[RFC PATCH] xfrm: fix regression introduced by xdst pcpu cache
Florian Westphal
fw at strlen.de
Tue Oct 31 14:15:20 UTC 2017
Stephen Smalley <sds at tycho.nsa.gov> wrote:
> It is a regression; the correct SA was being used prior to the xdst
> pcpu cache commit.
I don't doubt that at all. I would like to understand why the flow
cache did not have this problem.
> easily run on a Fedora VM,
> git clone https://github.com/SELinuxProject/selinux-testsuite/
> sudo dnf install perl-Test perl-Test-Harness perl-Test-Simple selinux-policy-devel gcc libselinux-devel net-tools netlabel_tools iptables
> sudo make -C policy load
> cd tests/inet_socket
> while sudo ./test; do : ; done
Thanks, I'll have a look.
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list