VIA/ACE PadLock integration with crypto(9).
Pawel Jakub Dawidek
pjd at FreeBSD.org
Wed Aug 17 14:02:46 GMT 2005
On Tue, Aug 16, 2005 at 03:53:26PM -0400, Mike Tancsa wrote:
+> >Ok, I committed a fix to HEAD.
+> >Here is the patch:
+> > http://people.freebsd.org/~pjd/patches/rijndael.patch
+> Perhaps a lame question, but would it be possible to craft such a packet from the outside world to send as a DoS ?
No, you need to be able to setup wrong key locally.
Is local DoS possible? Here answer is more complex and short version is
"I believe it is not.".
Long version: The bug is in kernel rijndael software code.
You cannot setup wrong key via crypto(4), because you can use it only
if crypto hardware is available.
Another method to configure software crypto from userland is setkey(8),
but you need uid 0 for this.
Pawel Jakub Dawidek http://www.wheel.pl
pjd at FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20050817/027a016c/attachment.bin
More information about the freebsd-current