3 files changed, 20 insertions, 16 deletions

diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index fd4a300b5baf..a620a43c9eeb 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -996,7 +996,6 @@ struct xfrm_state * xfrm_find_acq(u8 mode, u32 reqid, u8 proto,
 extern void xfrm_policy_flush(u8 type);
 extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol);
 extern int xfrm_flush_bundles(void);
-extern void xfrm_flush_all_bundles(void);
 extern int xfrm_bundle_ok(struct xfrm_dst *xdst, struct flowi *fl, int family, int strict);
 extern void xfrm_init_pmtu(struct dst_entry *dst);
 
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 7fc6944ee36f..cfa5c692f2e8 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -1478,16 +1478,6 @@ int xfrm_flush_bundles(void)
         return 0;
 }
 
-static int always_true(struct dst_entry *dst)
-{
-        return 1;
-}
-
-void xfrm_flush_all_bundles(void)
-{
-        xfrm_prune_bundles(always_true);
-}
-
 void xfrm_init_pmtu(struct dst_entry *dst)
 {
         do {
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 98200397e098..77ef796c9d0d 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -761,13 +761,30 @@ static void __xfrm_state_insert(struct xfrm_state *x)
                 schedule_work(&xfrm_hash_work);
 }
 
+/* xfrm_state_lock is held */
+static void __xfrm_state_bump_genids(struct xfrm_state *xnew)
+{
+        unsigned short family = xnew->props.family;
+        u32 reqid = xnew->props.reqid;
+        struct xfrm_state *x;
+        struct hlist_node *entry;
+        unsigned int h;
+
+        h = xfrm_dst_hash(&xnew->id.daddr, reqid, family);
+        hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {
+                if (x->props.family     == family &&
+                    x->props.reqid      == reqid &&
+                    !xfrm_addr_cmp(&x->id.daddr, &xnew->id.daddr, family))
+                        x->genid = xfrm_state_genid;
+        }
+}
+
 void xfrm_state_insert(struct xfrm_state *x)
 {
         spin_lock_bh(&xfrm_state_lock);
+        __xfrm_state_bump_genids(x);
         __xfrm_state_insert(x);
         spin_unlock_bh(&xfrm_state_lock);
-
-        xfrm_flush_all_bundles();
 }
 EXPORT_SYMBOL(xfrm_state_insert);
 
@@ -889,15 +906,13 @@ int xfrm_state_add(struct xfrm_state *x)
                                      x->id.proto,
                                      &x->id.daddr, &x->props.saddr, 0);
 
+        __xfrm_state_bump_genids(x);
         __xfrm_state_insert(x);
         err = 0;
 
 out:
         spin_unlock_bh(&xfrm_state_lock);
 
-        if (!err)
-                xfrm_flush_all_bundles();
-
         if (x1) {
                 xfrm_state_delete(x1);
                 xfrm_state_put(x1);