/[linux-patches]/genpatches-2.6/trunk/2.6.14/1170_5_xfrm-sa-switchover.patch
Gentoo

Contents of /genpatches-2.6/trunk/2.6.14/1170_5_xfrm-sa-switchover.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 292 - (show annotations) (download) (as text)
Tue Jan 31 21:50:53 2006 UTC (14 years, 9 months ago) by johnm
File MIME type: text/x-diff
File size: 2369 byte(s)
Large update - thanks goes to Kerin Millar for the legwork.
1 From: David S. Miller <davem@davemloft.net>
2 Date: Tue, 20 Dec 2005 01:03:02 +0000 (-0800)
3 Subject: [PATCH] Perform SA switchover immediately.
4 X-Git-Url: http://kernel.org/git/?p=linux/kernel/git/gregkh/linux-2.6.14.y.git;a=commitdiff;h=5bc50c7bd333ab656acc16c1539c29d3d9a65600
5
6 [PATCH] Perform SA switchover immediately.
7
8 When we insert a new xfrm_state which potentially
9 subsumes an existing one, make sure all cached
10 bundles are flushed so that the new SA is used
11 immediately.
12
13 Signed-off-by: David S. Miller <davem@davemloft.net>
14 Signed-off-by: Chris Wright <chrisw@redhat.com>
15 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
16 ---
17
18 --- a/include/net/xfrm.h
19 +++ b/include/net/xfrm.h
20 @@ -890,6 +890,7 @@ struct xfrm_state * xfrm_find_acq(u8 mod
21 extern void xfrm_policy_flush(void);
22 extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol);
23 extern int xfrm_flush_bundles(void);
24 +extern void xfrm_flush_all_bundles(void);
25 extern int xfrm_bundle_ok(struct xfrm_dst *xdst, struct flowi *fl, int family);
26 extern void xfrm_init_pmtu(struct dst_entry *dst);
27
28 --- a/net/xfrm/xfrm_policy.c
29 +++ b/net/xfrm/xfrm_policy.c
30 @@ -1014,13 +1014,12 @@ int __xfrm_route_forward(struct sk_buff
31 }
32 EXPORT_SYMBOL(__xfrm_route_forward);
33
34 -/* Optimize later using cookies and generation ids. */
35 -
36 static struct dst_entry *xfrm_dst_check(struct dst_entry *dst, u32 cookie)
37 {
38 - if (!stale_bundle(dst))
39 - return dst;
40 -
41 + /* If it is marked obsolete, which is how we even get here,
42 + * then we have purged it from the policy bundle list and we
43 + * did that for a good reason.
44 + */
45 return NULL;
46 }
47
48 @@ -1104,6 +1103,16 @@ int xfrm_flush_bundles(void)
49 return 0;
50 }
51
52 +static int always_true(struct dst_entry *dst)
53 +{
54 + return 1;
55 +}
56 +
57 +void xfrm_flush_all_bundles(void)
58 +{
59 + xfrm_prune_bundles(always_true);
60 +}
61 +
62 void xfrm_init_pmtu(struct dst_entry *dst)
63 {
64 do {
65 --- a/net/xfrm/xfrm_state.c
66 +++ b/net/xfrm/xfrm_state.c
67 @@ -435,6 +435,8 @@ void xfrm_state_insert(struct xfrm_state
68 spin_lock_bh(&xfrm_state_lock);
69 __xfrm_state_insert(x);
70 spin_unlock_bh(&xfrm_state_lock);
71 +
72 + xfrm_flush_all_bundles();
73 }
74 EXPORT_SYMBOL(xfrm_state_insert);
75
76 @@ -482,6 +484,9 @@ out:
77 spin_unlock_bh(&xfrm_state_lock);
78 xfrm_state_put_afinfo(afinfo);
79
80 + if (!err)
81 + xfrm_flush_all_bundles();
82 +
83 if (x1) {
84 xfrm_state_delete(x1);
85 xfrm_state_put(x1);

  ViewVC Help
Powered by ViewVC 1.1.20