Re: 2.6.24-rc6-mm1 - oddness with IPv4/v6 mapped sockets hanging...

[Valdis . Kletnieks]

On Mon, 14 Jan 2008 14:07:46 EST, Paul Moore said:
> There have been quite a few changes in lblnet-2.6_testing since 2.6.24-rc6-mm1 
> so I would recommend taking the whole tree.  I'm also not quite sure if

Weird.  I did a 'git clone git://git.infradead.org/users/pcmoore/lblnet-2.6_testing'
into a new directory this morning, and doing a 'git log' against that only
showed the one added commit:

commit 5d95575903fd3865b884952bd93c339d48725c33
Author: Paul Moore <paul.moore@xxxxxx>
Date:   Wed Jan 9 15:30:23 2008 -0500

    SELinux: Add warning messages on network denial due to error
    
    Currently network traffic can be sliently dropped due to non-avc errors which
    can lead to much confusion when trying to debug the problem.  This patch adds
    warning messages so that when these events occur there is a user visible
    notification.
    
    Signed-off-by: Paul Moore <paul.moore@xxxxxx>

commit 9259ca5fd8b9fbdd2c3edade593dead905d8391e
Author: Paul Moore <paul.moore@xxxxxx>
Date:   Wed Jan 9 15:30:23 2008 -0500

    SELinux: Add network ingress and egress control permission checks
(already in 24-rc6-mm1).

Somebody please tell me it's my git-idiocy..

> simply reverting the "Convert the netif code to use ifindex values" patch 
> would solve the problem as there are other patches in the rc6-mm1 tree that 
> rely on skb->iif being valid (new code, not converted code).

That would explain why I'm still seeing issues..

>  If you want to 
> stick with a _relatively_ vanilla rc6-mm1 tree I would leave everything in 
> and simply apply the following patch which solved the skb_clone()/iif 
> problem:
> 
> http://git.infradead.org/?p=users/pcmoore/lblnet-2.6_testing;a=commitdiff;h=02f1c89d6e36507476f78108a3dcc78538be460b

OK, I'll go look at that..

Attachment: pgp00000.pgp
Description: PGP signature