VIA/ACE PadLock integration with crypto(9).
Pawel Jakub Dawidek
pjd at FreeBSD.org
Fri Aug 19 20:49:31 GMT 2005
On Fri, Aug 19, 2005 at 11:23:56AM -0400, Mike Tancsa wrote:
+> At 12:20 PM 18/08/2005, Pawel Jakub Dawidek wrote:
+> >+> It probably worth a security advisory.
+> >It's only a local DoS on systems with crypto HW and /dev/crypto.
+> >Note that /dev/crypto is not needed for fast_ipsec(4) with HW
+> >acceleration, nor for geli(8).
+> >Workaround is also very simple:
+> > # chmod 600 /dev/crypto
+> I have been running with the patch on a RELENG_4 box and it prevents the DoS
+> Any chance to MFC it back to RELENG_4 ?
Pawel Jakub Dawidek http://www.wheel.pl
pjd at FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20050819/2a77ec04/attachment.bin
More information about the freebsd-current