdev@...r.kernel.org
Subject: Re: [tcpdump-workers] Modular arithmetic

On Fri, Sep 07, 2012 at 07:49:10AM +0000, George Bakos wrote:
> Gents,
> Any fundamental reason why the following (, etc.) shouldn't be
> included in net/core/filter.c?
> 
>                 case BPF_S_ALU_MOD_X:
>                         if (X == 0)
>                                 return 0;
>                         A %= X;
>                         continue;

Copying netdev.

In principle no reason against it, but you may need to update
the various BPF JITs too that Linux now has too.

-Andi

> 
> Cheers,
> g
> 
> On Thu, 6 Sep 2012 01:02:32 -0700
> Guy Harris <guy@...m.mit.edu> wrote:
> 
> > 
> > On Sep 6, 2012, at 12:36 AM, George Bakos wrote:
> > 
> > > $  tcpdump -nvr /tmp/DG2-test2 '(ip[2:2] - 20) % 5 != 0 && ip[6] &
> > > 0x20 = 0x20' 
> > > 
> > > reading from file /tmp/DG2-test2, link-type EN10MB (Ethernet)
> > > 19:01:51.270202 IP (tos 0x0, ttl 64, id 1, offset 40, flags [+],
> > > proto ICMP (1), length 61) 192.168.11.5 > 192.168.11.46: ip-proto-1
> > > 
> > > (000) ldh      [12]
> > > (001) jeq      #0x800           jt 2	jf 10
> > > (002) ldh      [16]
> > > (003) sub      #20
> > > (004) mod      #5
> > > (005) jeq      #0x0             jt 10	jf 6
> > 
> > OK, so you presumably added a BPF_MOD instruction to the BPF interpreter as part of your changes, right?  There's none in libpcap's bpf_filter.c nor in a fairly recent FreeBSD kernel's bpf_filter.c nor in Linux 3.0.4's net/core/filter.c, so that code won't work with at least those interpreters.
> > 
> > _______________________________________________
> > tcpdump-workers mailing list
> > tcpdump-workers@...ts.tcpdump.org
> > https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
> 
> 
> -- 

-- 
ak@...ux.intel.com -- Speaking for myself only
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