On 29/12/16 07:27, David Holland wrote: > On Wed, Dec 28, 2016 at 07:32:05PM +0000, Taylor R Campbell wrote: > > It's true that moving the kauth call expanded the attack surface a > > little bit. Now we have to worry about: > > When I saw the original commit I wondered it if it was an information > leak. Maybe it's not, but that's certainly a fourth consideration.
You can get the information from other ways, modstat works fine on mips. Whether this is in itself a bug is a separate issue. However, it's a royal PITA to use just to work out if a module is loaded. Considering that the NPF logic is thus: 1) Load BPFJIT Module 2) If error != EEXIST warn that NPF performance will be impacted because it cannot load BPFJIT Moving to a more modular world (which based on PaulG's work we are) then adding an extra step to check existence prior to loading is more complexity per module loading code. Simply checking for EPERM won't fly either because that error can be returned and the module is not loaded. Now, from an IRC discussion it was also pointed out that my target platform (ERLITE) does not support loading modules. My retort is that this makes it even more important to fix the warning NPF generates because we have to compile it into the kernel directly to eliminate the warning. But without my patch this fails and confuddles the end user. This echos the human/computer interaction argument Taylor made earlier. Roy