From: mgherzan@gmail.com (Mircea Gherzan)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH v7] ARM: net: JIT compiler for packet filters
Date: Thu, 15 Mar 2012 08:23:43 +0100 [thread overview]
Message-ID: <4F6198FF.90801@gmail.com> (raw)
In-Reply-To: <20120213160248.GA25655@n2100.arm.linux.org.uk>
Am 13.02.2012 17:02, schrieb Russell King - ARM Linux:
> On Mon, Feb 13, 2012 at 04:36:29PM +0100, Mircea Gherzan wrote:
>> Gentle ping. This patch has been in the tracking system for over a
>> month. Is there any reason not to apply it in arm/for-next?
>
> Yes. It needs quite a review to make sure that there's absolutely no
> possibility for userspace to be able to generate malicious ARM code
> and then have it executed. Or put it another way: security paranoia.
Are there any specific security aspects you're thinking of? Leaks to
userspace, divisions by zero and invalid packet offsets are already
taken care of.
> I'm afraid that I've not been able to look at it at all yet, and I
> haven't seen anyone looking at the code from that aspect.
Thanks,
Mircea
WARNING: multiple messages have this Message-ID (diff)
From: Mircea Gherzan <mgherzan@gmail.com>
To: Russell King - ARM Linux <linux@arm.linux.org.uk>
Cc: linux-arm-kernel@lists.infradead.org, netdev@vger.kernel.org,
eric.dumazet@gmail.com, davem@davemloft.net
Subject: Re: [PATCH v7] ARM: net: JIT compiler for packet filters
Date: Thu, 15 Mar 2012 08:23:43 +0100 [thread overview]
Message-ID: <4F6198FF.90801@gmail.com> (raw)
In-Reply-To: <20120213160248.GA25655@n2100.arm.linux.org.uk>
Am 13.02.2012 17:02, schrieb Russell King - ARM Linux:
> On Mon, Feb 13, 2012 at 04:36:29PM +0100, Mircea Gherzan wrote:
>> Gentle ping. This patch has been in the tracking system for over a
>> month. Is there any reason not to apply it in arm/for-next?
>
> Yes. It needs quite a review to make sure that there's absolutely no
> possibility for userspace to be able to generate malicious ARM code
> and then have it executed. Or put it another way: security paranoia.
Are there any specific security aspects you're thinking of? Leaks to
userspace, divisions by zero and invalid packet offsets are already
taken care of.
> I'm afraid that I've not been able to look at it at all yet, and I
> haven't seen anyone looking at the code from that aspect.
Thanks,
Mircea
next prev parent reply other threads:[~2012-03-15 7:23 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-07 11:52 [PATCH v7] ARM: net: JIT compiler for packet filters Mircea Gherzan
2012-01-09 7:14 ` Eric Dumazet
2012-01-09 8:58 ` Mircea Gherzan
2012-02-13 15:36 ` Mircea Gherzan
2012-02-13 15:36 ` Mircea Gherzan
2012-02-13 16:02 ` Russell King - ARM Linux
2012-02-13 16:02 ` Russell King - ARM Linux
2012-03-15 7:23 ` Mircea Gherzan [this message]
2012-03-15 7:23 ` Mircea Gherzan
2012-03-15 11:41 ` Russell King - ARM Linux
2012-03-16 7:53 ` Mircea Gherzan
2012-03-16 7:53 ` Mircea Gherzan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4F6198FF.90801@gmail.com \
--to=mgherzan@gmail.com \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.