Date: Fri, 21 Jan 2000 21:02:11 -0700 From: Brett Glass <brett@lariat.org> To: Alfred Perlstein <bright@wintelcom.net>, Matthew Dillon <dillon@apollo.backplane.com> Cc: Poul-Henning Kamp <phk@critter.freebsd.dk>, security@FreeBSD.ORG Subject: Re: stream.c worst-case kernel paths Message-ID: <4.2.2.20000121205951.01a58bb0@localhost> In-Reply-To: <20000121194609.A19536@fw.wintelcom.net> References: <200001212353.PAA64927@apollo.backplane.com> <7263.948497709@critter.freebsd.dk> <200001212353.PAA64927@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 08:46 PM 1/21/2000 , Alfred Perlstein wrote: >Please look at tcp_input, notice the "goto drop" and "goto >dropwithreset" jumps, they are scattered throught and after some >pretty close examination (no tests yet) I've been able to see that >we can signifigantly move the tcp checksum farther into the path. One of the first things the routine does is look for a socket that matches the TCP header. This relies on the port numbers and control bits, which are covered by the checksum. This is the hard limit on how long you can defer the checksum. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.2.20000121205951.01a58bb0>