netdev
[Top] [All Lists]

Re: [PATCH 2.6]: keep fragment queues private to each user

To: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [PATCH 2.6]: keep fragment queues private to each user
From: Patrick McHardy <kaber@xxxxxxxxx>
Date: Tue, 25 Jan 2005 15:41:04 +0100
Cc: davem@xxxxxxxxxxxxx, netdev@xxxxxxxxxxx
In-reply-to: <E1CtPJf-0005RG-00@xxxxxxxxxxxxxxxxxxxxxxxx>
References: <E1CtPJf-0005RG-00@xxxxxxxxxxxxxxxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.5) Gecko/20050106 Debian/1.7.5-1
Herbert Xu wrote:

However, I think this is still not enough.  What about fragments
that come from different interfaces? Fragments with different
security paths?

Fragments with different security paths are indeed a problem, I
already tried fixing them by keeping the secpaths of all fragments
on a list in the head secpath and changing __xfrm_policy_check to
deal with them, but it is pretty tricky to get right. For different
interfaces: I'm not exactly sure where this is a problem, except
that any classification will only look at the head fragment interface.

Regards
Patrick


<Prev in Thread] Current Thread [Next in Thread>