aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid S. Miller <davem@sunset.davemloft.net>2006-08-24 06:30:28 -0400
committerDavid S. Miller <davem@sunset.davemloft.net>2006-09-22 18:08:46 -0400
commit1c0953997567b22e32fdf85d3b4bc0f2461fd161 (patch)
tree5e4d691503d911f2134734e345ae0d7f01b97e4e
parentc7f5ea3a4d1ae6b3b426e113358fdc57494bc754 (diff)
[XFRM]: Purge dst references to deleted SAs passively.
Just let GC and other normal mechanisms take care of getting rid of DST cache references to deleted xfrm_state objects instead of walking all the policy bundles. Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--include/net/xfrm.h1
-rw-r--r--net/xfrm/xfrm_policy.c2
-rw-r--r--net/xfrm/xfrm_state.c17
3 files changed, 1 insertions, 19 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index a620a43c9eeb..c7870b6eae01 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -995,7 +995,6 @@ struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
995 int create, unsigned short family); 995 int create, unsigned short family);
996extern void xfrm_policy_flush(u8 type); 996extern void xfrm_policy_flush(u8 type);
997extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol); 997extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol);
998extern int xfrm_flush_bundles(void);
999extern int xfrm_bundle_ok(struct xfrm_dst *xdst, struct flowi *fl, int family, int strict); 998extern int xfrm_bundle_ok(struct xfrm_dst *xdst, struct flowi *fl, int family, int strict);
1000extern void xfrm_init_pmtu(struct dst_entry *dst); 999extern void xfrm_init_pmtu(struct dst_entry *dst);
1001 1000
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index cfa5c692f2e8..1bcaae4adf3a 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -1472,7 +1472,7 @@ static void __xfrm_garbage_collect(void)
1472 xfrm_prune_bundles(unused_bundle); 1472 xfrm_prune_bundles(unused_bundle);
1473} 1473}
1474 1474
1475int xfrm_flush_bundles(void) 1475static int xfrm_flush_bundles(void)
1476{ 1476{
1477 xfrm_prune_bundles(stale_bundle); 1477 xfrm_prune_bundles(stale_bundle);
1478 return 0; 1478 return 0;
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 77ef796c9d0d..9ff00b7d6ad3 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -256,8 +256,6 @@ static struct work_struct xfrm_state_gc_work;
256static HLIST_HEAD(xfrm_state_gc_list); 256static HLIST_HEAD(xfrm_state_gc_list);
257static DEFINE_SPINLOCK(xfrm_state_gc_lock); 257static DEFINE_SPINLOCK(xfrm_state_gc_lock);
258 258
259static int xfrm_state_gc_flush_bundles;
260
261int __xfrm_state_delete(struct xfrm_state *x); 259int __xfrm_state_delete(struct xfrm_state *x);
262 260
263static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family); 261static struct xfrm_state_afinfo *xfrm_state_get_afinfo(unsigned short family);
@@ -293,11 +291,6 @@ static void xfrm_state_gc_task(void *data)
293 struct hlist_node *entry, *tmp; 291 struct hlist_node *entry, *tmp;
294 struct hlist_head gc_list; 292 struct hlist_head gc_list;
295 293
296 if (xfrm_state_gc_flush_bundles) {
297 xfrm_state_gc_flush_bundles = 0;
298 xfrm_flush_bundles();
299 }
300
301 spin_lock_bh(&xfrm_state_gc_lock); 294 spin_lock_bh(&xfrm_state_gc_lock);
302 gc_list.first = xfrm_state_gc_list.first; 295 gc_list.first = xfrm_state_gc_list.first;
303 INIT_HLIST_HEAD(&xfrm_state_gc_list); 296 INIT_HLIST_HEAD(&xfrm_state_gc_list);
@@ -454,16 +447,6 @@ int __xfrm_state_delete(struct xfrm_state *x)
454 if (del_timer(&x->rtimer)) 447 if (del_timer(&x->rtimer))
455 __xfrm_state_put(x); 448 __xfrm_state_put(x);
456 449
457 /* The number two in this test is the reference
458 * mentioned in the comment below plus the reference
459 * our caller holds. A larger value means that
460 * there are DSTs attached to this xfrm_state.
461 */
462 if (atomic_read(&x->refcnt) > 2) {
463 xfrm_state_gc_flush_bundles = 1;
464 schedule_work(&xfrm_state_gc_work);
465 }
466
467 /* All xfrm_state objects are created by xfrm_state_alloc. 450 /* All xfrm_state objects are created by xfrm_state_alloc.
468 * The xfrm_state_alloc call gives a reference, and that 451 * The xfrm_state_alloc call gives a reference, and that
469 * is what we are dropping here. 452 * is what we are dropping here.