On Fri, Jul 14, 2006 at 09:54:59AM -0400, James Morris wrote:
>
> Herbert, any review from you on this would be greatly appreciated.
Looks good to me.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]>
Home Page: http://gondor.apana.org.au/~he
On Fri, Jul 14, 2006 at 09:54:59AM -0400, James Morris wrote:
>
> Herbert, any review from you on this would be greatly appreciated.
OK, I'll try to have a look tomorrow (I'm GMT-4 at the moment).
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECT
On Thu, 13 Jul 2006, David Miller wrote:
> The other changes I'm either OK with, or they are outside my scope of
> knowledge (the stuff that lives inside of SELINUX).
The security side of things looks ok to me.
Herbert, any review from you on this would be greatly appreciated.
- James
--
Jame
From: Venkat Yekkirala <[EMAIL PROTECTED]>
Date: Wed, 12 Jul 2006 16:14:42 -0500
> This labels the flows that could utilize IPSec xfrms at the points they
> are defined so that IPSec policy and SAs at the right label can be used.
>
> The following protos are currently not handled, but they should
On Wed, 12 Jul 2006, Venkat Yekkirala wrote:
> This labels the flows that could utilize IPSec xfrms at the points they
> are defined so that IPSec policy and SAs at the right label can be used.
>
> The following protos are currently not handled, but they should continue
> to be able to use single
On Wed, 12 Jul 2006, Venkat Yekkirala wrote:
> +static inline void security_xfrm_skb_secid(struct sk_buff *skb, u32 *secid)
> {
> - return security_ops->xfrm_decode_session(skb, fl);
> + BUG_ON(security_ops->xfrm_decode_session(skb, secid, 0));
>
BUG_ON looks wrong here, in that you don'
