| To: | "YOSHIFUJI Hideaki / ?$B5HF#1QL@" <yoshfuji@xxxxxxxxxxxxxx> |
|---|---|
| Subject: | Re: [XFRM] Call dst_check() with appropriate cookie |
| From: | Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> |
| Date: | Tue, 24 May 2005 22:54:08 +1000 |
| Cc: | kazunori@xxxxxxxxxxxx, davem@xxxxxxxxxxxxx, netdev@xxxxxxxxxxx |
| In-reply-to: | <20050524.174234.00553944.yoshfuji@linux-ipv6.org> |
| References: | <E1DaTeW-00085B-00@gondolin.me.apana.org.au> <4292E53D.7030805@miyazawa.org> <20050524.174234.00553944.yoshfuji@linux-ipv6.org> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
| User-agent: | Mutt/1.5.9i |
On Tue, May 24, 2005 at 05:42:34PM +0900, YOSHIFUJI Hideaki / ?$B5HF#1QL@ wrote: > > Probably, it should be better to introduce some upper limit of number of > recreation. Yep, that's why a simple packet blackhole bug became a kernel hang. In fact, we don't need to retry at all. If the policy goes dead on us or if the route becomes invalid after we passed the check in xfrm_lookup, the packet is dropped anyway. There is no point in retrying the lookup here since that only covers the cases where we detect the problem before the bundle is inserted into the list. So we should simply return an error instead of retrying. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [XFRM] Call dst_check() with appropriate cookie, Herbert Xu |
|---|---|
| Next by Date: | [0/5] Improvements to the ieee80211 layer, Jiri Benc |
| Previous by Thread: | Re: [XFRM] Call dst_check() with appropriate cookie, Herbert Xu |
| Next by Thread: | Re: [XFRM] Call dst_check() with appropriate cookie, Herbert Xu |
| Indexes: | [Date] [Thread] [Top] [All Lists] |