[Top] [All Lists]

Re: take 2 WAS(Re: PATCH: IPSEC xfrm events

To: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Subject: Re: take 2 WAS(Re: PATCH: IPSEC xfrm events
From: jamal <hadi@xxxxxxxxxx>
Date: 03 Apr 2005 21:58:31 -0400
Cc: Patrick McHardy <kaber@xxxxxxxxx>, Masahide NAKAMURA <nakam@xxxxxxxxxxxxxx>, "David S. Miller" <davem@xxxxxxxxxxxxx>, netdev <netdev@xxxxxxxxxxx>
In-reply-to: <>
Organization: jamalopolous
References: <> <1112353398.1096.116.camel@jzny.localdomain> <> <1112358278.1096.160.camel@jzny.localdomain> <> <1112403845.1088.14.camel@jzny.localdomain> <> <1112406164.1088.54.camel@jzny.localdomain> <> <1112469601.1088.173.camel@jzny.localdomain> <>
Reply-to: hadi@xxxxxxxxxx
Sender: netdev-bounce@xxxxxxxxxxx
On Sun, 2005-04-03 at 21:01, Herbert Xu wrote:
> On Sat, Apr 02, 2005 at 02:20:01PM -0500, jamal wrote:
> > 
> > 1) Weve discussed this before Herbert and i think you misspoke that
> > pfkey delivers to all listerners.
> > 
> > pfkey Add/del/upd now really do tell all processes about what happened.
> > Before pfkey would skip the originating process. So far this doesnt seem
> > to be an issue in the basic testing.
> Are you sure? Previously they did BROADCAST_ALL which goes to everyone
> including the sender.

Yes, he key is in the sk parameter to the broadcast. if a NULL is passed
then all listeners are told. Else the passed sk is excluded.

> > 2) I ended adding a policy_notify to the pfkey manager to make the code
> > generic. Interesting thing is i dont think pfkey knows what to do with 
> > policy expiration or i am misreading the code.
> That's right, pfkey never had policy expire messages.  In general,
> anything to do with policies cannot be done portably in pfkey since
> the RFC only specified the SA operations.

Well, hopefully whoever defined that pfkey carries policies as well will
have to worry about this in the future. I will just leave teh hook but
remove the printk.


<Prev in Thread] Current Thread [Next in Thread>