lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sat, 03 Jul 2010 09:02:33 +0200
From:	Andreas Steffen <>
To:	Peter Kosyh <>
CC:	Eric Dumazet <>,
Subject: Re: [PATCHv2] xfrm: fix xfrm by MARK logic


this was the second bug [besides the xfrm_mark_get issue] I was looking
for this week and which prevented strongSwan from successfully using
mark-based IPsec policies. It works like a charm now.


On 07/03/2010 08:38 AM, Eric Dumazet wrote:
> Le vendredi 02 juillet 2010 à 21:47 +0400, Peter Kosyh a écrit :
>> From: Peter Kosyh <>
>> While using xfrm by MARK feature in
>> 2.6.34 - 2.6.35 kernels, the mark 
>> is always cleared in flowi structure via memset in 
>> _decode_session4 (net/ipv4/xfrm4_policy.c), so
>> the policy lookup fails.
>> IPv6 code is affected by this bug too.
>> Signed-off-by: Peter Kosyh <>
>> ---
> Acked-by: Eric Dumazet <>
> Thanks !

Andreas Steffen               
strongSwan - the Linux VPN Solution!      
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists