From: "David S. Miller" <[EMAIL PROTECTED]>
Date: Sun, 18 Dec 2005 13:20:19 -0800 (PST)
> From: Krzysztof Oledzki <[EMAIL PROTECTED]>
> Date: Sun, 18 Dec 2005 17:49:50 +0100 (CET)
>
> > At 17:31:26 kernel executed the one from xfrm_state_add() (Ole #2) but it
> > didn't help. :(
>
> Thanks for testing, I'll try to figure out what might be going
> on.
Ok, xfrm_flush_bundles() isn't pruning the bundles because they
still look valid.
We fix this by adding a xfrm_flush_all_bundles() that doesn't
do the validity check and simply flushes everything.
Please give this new version of the patch a try, thanks.
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 5beae1c..24ff8d2 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -890,6 +890,7 @@ struct xfrm_state * xfrm_find_acq(u8 mod
extern void xfrm_policy_flush(void);
extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy
*pol);
extern int xfrm_flush_bundles(void);
+extern int xfrm_flush_all_bundles(void);
extern int xfrm_bundle_ok(struct xfrm_dst *xdst, struct flowi *fl, int family);
extern void xfrm_init_pmtu(struct dst_entry *dst);
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 0db9e57..b09c8ae 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -1104,6 +1104,17 @@ int xfrm_flush_bundles(void)
return 0;
}
+static int all_bundle(struct dst_entry *dst)
+{
+ return 1;
+}
+
+int xfrm_flush_all_bundles(void)
+{
+ xfrm_prune_bundles(all_bundle);
+ return 0;
+}
+
void xfrm_init_pmtu(struct dst_entry *dst)
{
do {
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 7cf48aa..11fe41c 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -49,6 +49,7 @@ static struct list_head xfrm_state_gc_li
static DEFINE_SPINLOCK(xfrm_state_gc_lock);
static int xfrm_state_gc_flush_bundles;
+static int xfrm_state_gc_flush_all_bundles;
static int __xfrm_state_delete(struct xfrm_state *x);
@@ -84,6 +85,11 @@ static void xfrm_state_gc_task(void *dat
xfrm_flush_bundles();
}
+ if (xfrm_state_gc_flush_all_bundles) {
+ xfrm_state_gc_flush_all_bundles = 0;
+ xfrm_flush_all_bundles();
+ }
+
spin_lock_bh(&xfrm_state_gc_lock);
list_splice_init(&xfrm_state_gc_list, &gc_list);
spin_unlock_bh(&xfrm_state_gc_lock);
@@ -431,6 +437,9 @@ void xfrm_state_insert(struct xfrm_state
spin_lock_bh(&xfrm_state_lock);
__xfrm_state_insert(x);
spin_unlock_bh(&xfrm_state_lock);
+
+ xfrm_state_gc_flush_all_bundles = 1;
+ schedule_work(&xfrm_state_gc_work);
}
EXPORT_SYMBOL(xfrm_state_insert);
@@ -478,6 +487,11 @@ out:
spin_unlock_bh(&xfrm_state_lock);
xfrm_state_put_afinfo(afinfo);
+ if (err == 0) {
+ xfrm_state_gc_flush_all_bundles = 1;
+ schedule_work(&xfrm_state_gc_work);
+ }
+
if (x1) {
xfrm_state_delete(x1);
xfrm_state_put(x1);
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
