tech-net: Re: kern/25368: crash after SADB_X

Subject: Re: kern/25368: crash after SADB_X_SPDFLUSH
To: None <yamt@mwd.biglobe.ne.jp>
From: Jun-ichiro itojun Hagino <itojun@itojun.org>
List: tech-net
Date: 05/15/2004 22:00:19

> > > > >	per-pcb policies should not be manipulated via PF_KEY.
> > > > 
> > > > 	oops, read access (via dump/whatever) is ok.
> > > > 
> > > > itojun
> > > 
> > > do you mean spddump should dump per-pcb ones as well?
> > 
> > 	we currently do show them via "setkey -DP".
> 
> no, we don't.
> spddump dumps policies on sptree (ie. only spd ones) while spdflush
> flushes ones on sptailq (ie. both of spd and pcb ones).

	which tree are you looking at?  this is on 2.0E and i see number of
	stuff like below.

itojun


# setkey -DP
(no selector, probably per-socket policy) 
	out bypass
	created:                       lastused:                     
	lifetime: 0(s) validtime: 0(s)
	spid=16418 seq=0 pid=0
	refcnt=3