k, bits outside the
mask of a given SA mark will be ignored, and the match
will succeed.
This patch does not make any changes to the 'data'
path, so SAs with such oddly-defined marks will still
be unmatch-able.
Signed-off-by: Nathan Harold
---
n
) allocation of a SPI
2) algorithm and key negotiation
3) insertion into the data path
Signed-off-by: Nathan Harold
---
net/xfrm/xfrm_state.c | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 27c84e63c7ff..c4c563d9be47 100644
is settled,
I plan to upload a patch to update the xfrm_if_id, which I planned to
nestle in to this same logic (and with similar, albeit possibly
more-straightforward rationale).
-Nathan
On Mon, Jul 2, 2018 at 10:14 PM, Eyal Birger wrote:
> Hi Nathan,
>
> On Fri, 29 Jun 2018 15:07
r.
Signed-off-by: Nathan Harold
Change-Id: Ia05c6733a94c1901cd1e54eb7c7e237704678d71
---
net/xfrm/xfrm_state.c | 9 +
1 file changed, 9 insertions(+)
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index e04a510ec992..c9ffcdfa89f6 100644
--- a/net/xfrm/xfrm_state.c
+++
nvoking 'ip xfrm monitor' with no argument, can
be called consistent with the syntax for other ip
commands that accept an 'all'.
Signed-off-by: Nathan Harold
---
ip/xfrm_monitor.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/ip/xfrm_monitor.c b/ip/
ot;unused" state while the SA remains ACTIVE, so I think simpler is
better (same reasoning applied to the current change).
-Nathan
On Wed, May 9, 2018 at 10:44 PM, Eyal Birger wrote:
> Hi Nathan,
>
> On Wed, 9 May 2018 13:46:26 -0700
> Nathan Harold wrote:
>
>> Allow UP
clobbered.
The per-SA lock and the xfrm_state_lock are taken in
that order to avoid a deadlock with
xfrm_timer_handler(), which also takes the locks in
that order.
Signed-off-by: Nathan Harold
Change-Id: Ia05c6733a94c1901cd1e54eb7c7e237704678d71
---
net/xfrm/xfrm_state.c | 7 +++
1 file
