On Tue, 20 Sep 2016 09:45:28 -0700
Alexei Starovoitov <alexei.starovoi...@gmail.com> wrote:
> To your other question:
> > Please explain why a eBPF program error (div by zero) must be a silent
> > drop?
> because 'div by zero' is an abnormal situation that shouldn't be exploited.
> Meaning if xdp program is doing DoS prevention and it has a bug that
> attacker can now exploit by sending a crafted packet that causes
> 'div by zero' and kernel will warn then attack got successful.
> Therefore it has to be silent drop.
Understood and documented:
Our current solution is not very optimal, it only result in onetime
WARN_ONCE() see bpf_warn_invalid_xdp_action(). But is should not be
affected by the DoS attack scenario you described.
Jesper Dangaard Brouer
MSc.CS, Principal Kernel Engineer at Red Hat
Author of http://www.iptv-analyzer.org