summaryrefslogtreecommitdiffstats
path: root/net/ipv4/xfrm4_policy.c
diff options
context:
space:
mode:
authorDavid S. Miller <davem@sunset.davemloft.net>2006-08-24 03:18:09 -0700
committerDavid S. Miller <davem@sunset.davemloft.net>2006-09-22 15:08:42 -0700
commit9d4a706d852411154d0c91b9ffb3bec68b94b25c (patch)
tree1613607168baa8b654c300895cd7d0ffb6f18581 /net/ipv4/xfrm4_policy.c
parentf034b5d4efdfe0fb9e2a1ce1d95fa7914f24de49 (diff)
downloadlinux-9d4a706d852411154d0c91b9ffb3bec68b94b25c.tar.gz
linux-9d4a706d852411154d0c91b9ffb3bec68b94b25c.tar.bz2
linux-9d4a706d852411154d0c91b9ffb3bec68b94b25c.zip
[XFRM]: Add generation count to xfrm_state and xfrm_dst.
Each xfrm_state inserted gets a new generation counter value. When a bundle is created, the xfrm_dst objects get the current generation counter of the xfrm_state they will attach to at dst->xfrm. xfrm_bundle_ok() will return false if it sees an xfrm_dst with a generation count different from the generation count of the xfrm_state that dst points to. This provides a facility by which to passively and cheaply invalidate cached IPSEC routes during SA database changes. Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/xfrm4_policy.c')
-rw-r--r--net/ipv4/xfrm4_policy.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c
index 42d8ded0f96a..479598566f1d 100644
--- a/net/ipv4/xfrm4_policy.c
+++ b/net/ipv4/xfrm4_policy.c
@@ -93,6 +93,7 @@ __xfrm4_bundle_create(struct xfrm_policy *policy, struct xfrm_state **xfrm, int
xdst = (struct xfrm_dst *)dst1;
xdst->route = &rt->u.dst;
+ xdst->genid = xfrm[i]->genid;
dst1->next = dst_prev;
dst_prev = dst1;