提交 64d0cd00 编写于 作者: A Alexey Dobriyan 提交者: David S. Miller

netns xfrm: propagate netns into bydst/bysrc/byspi hash functions

Signed-off-by: NAlexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 66caf628
...@@ -57,25 +57,27 @@ static void xfrm_audit_state_replay(struct xfrm_state *x, ...@@ -57,25 +57,27 @@ static void xfrm_audit_state_replay(struct xfrm_state *x,
#define xfrm_audit_state_replay(x, s, sq) do { ; } while (0) #define xfrm_audit_state_replay(x, s, sq) do { ; } while (0)
#endif /* CONFIG_AUDITSYSCALL */ #endif /* CONFIG_AUDITSYSCALL */
static inline unsigned int xfrm_dst_hash(xfrm_address_t *daddr, static inline unsigned int xfrm_dst_hash(struct net *net,
xfrm_address_t *daddr,
xfrm_address_t *saddr, xfrm_address_t *saddr,
u32 reqid, u32 reqid,
unsigned short family) unsigned short family)
{ {
return __xfrm_dst_hash(daddr, saddr, reqid, family, init_net.xfrm.state_hmask); return __xfrm_dst_hash(daddr, saddr, reqid, family, net->xfrm.state_hmask);
} }
static inline unsigned int xfrm_src_hash(xfrm_address_t *daddr, static inline unsigned int xfrm_src_hash(struct net *net,
xfrm_address_t *daddr,
xfrm_address_t *saddr, xfrm_address_t *saddr,
unsigned short family) unsigned short family)
{ {
return __xfrm_src_hash(daddr, saddr, family, init_net.xfrm.state_hmask); return __xfrm_src_hash(daddr, saddr, family, net->xfrm.state_hmask);
} }
static inline unsigned int static inline unsigned int
xfrm_spi_hash(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family) xfrm_spi_hash(struct net *net, xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family)
{ {
return __xfrm_spi_hash(daddr, spi, proto, family, init_net.xfrm.state_hmask); return __xfrm_spi_hash(daddr, spi, proto, family, net->xfrm.state_hmask);
} }
static void xfrm_hash_transfer(struct hlist_head *list, static void xfrm_hash_transfer(struct hlist_head *list,
...@@ -666,7 +668,7 @@ xfrm_init_tempsel(struct xfrm_state *x, struct flowi *fl, ...@@ -666,7 +668,7 @@ xfrm_init_tempsel(struct xfrm_state *x, struct flowi *fl,
static struct xfrm_state *__xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family) static struct xfrm_state *__xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi, u8 proto, unsigned short family)
{ {
unsigned int h = xfrm_spi_hash(daddr, spi, proto, family); unsigned int h = xfrm_spi_hash(&init_net, daddr, spi, proto, family);
struct xfrm_state *x; struct xfrm_state *x;
struct hlist_node *entry; struct hlist_node *entry;
...@@ -698,7 +700,7 @@ static struct xfrm_state *__xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi, ...@@ -698,7 +700,7 @@ static struct xfrm_state *__xfrm_state_lookup(xfrm_address_t *daddr, __be32 spi,
static struct xfrm_state *__xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto, unsigned short family) static struct xfrm_state *__xfrm_state_lookup_byaddr(xfrm_address_t *daddr, xfrm_address_t *saddr, u8 proto, unsigned short family)
{ {
unsigned int h = xfrm_src_hash(daddr, saddr, family); unsigned int h = xfrm_src_hash(&init_net, daddr, saddr, family);
struct xfrm_state *x; struct xfrm_state *x;
struct hlist_node *entry; struct hlist_node *entry;
...@@ -767,7 +769,7 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr, ...@@ -767,7 +769,7 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
to_put = NULL; to_put = NULL;
spin_lock_bh(&xfrm_state_lock); spin_lock_bh(&xfrm_state_lock);
h = xfrm_dst_hash(daddr, saddr, tmpl->reqid, family); h = xfrm_dst_hash(&init_net, daddr, saddr, tmpl->reqid, family);
hlist_for_each_entry(x, entry, init_net.xfrm.state_bydst+h, bydst) { hlist_for_each_entry(x, entry, init_net.xfrm.state_bydst+h, bydst) {
if (x->props.family == family && if (x->props.family == family &&
x->props.reqid == tmpl->reqid && x->props.reqid == tmpl->reqid &&
...@@ -839,10 +841,10 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr, ...@@ -839,10 +841,10 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
x->km.state = XFRM_STATE_ACQ; x->km.state = XFRM_STATE_ACQ;
list_add(&x->km.all, &init_net.xfrm.state_all); list_add(&x->km.all, &init_net.xfrm.state_all);
hlist_add_head(&x->bydst, init_net.xfrm.state_bydst+h); hlist_add_head(&x->bydst, init_net.xfrm.state_bydst+h);
h = xfrm_src_hash(daddr, saddr, family); h = xfrm_src_hash(&init_net, daddr, saddr, family);
hlist_add_head(&x->bysrc, init_net.xfrm.state_bysrc+h); hlist_add_head(&x->bysrc, init_net.xfrm.state_bysrc+h);
