Linux Today: Linux News On Internet Time.

Fun with NULL pointers, part 1

Jul 31, 2009, 07:32 (1 Talkback[s])
(Other stories by Jonathan Corbet)

"The TUN/TAP driver provides a virtual network device which performs packet tunneling; it's useful in a number of situations, including virtualization, virtual private networks, and more. In normal usage of the TUN driver, a program will open /dev/net/tun, then make an ioctl() call to set up the network endpoints. Herbert Xu recently noticed a problem where a lack of packet accounting could let a hostile application pin down large amounts of kernel memory and generally degrade system performance. His solution was a patch which adds a "pseudo-socket" to the device which can be used by the kernel's accounting mechanisms. Problem solved, but, as it turns out, at the cost of adding a more severe problem.

"The TUN device supports the poll() system call. The beginning of the function implementing this functionality (in 2.6.30) looks like this:"

Complete Story

Related Stories: