making SCTP loadable and removing it from GENERIC
Michael Tuexen
tuexen at freebsd.org
Thu Jul 9 15:42:05 UTC 2020
> On 9. Jul 2020, at 17:13, Mark Johnston <markj at freebsd.org> wrote:
>
> Hi,
>
> I spent some time working on making it possible to load the SCTP stack
> as a kernel module, the same as we do today with IPSec. There is one
> patch remaining to be committed before that can be done in head. One
> caveat is that the module can't be unloaded, as some work is needed to
> make this safe. However, this obviously isn't a regression.
>
> The work is based on the observations that:
> 1) the in-kernel SCTP stack is not widely used (I know that the same
> code is used in some userland applications), and
> 2) the SCTP stack is quite large, most FreeBSD kernel developers are
> unfamiliar with it, and bugs in it can easily lead to security holes.
>
> Michael has done a lot of work to fix issues in the SCTP code,
> particularly those found by syzkaller, but given that in-kernel SCTP has
> few users (almost certainly fewer than IPSec), it seems reasonable to
> require users to opt in to having an SCTP stack with a simple "kldload
> sctp". Thus, once the last patch is committed I would like to propose
> removing "options SCTP" from GENERIC kernel configs in head, replacing
> it with "options SCTP_SUPPORT" to enable sctp.ko to be loaded.
>
> I am wondering if anyone has any objections to or concerns about this
> proposal. Any feedback is appreciated.
Hi Mark,
maybe it is acceptable to document user visible changes. This could include
* parameter tunings in /etc/sysctl.conf are only applied if the SCTP module
is loaded from /etc/loader.conf.
* If the module is not loaded yet, a user must have root privileges to run
a program using SCTP sockets.
Best regards
Michael
More information about the freebsd-net
mailing list