tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: IPsec: stack problems

On Thu, Mar 01, 2018 at 10:25:54AM +0100, Maxime Villard wrote:
> In fact, the crypto code was written with the assumption that when
> crypto_dispatch returns, there is no further crypto processing.
> If the packet is repushed, this assumption does not hold anymore, and I'm not
> sure whether it wouldn't break things.
> But otherwise yes, it would be nice to repush the packet.

I don't understand that. The lower layers already expect the decrypted
data, so crypto processing has to be done at this point anyway?


Home | Main Index | Thread Index | Old Index