Home page logo
/

wireshark logo Wireshark mailing list archives

Re: Enabling linux kernel jit compiler from dumpcap?
From: Jakub Zawadzki <darkjames-ws () darkjames pl>
Date: Sat, 24 Aug 2013 00:16:02 +0200

On Thu, Aug 22, 2013 at 08:45:06PM +0200, Jakub Zawadzki wrote:
On Thu, Aug 22, 2013 at 09:16:04AM -0700, Guy Harris wrote:

On Aug 22, 2013, at 4:46 AM, Anders Broman <anders.broman () ericsson com> wrote:

Should we add code to enable the JIT compiler from dumpcap?

Should I add code to enable the JIT compiler to libpcap while I'm at it?

Should the Linux kernel folks enable it by default?

I'm inclined to answer "yes" to all three questions.  I think the FreeBSD JIT compiler is enabled by default. 
I'm surprised that the Linux one isn't.

Security issue: http://mainisusuallyafunction.blogspot.com/2012/11/attacking-hardened-linux-systems-with.html

Also it's not perfect like BPF VM, check: https://lkml.org/lkml/2012/3/30/384a

Don't know if such instruction can happen in BPF filter generated by libpcap (Guy?).

If yes we should not enable in on kernels before it was fixed.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault