netns xfrm: state flush in netns

Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Alexey Dobriyan <adobriyan@gmail.com> 2008-11-25 20:30:18 -0500
committer: David S. Miller <davem@davemloft.net> 2008-11-25 20:30:18 -0500
commit: 0e6024519b4da2d9413b97be1de8122d5709ccc1 (patch)
tree: 169bb5b6b763dbb63ccb23decd36441daa8398ca /net/xfrm
parent: 98806f75ba2afc716e4d2f915d3ac7687546f9c0 (diff)
2 files changed, 10 insertions, 10 deletions
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index f3f635d4ee66..5f4c5340ba30 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -576,15 +576,15 @@ EXPORT_SYMBOL(xfrm_state_delete);
 #ifdef CONFIG_SECURITY_NETWORK_XFRM
 static inline int
-xfrm_state_flush_secctx_check(u8 proto, struct xfrm_audit *audit_info)
+xfrm_state_flush_secctx_check(struct net *net, u8 proto, struct xfrm_audit *audit_info)
 {
        int i, err = 0;
-        for (i = 0; i <= init_net.xfrm.state_hmask; i++) {
+        for (i = 0; i <= net->xfrm.state_hmask; i++) {
                struct hlist_node *entry;
                struct xfrm_state *x;
-                hlist_for_each_entry(x, entry, init_net.xfrm.state_bydst+i, bydst) {
+                hlist_for_each_entry(x, entry, net->xfrm.state_bydst+i, bydst) {
                        if (xfrm_id_proto_match(x->id.proto, proto) &&
                           (err = security_xfrm_state_delete(x)) != 0) {
                                xfrm_audit_state_delete(x, 0,
@@ -600,26 +600,26 @@ xfrm_state_flush_secctx_check(u8 proto, struct xfrm_audit *audit_info)
 }
 #else
 static inline int
-xfrm_state_flush_secctx_check(u8 proto, struct xfrm_audit *audit_info)
+xfrm_state_flush_secctx_check(struct net *net, u8 proto, struct xfrm_audit *audit_info)
 {
        return 0;
 }
 #endif
-int xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info)
+int xfrm_state_flush(struct net *net, u8 proto, struct xfrm_audit *audit_info)
 {
        int i, err = 0;
        spin_lock_bh(&xfrm_state_lock);
-        err = xfrm_state_flush_secctx_check(proto, audit_info);
+        err = xfrm_state_flush_secctx_check(net, proto, audit_info);
        if (err)
                goto out;
-        for (i = 0; i <= init_net.xfrm.state_hmask; i++) {
+        for (i = 0; i <= net->xfrm.state_hmask; i++) {
                struct hlist_node *entry;
                struct xfrm_state *x;
 restart:
-                hlist_for_each_entry(x, entry, init_net.xfrm.state_bydst+i, bydst) {
+                hlist_for_each_entry(x, entry, net->xfrm.state_bydst+i, bydst) {
                        if (!xfrm_state_kern(x) &&
                            xfrm_id_proto_match(x->id.proto, proto)) {
                                xfrm_state_hold(x);
@@ -641,7 +641,7 @@ restart:
 out:
        spin_unlock_bh(&xfrm_state_lock);
-        wake_up(&init_net.xfrm.km_waitq);
+        wake_up(&net->xfrm.km_waitq);
        return err;
 }
 EXPORT_SYMBOL(xfrm_state_flush);
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 765c01e784e9..49a7e897ba96 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -1398,7 +1398,7 @@ static int xfrm_flush_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
        audit_info.loginuid = NETLINK_CB(skb).loginuid;
        audit_info.sessionid = NETLINK_CB(skb).sessionid;
        audit_info.secid = NETLINK_CB(skb).sid;
-        err = xfrm_state_flush(p->proto, &audit_info);
+        err = xfrm_state_flush(&init_net, p->proto, &audit_info);
        if (err)
                return err;
        c.data.proto = p->proto;
author	Alexey Dobriyan <adobriyan@gmail.com>	2008-11-25 20:30:18 -0500
committer	David S. Miller <davem@davemloft.net>	2008-11-25 20:30:18 -0500
commit	0e6024519b4da2d9413b97be1de8122d5709ccc1 (patch)
tree	169bb5b6b763dbb63ccb23decd36441daa8398ca /net/xfrm
parent	98806f75ba2afc716e4d2f915d3ac7687546f9c0 (diff)

diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index f3f635d4ee66..5f4c5340ba30 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c
@@ -576,15 +576,15 @@ EXPORT_SYMBOL(xfrm_state_delete);
576		576
577	#ifdef CONFIG_SECURITY_NETWORK_XFRM	577	#ifdef CONFIG_SECURITY_NETWORK_XFRM
578	static inline int	578	static inline int
579	xfrm_state_flush_secctx_check(u8 proto, struct xfrm_audit *audit_info)	579	xfrm_state_flush_secctx_check(struct net net, u8 proto, struct xfrm_audit audit_info)
580	{	580	{
581	int i, err = 0;	581	int i, err = 0;
582		582
583	for (i = 0; i <= init_net.xfrm.state_hmask; i++) {	583	for (i = 0; i <= net->xfrm.state_hmask; i++) {
584	struct hlist_node *entry;	584	struct hlist_node *entry;
585	struct xfrm_state *x;	585	struct xfrm_state *x;
586		586
587	hlist_for_each_entry(x, entry, init_net.xfrm.state_bydst+i, bydst) {	587	hlist_for_each_entry(x, entry, net->xfrm.state_bydst+i, bydst) {
588	if (xfrm_id_proto_match(x->id.proto, proto) &&	588	if (xfrm_id_proto_match(x->id.proto, proto) &&
589	(err = security_xfrm_state_delete(x)) != 0) {	589	(err = security_xfrm_state_delete(x)) != 0) {
590	xfrm_audit_state_delete(x, 0,	590	xfrm_audit_state_delete(x, 0,
@@ -600,26 +600,26 @@ xfrm_state_flush_secctx_check(u8 proto, struct xfrm_audit *audit_info)
600	}	600	}
601	#else	601	#else
602	static inline int	602	static inline int
603	xfrm_state_flush_secctx_check(u8 proto, struct xfrm_audit *audit_info)	603	xfrm_state_flush_secctx_check(struct net net, u8 proto, struct xfrm_audit audit_info)
604	{	604	{
605	return 0;	605	return 0;
606	}	606	}
607	#endif	607	#endif
608		608
609	int xfrm_state_flush(u8 proto, struct xfrm_audit *audit_info)	609	int xfrm_state_flush(struct net net, u8 proto, struct xfrm_audit audit_info)
610	{	610	{
611	int i, err = 0;	611	int i, err = 0;
612		612
613	spin_lock_bh(&xfrm_state_lock);	613	spin_lock_bh(&xfrm_state_lock);
614	err = xfrm_state_flush_secctx_check(proto, audit_info);	614	err = xfrm_state_flush_secctx_check(net, proto, audit_info);
615	if (err)	615	if (err)
616	goto out;	616	goto out;
617		617
618	for (i = 0; i <= init_net.xfrm.state_hmask; i++) {	618	for (i = 0; i <= net->xfrm.state_hmask; i++) {
619	struct hlist_node *entry;	619	struct hlist_node *entry;
620	struct xfrm_state *x;	620	struct xfrm_state *x;
621	restart:	621	restart:
622	hlist_for_each_entry(x, entry, init_net.xfrm.state_bydst+i, bydst) {	622	hlist_for_each_entry(x, entry, net->xfrm.state_bydst+i, bydst) {
623	if (!xfrm_state_kern(x) &&	623	if (!xfrm_state_kern(x) &&
624	xfrm_id_proto_match(x->id.proto, proto)) {	624	xfrm_id_proto_match(x->id.proto, proto)) {
625	xfrm_state_hold(x);	625	xfrm_state_hold(x);
@@ -641,7 +641,7 @@ restart:
641		641
642	out:	642	out:
643	spin_unlock_bh(&xfrm_state_lock);	643	spin_unlock_bh(&xfrm_state_lock);
644	wake_up(&init_net.xfrm.km_waitq);	644	wake_up(&net->xfrm.km_waitq);
645	return err;	645	return err;
646	}	646	}
647	EXPORT_SYMBOL(xfrm_state_flush);	647	EXPORT_SYMBOL(xfrm_state_flush);


diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index 765c01e784e9..49a7e897ba96 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c
@@ -1398,7 +1398,7 @@ static int xfrm_flush_sa(struct sk_buff skb, struct nlmsghdr nlh,
1398	audit_info.loginuid = NETLINK_CB(skb).loginuid;	1398	audit_info.loginuid = NETLINK_CB(skb).loginuid;
1399	audit_info.sessionid = NETLINK_CB(skb).sessionid;	1399	audit_info.sessionid = NETLINK_CB(skb).sessionid;
1400	audit_info.secid = NETLINK_CB(skb).sid;	1400	audit_info.secid = NETLINK_CB(skb).sid;
1401	err = xfrm_state_flush(p->proto, &audit_info);	1401	err = xfrm_state_flush(&init_net, p->proto, &audit_info);
1402	if (err)	1402	if (err)
1403	return err;	1403	return err;
1404	c.data.proto = p->proto;	1404	c.data.proto = p->proto;