Re: [Ipsec] Issue on input process of Linux native IPsec

[Dave Dillow]

On Thu, 2005-03-10 at 02:37 -0800, Park Lee wrote:
> On Fri, 24 Dec 2004 at 16:15, David Dillow wrote:
> > xfrm_lookup() is only called for outgoing packets, 
> > not for received packets.  I don't think ping 
> > replies (ICMP echo replies) will ever have a non-
> > NULL sk, as they are not associated with a socket.

> Then, Why did you say that ping replies (ICMP echo
> replies) were not associated with a socket? 

Because your crashes where caused by blindly assuming the sk would never
be NULL in xfrm_lookup(), and it clearly was. The simple debugging
printk() I suggested you insert with your code would have shown you that
that was the reason for your crashes.

And if I was feeling nice that day, which is possible, since it was
Christmas Eve, I may have even put the printk() in myself and tested.

> Is there any difference between the special purpose
> socket and the socket you mentioned above?

I have no idea. You have the code, and probably as much understanding of
the networking stack as I do. I suggest you use find and grep to track
down the what you are interested in, and how xfrm_lookup() is called in
various situations. Take good notes, especially about avenues of
exploration that come time mind as you chase one code path. It's not
very hard, it's how I learned.
-- 
Dave Dillow <dave@xxxxxxxxxxxxxx>

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/