From: Ben Greear <greearb@candelatech.com>
To: Jeff Garzik <garzik@havoc.gtf.org>
Cc: "David S. Miller" <davem@redhat.com>,
jd@epcnet.de, linux-kernel@vger.kernel.org
Subject: Re: AW: Re: AW: Re: VLAN and Network Drivers 2.4.x
Date: Wed, 24 Apr 2002 11:04:47 -0700 [thread overview]
Message-ID: <3CC6F3BF.8050504@candelatech.com> (raw)
In-Reply-To: <20020424.093515.82125943.davem@redhat.com> <721506265.avixxmail@nexxnet.epcnet.de> <20020424.095951.43413800.davem@redhat.com> <3CC6EBF1.9060902@candelatech.com> <20020424134933.A17852@havoc.gtf.org>
Jeff Garzik wrote:
> On Wed, Apr 24, 2002 at 10:31:29AM -0700, Ben Greear wrote:
>
>>Also, is there any good reason that we can't get at least a compile
>>time change into some of the drivers like tulip where we know we can
>>get at least MOST of the cards supported with a small change?
>>
>
> The tulip patch is butt-ugly - the oversized allocation isn't needed,
> and it just flat-out turns off large packet protection. That's really
> not what you want to do, even for the best tulip cards. If an oversized
> gram (non-VLAN) makes it into a network which such a patched tulip
> driver, you can DoS. So, I view the current tulip patch as unacceptable
> too -- for security reasons, we should not even take it as a compile
> time patch. (and I recommend against using that patch on production
> machines, for the same security reasons)
I can DOS a tulip card with very small packets too ;)
The oversized allocations can be removed from the patch since they
are not needed.
> The proper tulip patch does not need to change packet allocation size
> at all (it's already plenty big enough), and it needs to copy the RX
> fragment handling code from 8139cp (which is admittedly ugly, slow path)
> or write fresh fragment handling code. Along with that fragment
> handling code comes a safe way to do VLAN, and non-standard large MTUs
> in general.
In the general case, where the packets are only 1518 (ie no DoS or mis-configured
hardware is in effect), is there a need for the "ugly, slow path" code to run?
--
Ben Greear <greearb@candelatech.com> <Ben_Greear AT excite.com>
President of Candela Technologies Inc http://www.candelatech.com
ScryMUD: http://scry.wanfear.com http://scry.wanfear.com/~greear
next prev parent reply other threads:[~2002-04-24 18:04 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-04-24 15:09 VLAN and Network Drivers 2.4.x jd
2002-04-24 13:04 ` David S. Miller
2002-04-24 16:23 ` AW: " jd
2002-04-24 16:35 ` David S. Miller
2002-04-24 17:03 ` AW: " jd
2002-04-24 16:59 ` David S. Miller
2002-04-24 17:31 ` Ben Greear
2002-04-24 17:25 ` David S. Miller
2002-04-24 17:58 ` Ben Greear
2002-04-24 17:56 ` David S. Miller
2002-04-24 19:43 ` Ben Greear
2002-04-24 22:23 ` AW: " jd
2002-04-24 17:49 ` Jeff Garzik
2002-04-24 18:04 ` Ben Greear [this message]
2002-04-24 18:10 ` Jeff Garzik
2002-04-24 18:07 ` Matti Aarnio
2002-04-24 18:13 ` Jeff Garzik
2002-04-24 17:42 ` AW: " jd
2002-04-24 17:40 ` David S. Miller
2002-04-24 22:28 ` AW: " jd
2002-04-24 22:21 ` David S. Miller
2002-04-25 4:26 ` AW: Re: AW: Re: AW: Re: AW: Re: AW: Re: AW: Re: AW: [was: VLAN and Network Drivers 2.4.x] Dax Kelson
[not found] ` <200204242141.02957.bodnar42@phalynx.dhs.org>
2002-04-25 4:43 ` Ryan Cumming
2002-04-25 10:19 ` Matthias Andree
2002-04-25 13:45 ` AW: Re: AW: Re: AW: Re: AW: Re: AW: Re: VLAN and Network Drivers 2.4.x jd
2002-04-26 0:46 ` David S. Miller
2002-04-27 20:34 ` jd
2002-04-28 2:43 ` David S. Miller
2002-04-28 20:28 ` jd
2002-04-29 3:49 ` David S. Miller
2002-04-29 5:20 ` How to enable printk Wanghong Yuan
2002-04-28 6:33 ` Uilton Dutra
2002-04-29 6:33 ` Itai Nahshon
2002-04-29 6:52 ` Chris Wright
2002-04-29 11:37 ` David Woodhouse
2002-04-30 17:12 ` Denis Vlasenko
2002-04-30 12:55 ` David Woodhouse
2002-04-30 18:03 ` Denis Vlasenko
2002-04-30 13:14 ` David Woodhouse
2002-04-29 22:15 ` Accurately measure CPU cycles used by a program? thanks Wanghong Yuan
2002-04-29 22:22 ` J.A. Magallon
2002-04-30 16:30 ` Zach Brown
2002-05-10 23:49 ` Corey Minyard
2002-04-30 22:15 ` what replaces tq_scheduler in 2.4 Wanghong Yuan
2002-04-30 22:31 ` Andrew Morton
2002-05-02 15:44 ` Ingo Oeser
2002-05-03 0:13 ` Wanghong Yuan
2002-05-03 18:04 ` Andrew Morton
2002-05-01 6:41 ` suspend a thread in LKM Wanghong Yuan
2002-04-29 9:06 ` VLAN and Network Drivers 2.4.x jd
2002-04-25 10:20 ` Matthias Andree
2002-04-24 16:39 ` AW: " Pasi Kärkkäinen
2002-04-24 16:18 ` Ben Greear
2002-04-24 16:46 ` AW: " jd
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3CC6F3BF.8050504@candelatech.com \
--to=greearb@candelatech.com \
--cc=davem@redhat.com \
--cc=garzik@havoc.gtf.org \
--cc=jd@epcnet.de \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox