VIA/ACE PadLock integration with crypto(9).

Pawel Jakub Dawidek pjd at
Fri Aug 19 20:49:31 GMT 2005

On Fri, Aug 19, 2005 at 11:23:56AM -0400, Mike Tancsa wrote:
+> At 12:20 PM 18/08/2005, Pawel Jakub Dawidek wrote:
+> >+>
+> >+> It probably worth a security advisory.
+> >It's only a local DoS on systems with crypto HW and /dev/crypto.
+> >Note that /dev/crypto is not needed for fast_ipsec(4) with HW
+> >acceleration, nor for geli(8).
+> >Workaround is also very simple:
+> >        # chmod 600 /dev/crypto
+> FYI,
+>          I have been running with the patch on a RELENG_4 box and it prevents the DoS
+> Any chance to MFC it back to RELENG_4 ?


Pawel Jakub Dawidek             
pjd at                 
FreeBSD committer                         Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url :

More information about the freebsd-current mailing list