bge0: discard frame w/o packet header
Kip Macy
kip.macy at gmail.com
Thu Feb 15 21:50:18 UTC 2007
> > Either way it sounds like someone has discovered a DOS in bge.
>
> No, it just about has to be a bug -- either in the mbuf allocator, the
> driver, or the NIC hardware. M_PKTHDR is a flag in the mbuf header,
> an area that isn't touched by packet data. The driver allocates
> all of its receive mbufs with the M_PKTHDR flag set. There's no
> legitimate way for the flag to get cleared, and nothing coming in on
> the wire should be able to cause it to be cleared.
I mean a bug in if_bge.c - there are a lot of ways that this could
happen - not calling M_GETHDR, mis-calling m_pullup etc.
-Kip
More information about the freebsd-net
mailing list