| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 17 Feb 2010 13:42:17 -0800 (PST) From: David Miller <davem@...emloft.net> To: adobriyan@...il.com Cc: hadi@...erus.ca, netdev@...r.kernel.org Subject: Re: regression due to "flush SAD/SPD generate false events" From: Alexey Dobriyan <adobriyan@...il.com> Date: Wed, 17 Feb 2010 21:17:19 +0200 > commit 19f4c7133fc1b94001b997c4843d0a9192ee63e5 > xfrm: Flushing empty SAD generates false events > > commit 0dca3a843632c2fbb6e358734fb08fc23e800f50 > xfrm: Flushing empty SPD generates false events > > setkey now takes several seconds to run this simple script > and it spits "recv: Resource temporarily unavailable" messages. > > #!/usr/sbin/setkey -f > flush; > spdflush; > > add A B ipcomp 44 -m tunnel -C deflate; > add B A ipcomp 45 -m tunnel -C deflate; > > spdadd A B any -P in ipsec > ipcomp/tunnel/192.168.1.2-192.168.1.3/use; > spdadd B A any -P out ipsec > ipcomp/tunnel/192.168.1.3-192.168.1.2/use; Thanks for the report Alexey. I'll revert these changes for now. Jamal, if you can find a way to do this without breaking existing applications feel free to send a new version of these patches. Thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists