| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 28 Jan 2010 10:24:18 -0500 From: Vlad Yasevich <vladislav.yasevich@...com> To: David Miller <davem@...emloft.net> CC: nicolas.dichtel@....6wind.com, netdev@...r.kernel.org, linux-sctp@...r.kernel.org Subject: Re: [PATCH] sctp: IPsec rules are ineffective with ipv6 David Miller wrote: > From: Nicolas Dichtel <nicolas.dichtel@....6wind.com> > Date: Wed, 27 Jan 2010 15:12:59 +0100 > >> xfrm_lookup() is missing in sctp_v6_xmit(), add it. >> >> Signed-off-by: Junwei Zhang <junwei.zhang@...nd.com> >> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@...nd.com> > > Doing this every transmit packet is overkill. > > Whatever calculates the route that ends up in skb_dst(skb) > should be making this xfrm_lookup() call, not here. > Hmm.. Interesting. Looks like ip_route_output_key() will do xfrm_lookup for you, but there is no ipv6 route lookup call that will do the same thing. I guess we'll need to add an xfrm_lookup call in sctp_v6_get_dst(). -vlad -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists