Subject: Fix for bug in PF_KEY marshalling, socket-buffer overflow
To: None <tech-net@NetBSD.org>
From: Jonathan Stone <jonathan@dsg.stanford.edu>
List: tech-net
Date: 05/20/2004 21:01:54
In message <E1BQcFP-0004D5-00@smeg.dsg.stanford.edu>Jonathan Stone writes
>
>In message <E1BQbUu-00049J-00@smeg.dsg.stanford.edu>Jonathan Stone writes

>[Problems with PF_KEY being an unreliable channel, leading to
>marshalling bugs with PF_KEY dump requests]

[... create new ``overdraft'' socket flag ]

>Then, rework the PF_KEY dump implementation to prebuild a single huge
>chain, with each entry in a separate `packet'.  Rework or replace
>key_sendup() to drop that single monster chain directly onto the
>receive buffer of just the socket who requested the dump.

I have a proof-of-concept implementation of this approach which works
for dumping SPD entries in FAST_IPSEC and in the FreeBSD 4-stable
FAST_IPSEC. It needs cleaning up before posting here; but it works
perfectly for dumping tens of thousands of SPD entries via PF_KEY.

I will post it here for review, as soon as its cleaned up.  Any
comments on the aspect of ignoring socket-buffer limits
(at least for the short term) for PF_KEY?