Zbr's days.

Zbr's days.

/(1648)

devel(941)

acrypto(35)

hifn(12)

arm(1)

captcha(9)

dst(102)

eventfs(3)

flat(63)

fs(170)

kevent(110)

aio(7)

math(17)

bezier(3)

codes(5)

hash(8)

networking(200)

dns(13)

ipw2100(3)

nta(27)

unetstack(5)

zcs(7)

other(178)

sh(17)

sky(2)

threading(25)

life(317)

music(1)

photo(1)

other(96)

About :: TODO :: Blog :: RSS :: Old blog :: Projects :: GIT :: Gallery :: Notes

Thu, 06 Apr 2006

Acrypto hacking.

Fixed bug in tunnel mode ESP processing. I'm currently trying to sync asynchronous IPsec processing with 2.6.16 tree, which is quite challenging, since XFRM engine was changed a lot since 2.6.15 time.

There is a problem with asynchronous input IPsec processing in 2.6.16.
Linux had stackable dst entry processing for input and output, which was very convenient to use with dst_input()/dst_output(). Now it is gone.
Output processing of the dst stack was moved into XFRM engine from generic dst_output(), since there is only one in-kernel user. And it is XFRM. So currently asynchronous IPsec processing is not possible with 2.6.16 until some other stackable technique will be reinvented, like it is done for asynchronous IPsec input processing.

:: Link / Comments ()