From 9d4139c76905833afcb77fe8ccc17f302a0eb9ab Mon Sep 17 00:00:00 2001 From: Alexey Dobriyan Date: Tue, 25 Nov 2008 17:16:11 -0800 Subject: netns xfrm: per-netns xfrm_state_all list This is done to get a) simple "something leaked" check b) cover possible DoSes when other netns puts many, many xfrm_states onto a list. c) not miss "alien xfrm_state" check in some of list iterators in future. Signed-off-by: Alexey Dobriyan Signed-off-by: David S. Miller --- include/net/netns/xfrm.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include/net/netns') diff --git a/include/net/netns/xfrm.h b/include/net/netns/xfrm.h index 1cb0024a3b47..6ae234a16517 100644 --- a/include/net/netns/xfrm.h +++ b/include/net/netns/xfrm.h @@ -1,7 +1,10 @@ #ifndef __NETNS_XFRM_H #define __NETNS_XFRM_H +#include + struct netns_xfrm { + struct list_head state_all; }; #endif -- cgit v1.2.2