Subject: Re: kern/25368: crash after SADB_X_SPDFLUSH
To: None <yamt@mwd.biglobe.ne.jp>
From: Jun-ichiro itojun Hagino <itojun@itojun.org>
List: tech-net
Date: 05/14/2004 23:41:39
> > >	per-pcb policies should not be manipulated via PF_KEY.
> > 
> > 	oops, read access (via dump/whatever) is ok.
> > 
> > itojun
> 
> do you mean spddump should dump per-pcb ones as well?

	we currently do show them via "setkey -DP".  not sure it is right
	or not.  but anyways, read access based on spid is necessary for
	racoon to find and negotiate SAs for per-socket policy.

itojun