diff options
| author | dpward <david.ward@ll.mit.edu> | 2011-08-31 02:05:27 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2011-09-15 14:49:44 -0400 |
| commit | 0542b69e2c57fc9668ce6a03155bea6e1f557901 (patch) | |
| tree | 42fd6ce7ca11daeefc815271488e7fa92721f909 /net | |
| parent | 02009afc223aae43b8e18918fc816e4520791537 (diff) | |
net: Make flow cache namespace-aware
flow_cache_lookup will return a cached object (or null pointer) that the
resolver (i.e. xfrm_policy_lookup) previously found for another namespace
using the same key/family/dir. Instead, make the namespace part of what
identifies entries in the cache.
As before, flow_entry_valid will return 0 for entries where the namespace
has been deleted, and they will be removed from the cache the next time
flow_cache_gc_task is run.
Reported-by: Andrew Dickinson <whydna@whydna.net>
Signed-off-by: David Ward <david.ward@ll.mit.edu>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
| -rw-r--r-- | net/core/flow.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/net/core/flow.c b/net/core/flow.c index bf32c33cad3b..47b6d26c2afb 100644 --- a/net/core/flow.c +++ b/net/core/flow.c | |||
| @@ -30,6 +30,7 @@ struct flow_cache_entry { | |||
| 30 | struct hlist_node hlist; | 30 | struct hlist_node hlist; |
| 31 | struct list_head gc_list; | 31 | struct list_head gc_list; |
| 32 | } u; | 32 | } u; |
| 33 | struct net *net; | ||
| 33 | u16 family; | 34 | u16 family; |
| 34 | u8 dir; | 35 | u8 dir; |
| 35 | u32 genid; | 36 | u32 genid; |
| @@ -232,7 +233,8 @@ flow_cache_lookup(struct net *net, const struct flowi *key, u16 family, u8 dir, | |||
| 232 | 233 | ||
| 233 | hash = flow_hash_code(fc, fcp, key); | 234 | hash = flow_hash_code(fc, fcp, key); |
| 234 | hlist_for_each_entry(tfle, entry, &fcp->hash_table[hash], u.hlist) { | 235 | hlist_for_each_entry(tfle, entry, &fcp->hash_table[hash], u.hlist) { |
| 235 | if (tfle->family == family && | 236 | if (tfle->net == net && |
| 237 | tfle->family == family && | ||
| 236 | tfle->dir == dir && | 238 | tfle->dir == dir && |
| 237 | flow_key_compare(key, &tfle->key) == 0) { | 239 | flow_key_compare(key, &tfle->key) == 0) { |
| 238 | fle = tfle; | 240 | fle = tfle; |
| @@ -246,6 +248,7 @@ flow_cache_lookup(struct net *net, const struct flowi *key, u16 family, u8 dir, | |||
| 246 | 248 | ||
| 247 | fle = kmem_cache_alloc(flow_cachep, GFP_ATOMIC); | 249 | fle = kmem_cache_alloc(flow_cachep, GFP_ATOMIC); |
| 248 | if (fle) { | 250 | if (fle) { |
| 251 | fle->net = net; | ||
| 249 | fle->family = family; | 252 | fle->family = family; |
| 250 | fle->dir = dir; | 253 | fle->dir = dir; |
| 251 | memcpy(&fle->key, key, sizeof(*key)); | 254 | memcpy(&fle->key, key, sizeof(*key)); |