On Fri, May 8, 2009 at 2:18 AM, YAMAMOTO Takashi <y...@mwd.biglobe.ne.jp> wrote: > hi, > > have you checked callers and ensure that the change from EACCES to EPERM > won't be a problem?
Only ipsec_set_policy() returns EPERM instead of EACCES now, and I don't think it should be a problem. As for calling context -- I did look at the callers and mostly I just moved the call inside instead of at the top. That's also why I didn't remove the last one in in6.c, where is obvious that it's done before splnet(), and still need to take care of it. :) It's possible though that I've missed something. Do you see any problems? Thanks, -e.
