aboutsummaryrefslogtreecommitdiffstats
path: root/net/xfrm
diff options
context:
space:
mode:
Diffstat (limited to 'net/xfrm')
-rw-r--r--net/xfrm/xfrm_policy.c3
-rw-r--r--net/xfrm/xfrm_state.c15
2 files changed, 11 insertions, 7 deletions
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index b8bab89616a0..64a375178c5f 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -26,10 +26,11 @@
26#include <net/xfrm.h> 26#include <net/xfrm.h>
27#include <net/ip.h> 27#include <net/ip.h>
28#include <linux/audit.h> 28#include <linux/audit.h>
29#include <linux/cache.h>
29 30
30#include "xfrm_hash.h" 31#include "xfrm_hash.h"
31 32
32int sysctl_xfrm_larval_drop; 33int sysctl_xfrm_larval_drop __read_mostly;
33 34
34DEFINE_MUTEX(xfrm_cfg_mutex); 35DEFINE_MUTEX(xfrm_cfg_mutex);
35EXPORT_SYMBOL(xfrm_cfg_mutex); 36EXPORT_SYMBOL(xfrm_cfg_mutex);
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 9955ff4da0a2..372f06eb8bb7 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -21,18 +21,21 @@
21#include <linux/cache.h> 21#include <linux/cache.h>
22#include <asm/uaccess.h> 22#include <asm/uaccess.h>
23#include <linux/audit.h> 23#include <linux/audit.h>
24#include <linux/cache.h>
24 25
25#include "xfrm_hash.h" 26#include "xfrm_hash.h"
26 27
27struct sock *xfrm_nl; 28struct sock *xfrm_nl;
28EXPORT_SYMBOL(xfrm_nl); 29EXPORT_SYMBOL(xfrm_nl);
29 30
30u32 sysctl_xfrm_aevent_etime = XFRM_AE_ETIME; 31u32 sysctl_xfrm_aevent_etime __read_mostly = XFRM_AE_ETIME;
31EXPORT_SYMBOL(sysctl_xfrm_aevent_etime); 32EXPORT_SYMBOL(sysctl_xfrm_aevent_etime);
32 33
33u32 sysctl_xfrm_aevent_rseqth = XFRM_AE_SEQT_SIZE; 34u32 sysctl_xfrm_aevent_rseqth __read_mostly = XFRM_AE_SEQT_SIZE;
34EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth); 35EXPORT_SYMBOL(sysctl_xfrm_aevent_rseqth);
35 36
37u32 sysctl_xfrm_acq_expires __read_mostly = 30;
38
36/* Each xfrm_state may be linked to two tables: 39/* Each xfrm_state may be linked to two tables:
37 40
38 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl) 41 1. Hash table by (spi,daddr,ah/esp) to find SA by SPI. (input,ctl)
@@ -622,8 +625,8 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
622 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family); 625 h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family);
623 hlist_add_head(&x->byspi, xfrm_state_byspi+h); 626 hlist_add_head(&x->byspi, xfrm_state_byspi+h);
624 } 627 }
625 x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES; 628 x->lft.hard_add_expires_seconds = sysctl_xfrm_acq_expires;
626 x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ; 629 x->timer.expires = jiffies + sysctl_xfrm_acq_expires*HZ;
627 add_timer(&x->timer); 630 add_timer(&x->timer);
628 xfrm_state_num++; 631 xfrm_state_num++;
629 xfrm_hash_grow_check(x->bydst.next != NULL); 632 xfrm_hash_grow_check(x->bydst.next != NULL);
@@ -772,9 +775,9 @@ static struct xfrm_state *__find_acq_core(unsigned short family, u8 mode, u32 re
772 x->props.family = family; 775 x->props.family = family;
773 x->props.mode = mode; 776 x->props.mode = mode;
774 x->props.reqid = reqid; 777 x->props.reqid = reqid;
775 x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES; 778 x->lft.hard_add_expires_seconds = sysctl_xfrm_acq_expires;
776 xfrm_state_hold(x); 779 xfrm_state_hold(x);
777 x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ; 780 x->timer.expires = jiffies + sysctl_xfrm_acq_expires*HZ;
778 add_timer(&x->timer); 781 add_timer(&x->timer);
779 hlist_add_head(&x->bydst, xfrm_state_bydst+h); 782 hlist_add_head(&x->bydst, xfrm_state_bydst+h);
780 h = xfrm_src_hash(daddr, saddr, family); 783 h = xfrm_src_hash(daddr, saddr, family);
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-14 20:53:04 -0500