Subject: Re: transparent filtering and bridge(4)?
To: None <thorpej@wasabisystems.com>
From: Steven M. Bellovin <smb@research.att.com>
List: current-users
Date: 03/06/2002 23:17:20
In message <20020306200959.C1364@dhcp2.wlan.shagadelic.org>, Jason R Thorpe wri
tes:
>On Wed, Mar 06, 2002 at 11:05:54PM -0500, Steven M. Bellovin wrote:
>
> > Now that's an interesting architectural challenge. I suspect that you
> > can't easily do that translation from the kernel (an upcall to gcc?),
> > but the ability to download arbitrary machine code isn't that different
> > than LKMs are now. I wonder if there's a way to safely and efficiently
> > have kernel processes that share a bit of address space, but not all.
>
>The BPF-to-C thing was just an experiment. My intent was to actually
>map BPF insns to native insns/millicode directly, skipping the C step.
>
Even so, that's a lot of machine-dependent code in the kernel. It
doesn't really strike me as the way to go. As I said, we already
permit LKM; is there an incremental risk?
--Steve Bellovin, http://www.research.att.com/~smb
Full text of "Firewalls" book now at http://www.wilyhacker.com