From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman) Date: Mon, 06 Aug 2012 12:50:46 -0700 > Vlad Yasevich <vyasevich@xxxxxxxxx> writes: > > >> Hi Eric >> >> Associations are looked up by ports, but then verifyed by addresses. >> Also, associations belong to sockets and simply validating the socket >> namespace should be sufficient. > > True. Your set of patches isn't quite as likely to malfunction as it > looked at first glance. It requires address reuse which happens accross > namespaces but not too frequently. > > As for validating the socket namespace I agree that is the fix and my > patchset winds up doing it. FWIW I much prefer Eric's patch set, it was so significantly easier to read and validate than Jan's. -- To unsubscribe from this list: send the line "unsubscribe linux-sctp" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
