Subject: Re: Problems with PF_KEY SADB_DUMP
To: Jonathan Stone <jonathan@DSG.Stanford.EDU>
From: Matt Thomas <matt@3am-software.com>
List: tech-net
Date: 09/19/2003 15:51:45
On Friday, September 19, 2003, at 03:46 PM, Jonathan Stone wrote:
>
> Here's a summary of the current status on PF_KEY problems with
> SADB_DUMP of modest-to-large SA database (at least as I see it):
>
>
> * There is a consensus that NetBSD needs a correct, reliable, robust
> interface to PF_KEY; and that a kernfs-based approach (as kernfs
> is strictly optional in NetBSD) is by definition not a suitable API.
> (Bill Studenmund disagrees; Bill would like to make kernfs more
> standard.
> Bill has been heard, but for now that's a different issue).
>
> * The PF_KEY API defines the SAD_DUMP so that the app sends one
> SADB_DUMP message, to which the kernel responds with multiple
> SADB_DUMP
> responses. Each response has one SA. Thus, SABD_DUMP cannot be
> reworked
> to use Matt Thomas's suggestion (do the uiomove() directly) without
> changing the userspace API.
Not true. You just need to keep more state in the pcb to track this.
--
Matt Thomas email: matt@3am-software.com
3am Software Foundry www: http://3am-software.com/bio/matt/
Cupertino, CA disclaimer: I avow all knowledge of this
message.