summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorDavid S. Miller <davem@sunset.davemloft.net>2006-10-03 16:00:26 -0700
committerDavid S. Miller <davem@sunset.davemloft.net>2006-10-04 00:31:02 -0700
commitae8c05779ac2f286b872db9ebea0c3c0a031ad1e (patch)
treeaf273537fa57c67b706b41544bb22bba1dfb9374 /net
parent667bbcb6c099d1b74f95c6963ddf37a32e7afc29 (diff)
downloadkernel-crypto-ae8c05779ac2f286b872db9ebea0c3c0a031ad1e.tar.gz
kernel-crypto-ae8c05779ac2f286b872db9ebea0c3c0a031ad1e.tar.xz
kernel-crypto-ae8c05779ac2f286b872db9ebea0c3c0a031ad1e.zip
[XFRM]: Clearing xfrm_policy_count[] to zero during flush is incorrect.
When we flush policies, we do a type match so we might not actually delete all policies matching a certain direction. So keep track of how many policies we actually kill and subtract that number from xfrm_policy_count[dir] at the end. Based upon a patch by Masahide NAKAMURA. Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/xfrm/xfrm_policy.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index b6e2e79d726..2a7861661f1 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -778,8 +778,9 @@ void xfrm_policy_flush(u8 type)
for (dir = 0; dir < XFRM_POLICY_MAX; dir++) {
struct xfrm_policy *pol;
struct hlist_node *entry;
- int i;
+ int i, killed;
+ killed = 0;
again1:
hlist_for_each_entry(pol, entry,
&xfrm_policy_inexact[dir], bydst) {
@@ -790,6 +791,7 @@ void xfrm_policy_flush(u8 type)
write_unlock_bh(&xfrm_policy_lock);
xfrm_policy_kill(pol);
+ killed++;
write_lock_bh(&xfrm_policy_lock);
goto again1;
@@ -807,13 +809,14 @@ void xfrm_policy_flush(u8 type)
write_unlock_bh(&xfrm_policy_lock);
xfrm_policy_kill(pol);
+ killed++;
write_lock_bh(&xfrm_policy_lock);
goto again2;
}
}
- xfrm_policy_count[dir] = 0;
+ xfrm_policy_count[dir] -= killed;
}
atomic_inc(&flow_cache_genid);
write_unlock_bh(&xfrm_policy_lock);