netns xfrm: policy walking in netns
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
8d1211a6aa
commit
cdcbca7c1f
|
@ -1435,7 +1435,7 @@ static inline int xfrm4_udp_encap_rcv(struct sock *sk, struct sk_buff *skb)
|
||||||
struct xfrm_policy *xfrm_policy_alloc(struct net *net, gfp_t gfp);
|
struct xfrm_policy *xfrm_policy_alloc(struct net *net, gfp_t gfp);
|
||||||
|
|
||||||
extern void xfrm_policy_walk_init(struct xfrm_policy_walk *walk, u8 type);
|
extern void xfrm_policy_walk_init(struct xfrm_policy_walk *walk, u8 type);
|
||||||
extern int xfrm_policy_walk(struct xfrm_policy_walk *walk,
|
extern int xfrm_policy_walk(struct net *net, struct xfrm_policy_walk *walk,
|
||||||
int (*func)(struct xfrm_policy *, int, int, void*), void *);
|
int (*func)(struct xfrm_policy *, int, int, void*), void *);
|
||||||
extern void xfrm_policy_walk_done(struct xfrm_policy_walk *walk);
|
extern void xfrm_policy_walk_done(struct xfrm_policy_walk *walk);
|
||||||
int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl);
|
int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl);
|
||||||
|
|
|
@ -1846,7 +1846,7 @@ static u32 gen_reqid(void)
|
||||||
if (reqid == 0)
|
if (reqid == 0)
|
||||||
reqid = IPSEC_MANUAL_REQID_MAX+1;
|
reqid = IPSEC_MANUAL_REQID_MAX+1;
|
||||||
xfrm_policy_walk_init(&walk, XFRM_POLICY_TYPE_MAIN);
|
xfrm_policy_walk_init(&walk, XFRM_POLICY_TYPE_MAIN);
|
||||||
rc = xfrm_policy_walk(&walk, check_reqid, (void*)&reqid);
|
rc = xfrm_policy_walk(&init_net, &walk, check_reqid, (void*)&reqid);
|
||||||
xfrm_policy_walk_done(&walk);
|
xfrm_policy_walk_done(&walk);
|
||||||
if (rc != -EEXIST)
|
if (rc != -EEXIST)
|
||||||
return reqid;
|
return reqid;
|
||||||
|
@ -2633,7 +2633,7 @@ static int dump_sp(struct xfrm_policy *xp, int dir, int count, void *ptr)
|
||||||
|
|
||||||
static int pfkey_dump_sp(struct pfkey_sock *pfk)
|
static int pfkey_dump_sp(struct pfkey_sock *pfk)
|
||||||
{
|
{
|
||||||
return xfrm_policy_walk(&pfk->dump.u.policy, dump_sp, (void *) pfk);
|
return xfrm_policy_walk(&init_net, &pfk->dump.u.policy, dump_sp, (void *) pfk);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void pfkey_dump_sp_done(struct pfkey_sock *pfk)
|
static void pfkey_dump_sp_done(struct pfkey_sock *pfk)
|
||||||
|
|
|
@ -851,7 +851,7 @@ out:
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL(xfrm_policy_flush);
|
EXPORT_SYMBOL(xfrm_policy_flush);
|
||||||
|
|
||||||
int xfrm_policy_walk(struct xfrm_policy_walk *walk,
|
int xfrm_policy_walk(struct net *net, struct xfrm_policy_walk *walk,
|
||||||
int (*func)(struct xfrm_policy *, int, int, void*),
|
int (*func)(struct xfrm_policy *, int, int, void*),
|
||||||
void *data)
|
void *data)
|
||||||
{
|
{
|
||||||
|
@ -868,10 +868,10 @@ int xfrm_policy_walk(struct xfrm_policy_walk *walk,
|
||||||
|
|
||||||
write_lock_bh(&xfrm_policy_lock);
|
write_lock_bh(&xfrm_policy_lock);
|
||||||
if (list_empty(&walk->walk.all))
|
if (list_empty(&walk->walk.all))
|
||||||
x = list_first_entry(&init_net.xfrm.policy_all, struct xfrm_policy_walk_entry, all);
|
x = list_first_entry(&net->xfrm.policy_all, struct xfrm_policy_walk_entry, all);
|
||||||
else
|
else
|
||||||
x = list_entry(&walk->walk.all, struct xfrm_policy_walk_entry, all);
|
x = list_entry(&walk->walk.all, struct xfrm_policy_walk_entry, all);
|
||||||
list_for_each_entry_from(x, &init_net.xfrm.policy_all, all) {
|
list_for_each_entry_from(x, &net->xfrm.policy_all, all) {
|
||||||
if (x->dead)
|
if (x->dead)
|
||||||
continue;
|
continue;
|
||||||
pol = container_of(x, struct xfrm_policy, walk);
|
pol = container_of(x, struct xfrm_policy, walk);
|
||||||
|
|
|
@ -1279,7 +1279,7 @@ static int xfrm_dump_policy(struct sk_buff *skb, struct netlink_callback *cb)
|
||||||
xfrm_policy_walk_init(walk, XFRM_POLICY_TYPE_ANY);
|
xfrm_policy_walk_init(walk, XFRM_POLICY_TYPE_ANY);
|
||||||
}
|
}
|
||||||
|
|
||||||
(void) xfrm_policy_walk(walk, dump_one_policy, &info);
|
(void) xfrm_policy_walk(&init_net, walk, dump_one_policy, &info);
|
||||||
|
|
||||||
return skb->len;
|
return skb->len;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue