Wireshark · Wireshark-dev: Re: [Wireshark-dev] Enabling linux kernel jit compiler from dumpcap?

Wireshark-dev: Re: [Wireshark-dev] Enabling linux kernel jit compiler from dumpcap?

From: Jakub Zawadzki <darkjames-ws@xxxxxxxxxxxx>

Date: Sat, 24 Aug 2013 00:16:02 +0200

On Thu, Aug 22, 2013 at 08:45:06PM +0200, Jakub Zawadzki wrote:
> On Thu, Aug 22, 2013 at 09:16:04AM -0700, Guy Harris wrote:
> > 
> > On Aug 22, 2013, at 4:46 AM, Anders Broman <anders.broman@xxxxxxxxxxxx> wrote:
> > 
> > > Should we add code to enable the JIT compiler from dumpcap?
> > 
> > Should I add code to enable the JIT compiler to libpcap while I'm at it?
> > 
> > Should the Linux kernel folks enable it by default?
> > 
> > I'm inclined to answer "yes" to all three questions.  I think the FreeBSD JIT compiler is enabled by default. 
> > I'm surprised that the Linux one isn't.
> 
> Security issue: http://mainisusuallyafunction.blogspot.com/2012/11/attacking-hardened-linux-systems-with.html

Also it's not perfect like BPF VM, check: https://lkml.org/lkml/2012/3/30/384a

Don't know if such instruction can happen in BPF filter generated by libpcap (Guy?).

If yes we should not enable in on kernels before it was fixed.

Follow-Ups:
- Re: [Wireshark-dev] Enabling linux kernel jit compiler from dumpcap?
  - From: Guy Harris

References:
- [Wireshark-dev] Enabling linux kernel jit compiler from dumpcap?
  - From: Anders Broman
- Re: [Wireshark-dev] Enabling linux kernel jit compiler from dumpcap?
  - From: Guy Harris
- Re: [Wireshark-dev] Enabling linux kernel jit compiler from dumpcap?
  - From: Jakub Zawadzki

Prev by Date: Re: [Wireshark-dev] Enabling linux kernel jit compiler from dumpcap?
Next by Date: Re: [Wireshark-dev] Enabling linux kernel jit compiler from dumpcap?
Previous by thread: Re: [Wireshark-dev] Enabling linux kernel jit compiler from dumpcap?
Next by thread: Re: [Wireshark-dev] Enabling linux kernel jit compiler from dumpcap?
Index(es):
- Date
- Thread