[XFRM]: Clearing xfrm_policy_count[] to zero during flush is incorrect.

When we flush policies, we do a type match so we might not actually delete all policies matching a certain direction. So keep track of how many policies we actually kill and subtract that number from xfrm_policy_count[dir] at the end. Based upon a patch by Masahide NAKAMURA. Signed-off-by: David S. Miller <davem@davemloft.net>

[XFRM]: Clearing xfrm_policy_count[] to zero during flush is incorrect.
When we flush policies, we do a type match so we might not actually delete all policies matching a certain direction. So keep track of how many policies we actually kill and subtract that number from xfrm_policy_count[dir] at the end. Based upon a patch by Masahide NAKAMURA. Signed-off-by: David S. Miller <davem@davemloft.net>
ae8c0577 · David S. Miller · 667bbcb6 · ae8c0577
Commit ae8c0577 authored Oct 03, 2006 by David S. Miller
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 2 deletions

net/xfrm/xfrm_policy.c net/xfrm/xfrm_policy.c +5 -2

No files found.
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -778,8 +778,9 @@ void xfrm_policy_flush(u8 type)
 	for (dir = 0; dir < XFRM_POLICY_MAX; dir++) {
 		struct xfrm_policy *pol;
 		struct hlist_node *entry;
-		int i;
+		int i, killed;

+		killed = 0;
 	again1:
 		hlist_for_each_entry(pol, entry,
 				     &xfrm_policy_inexact[dir], bydst) {
@@ -790,6 +791,7 @@ void xfrm_policy_flush(u8 type)
 			write_unlock_bh(&xfrm_policy_lock);

 			xfrm_policy_kill(pol);
+			killed++;

 			write_lock_bh(&xfrm_policy_lock);
 			goto again1;
@@ -807,13 +809,14 @@ void xfrm_policy_flush(u8 type)
 				write_unlock_bh(&xfrm_policy_lock);

 				xfrm_policy_kill(pol);
+				killed++;

 				write_lock_bh(&xfrm_policy_lock);
 				goto again2;
 			}
 		}

-		xfrm_policy_count[dir] = 0;
+		xfrm_policy_count[dir] -= killed;
 	}
 	atomic_inc(&flow_cache_genid);
 	write_unlock_bh(&xfrm_policy_lock);