| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4C2EE089.6040604@strongswan.org> Date: Sat, 03 Jul 2010 09:02:33 +0200 From: Andreas Steffen <andreas.steffen@...ongswan.org> To: Peter Kosyh <p.kosyh@...il.com> CC: Eric Dumazet <eric.dumazet@...il.com>, netdev@...r.kernel.org Subject: Re: [PATCHv2] xfrm: fix xfrm by MARK logic Great, this was the second bug [besides the xfrm_mark_get issue] I was looking for this week and which prevented strongSwan from successfully using mark-based IPsec policies. It works like a charm now. Thanks! On 07/03/2010 08:38 AM, Eric Dumazet wrote: > Le vendredi 02 juillet 2010 à 21:47 +0400, Peter Kosyh a écrit : >> From: Peter Kosyh <p.kosyh@...il.com> >> >> While using xfrm by MARK feature in >> 2.6.34 - 2.6.35 kernels, the mark >> is always cleared in flowi structure via memset in >> _decode_session4 (net/ipv4/xfrm4_policy.c), so >> the policy lookup fails. >> IPv6 code is affected by this bug too. >> >> Signed-off-by: Peter Kosyh <p.kosyh@...il.com> >> --- >> > > Acked-by: Eric Dumazet <eric.dumazet@...il.com> > > Thanks ! -- ====================================================================== Andreas Steffen andreas.steffen@...ongswan.org strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists