d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
21bac31e55
freebsd-nq/sys
History
Warner Losh 173c0f9f5c Mitigate the stream.c attacks 
o Drop all broadcast and multicast source addresses in tcp_input.
o Enable ICMP_BANDLIM in GENERIC.
o Change default to 200/s from 100/s.  This will still stop the attack, but
  is conservative enough to do this close to code freeze.

This is not the optimal patch for the problem, but is likely the least
intrusive patch that can be made for this.

Obtained from: Don Lewis and Matt Dillon.
Reviewed by: freebsd-security
2000-01-28 06:13:09 +00:00
..
alpha Mitigate the stream.c attacks 2000-01-28 06:13:09 +00:00
amd64 Mitigate the stream.c attacks 2000-01-28 06:13:09 +00:00
boot Implement a machine-independent (word size-independent) FICL_TRUE. 2000-01-28 03:59:12 +00:00
cam Because we added 4 bytes to the inquiry data size, we need to 2000-01-25 21:24:52 +00:00
coda Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL" 1999-12-29 05:07:58 +00:00
compat Fix handling of svr4_sigsets, which are implemented in SysVR4 as a sequence 2000-01-15 15:38:17 +00:00
compile
conf IPv6 multicast routing. 2000-01-28 05:10:56 +00:00
contrib During fastpath processing for removal of a short-lived inode, the 2000-01-18 01:33:05 +00:00
crypto Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL" 1999-12-29 05:07:58 +00:00
ddb Add a new sysctl "debug.enter_debugger" (when the kernel is compiled 2000-01-27 22:27:34 +00:00
dev Add support for detection of the ESS 1688 found on my Dell Latitude LM 2000-01-28 04:28:11 +00:00
fs Supported non-512 bytes/sector format. 2000-01-27 14:43:07 +00:00
geom Cleanup some remaining bdev fluff. 2000-01-16 09:25:10 +00:00
gnu Give vn_isdisk() a second argument where it can return a suitable errno. 2000-01-10 12:04:27 +00:00
i4b update to isdn4bsd beta release 0.90 1999-12-14 20:54:38 +00:00
i386 Mitigate the stream.c attacks 2000-01-28 06:13:09 +00:00
isa * Don't use ivars to access resources, bus_set/get_resource is much better. 2000-01-25 22:21:45 +00:00
isofs/cd9660 remove check now done in vn_isdisk(). 2000-01-10 12:24:36 +00:00
kern Fixed sign and overflow bugs that caused the allocation size of the kernel 2000-01-28 04:04:58 +00:00
libkern Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL" 1999-12-29 05:07:58 +00:00
miscfs Fix bde'isms in acl/extattr syscall interface, renaming syscalls to 2000-01-19 06:07:34 +00:00
modules Move if_tun back to the common section now that it works on the Alpha. 2000-01-27 13:42:42 +00:00
msdosfs Supported non-512 bytes/sector format. 2000-01-27 14:43:07 +00:00
net Redo the intrq.c idea as 2000-01-27 23:37:39 +00:00
netatalk Move the *intrq variables into net/intrq.c and unconditionally 2000-01-24 20:39:02 +00:00
netatm Move the *intrq variables into net/intrq.c and unconditionally 2000-01-24 20:39:02 +00:00
netgraph Add control message ASCII conversion for this node type. 2000-01-27 01:32:53 +00:00
netinet Mitigate the stream.c attacks 2000-01-28 06:13:09 +00:00
netinet6 Sorry I didn't commit these files at the commit just a few minutes before. 2000-01-28 05:27:14 +00:00
netipx Move the *intrq variables into net/intrq.c and unconditionally 2000-01-24 20:39:02 +00:00
netkey comment the string after #endif 2000-01-15 05:15:06 +00:00
netnatm Move the *intrq variables into net/intrq.c and unconditionally 2000-01-24 20:39:02 +00:00
netncp Forward declare some structs so that this header is more self-suifficent. 2000-01-14 19:54:42 +00:00
netns Move the *intrq variables into net/intrq.c and unconditionally 2000-01-24 20:39:02 +00:00
nfs Fix catastrophic bug in NQNFS related to UDP mounts. The 'nqhost' 2000-01-26 20:51:29 +00:00
nfsclient The alpha build cuases the 'nfsuid bloated' warning to occur. Well, 2000-01-13 20:18:25 +00:00
nfsserver The alpha build cuases the 'nfsuid bloated' warning to occur. Well, 2000-01-13 20:18:25 +00:00
ntfs Forward declare some structs so that this header is more self-suifficent. 2000-01-14 19:54:42 +00:00
nwfs Check if module was compiled without SMP support and running on 2000-01-15 08:35:48 +00:00
pc98 Merge from sys/i386/conf/GENERIC revision 1.231, 1.232 and 1.235. 2000-01-28 01:07:48 +00:00
pccard Propagate MAC address in CIS tupple to dev/ed/ driver. 2000-01-21 03:08:46 +00:00
pci Add more PCI VGA graphics card descriptions. 2000-01-27 12:02:06 +00:00
posix4 Track libc_r addition of semaphores implementation. 2000-01-20 07:55:42 +00:00
powerpc The kernel side of per-process unaligned access control (printing, fixing & 2000-01-16 07:07:33 +00:00
rpc $Id$ -> $FreeBSD$ 1999-08-27 23:45:13 +00:00
svr4 Fix handling of svr4_sigsets, which are implemented in SysVR4 as a sequence 2000-01-15 15:38:17 +00:00
sys Bump __FreeBSD_version and __FreeBSD_cc_version due to the C++ ABI change 2000-01-27 23:12:38 +00:00
tools Use a seperate -c and -h mode. The vnode_if.c file is compiled only into 1999-12-12 16:43:05 +00:00
ufs During fastpath processing for removal of a short-lived inode, the 2000-01-18 01:33:05 +00:00
vm The swapdev_vp changes made to rip out the swap specfs interaction 2000-01-25 17:49:12 +00:00
Makefile ${MACHINE} -> ${MACHINE_ARCH} 1999-11-14 13:54:44 +00:00