In message <Pine.BSF.4.10.9909241652530.35644-100000at_private>, Adrian Pe nisoara writes: > Hi, > > On Tue, 21 Sep 1999, Charles M. Hannum wrote: > > > [Resending once, since it's been 10.5 days...] > > > > Here's an interesting denial-of-service attack against FreeBSD >=3.0 > > systems. It abuses a flaw in the `new' FreeBSD vfs_cache.c; it has no > > way to purge entries unless the `vnode' (e.g. the file) they point to > > is removed from memory -- which generally doesn't happen unless a > > certain magic number of `vnodes' is in use, and never happens when the > > `vnode' (i.e. file) is open. Thus it's possible to chew up an > > arbitrary amount of wired kernel memory relatively simply. > > > > Seems to be fixed in CVS version 1.38.2.3 of vfs_cache.c for RELENG_3 > branch (meaning 3.3-STABLE) -- could you please check again ? > > Commit log: > > Limit aliases to a vnode in the namecache to a sysctl tunable > 'vfs.cache.maxaliases'. This protects against a DoS via thousands of > hardlinks to a file wiring down all kernel memory. In other words this has been fixed in 3.3-RELEASE. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Open Systems Group Internet: Cy.Schubertat_private ITSD Cy.Schubertat_private Province of BC "e**(i*pi)+1=0"
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:05:02 PDT