[PATCH v7] ARM: net: JIT compiler for packet filters
Mircea Gherzan
mgherzan at gmail.com
Thu Mar 15 03:23:43 EDT 2012
Am 13.02.2012 17:02, schrieb Russell King - ARM Linux:
> On Mon, Feb 13, 2012 at 04:36:29PM +0100, Mircea Gherzan wrote:
>> Gentle ping. This patch has been in the tracking system for over a
>> month. Is there any reason not to apply it in arm/for-next?
>
> Yes. It needs quite a review to make sure that there's absolutely no
> possibility for userspace to be able to generate malicious ARM code
> and then have it executed. Or put it another way: security paranoia.
Are there any specific security aspects you're thinking of? Leaks to
userspace, divisions by zero and invalid packet offsets are already
taken care of.
> I'm afraid that I've not been able to look at it at all yet, and I
> haven't seen anyone looking at the code from that aspect.
Thanks,
Mircea
More information about the linux-arm-kernel
mailing list