if (x->id.spi) { if (x->id.spi) {
h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, family); h = xfrm_spi_hash(&init_net, &x->id.daddr, x->id.spi, x->id.proto, family);
hlist_add_head(&x->byspi, init_net.xfrm.state_byspi+h); hlist_add_head(&x->byspi, init_net.xfrm.state_byspi+h);
} }
x->lft.hard_add_expires_seconds = sysctl_xfrm_acq_expires; x->lft.hard_add_expires_seconds = sysctl_xfrm_acq_expires;
...@@ -877,7 +879,7 @@ xfrm_stateonly_find(xfrm_address_t *daddr, xfrm_address_t *saddr, ...@@ -877,7 +879,7 @@ xfrm_stateonly_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
struct hlist_node *entry; struct hlist_node *entry;
spin_lock(&xfrm_state_lock); spin_lock(&xfrm_state_lock);
h = xfrm_dst_hash(daddr, saddr, reqid, family); h = xfrm_dst_hash(&init_net, daddr, saddr, reqid, family);
hlist_for_each_entry(x, entry, init_net.xfrm.state_bydst+h, bydst) { hlist_for_each_entry(x, entry, init_net.xfrm.state_bydst+h, bydst) {
if (x->props.family == family && if (x->props.family == family &&
x->props.reqid == reqid && x->props.reqid == reqid &&
...@@ -908,15 +910,15 @@ static void __xfrm_state_insert(struct xfrm_state *x) ...@@ -908,15 +910,15 @@ static void __xfrm_state_insert(struct xfrm_state *x)
list_add(&x->km.all, &init_net.xfrm.state_all); list_add(&x->km.all, &init_net.xfrm.state_all);
h = xfrm_dst_hash(&x->id.daddr, &x->props.saddr, h = xfrm_dst_hash(&init_net, &x->id.daddr, &x->props.saddr,
x->props.reqid, x->props.family); x->props.reqid, x->props.family);
hlist_add_head(&x->bydst, init_net.xfrm.state_bydst+h); hlist_add_head(&x->bydst, init_net.xfrm.state_bydst+h);
h = xfrm_src_hash(&x->id.daddr, &x->props.saddr, x->props.family); h = xfrm_src_hash(&init_net, &x->id.daddr, &x->props.saddr, x->props.family);
hlist_add_head(&x->bysrc, init_net.xfrm.state_bysrc+h); hlist_add_head(&x->bysrc, init_net.xfrm.state_bysrc+h);
if (x->id.spi) { if (x->id.spi) {
h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, h = xfrm_spi_hash(&init_net, &x->id.daddr, x->id.spi, x->id.proto,
x->props.family); x->props.family);
hlist_add_head(&x->byspi, init_net.xfrm.state_byspi+h); hlist_add_head(&x->byspi, init_net.xfrm.state_byspi+h);
...@@ -942,7 +944,7 @@ static void __xfrm_state_bump_genids(struct xfrm_state *xnew) ...@@ -942,7 +944,7 @@ static void __xfrm_state_bump_genids(struct xfrm_state *xnew)
struct hlist_node *entry; struct hlist_node *entry;
unsigned int h; unsigned int h;
h = xfrm_dst_hash(&xnew->id.daddr, &xnew->props.saddr, reqid, family); h = xfrm_dst_hash(&init_net, &xnew->id.daddr, &xnew->props.saddr, reqid, family);
hlist_for_each_entry(x, entry, init_net.xfrm.state_bydst+h, bydst) { hlist_for_each_entry(x, entry, init_net.xfrm.state_bydst+h, bydst) {
if (x->props.family == family && if (x->props.family == family &&
x->props.reqid == reqid && x->props.reqid == reqid &&
...@@ -964,7 +966,7 @@ EXPORT_SYMBOL(xfrm_state_insert); ...@@ -964,7 +966,7 @@ EXPORT_SYMBOL(xfrm_state_insert);
/* xfrm_state_lock is held */ /* xfrm_state_lock is held */
static struct xfrm_state *__find_acq_core(unsigned short family, u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create) static struct xfrm_state *__find_acq_core(unsigned short family, u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create)
{ {
unsigned int h = xfrm_dst_hash(daddr, saddr, reqid, family); unsigned int h = xfrm_dst_hash(&init_net, daddr, saddr, reqid, family);
struct hlist_node *entry; struct hlist_node *entry;
struct xfrm_state *x; struct xfrm_state *x;
...@@ -1037,7 +1039,7 @@ static struct xfrm_state *__find_acq_core(unsigned short family, u8 mode, u32 re ...@@ -1037,7 +1039,7 @@ static struct xfrm_state *__find_acq_core(unsigned short family, u8 mode, u32 re
add_timer(&x->timer); add_timer(&x->timer);
list_add(&x->km.all, &init_net.xfrm.state_all); list_add(&x->km.all, &init_net.xfrm.state_all);
hlist_add_head(&x->bydst, init_net.xfrm.state_bydst+h); hlist_add_head(&x->bydst, init_net.xfrm.state_bydst+h);
h = xfrm_src_hash(daddr, saddr, family); h = xfrm_src_hash(&init_net, daddr, saddr, family);
hlist_add_head(&x->bysrc, init_net.xfrm.state_bysrc+h); hlist_add_head(&x->bysrc, init_net.xfrm.state_bysrc+h);
init_net.xfrm.state_num++; init_net.xfrm.state_num++;
...@@ -1189,7 +1191,7 @@ struct xfrm_state * xfrm_migrate_state_find(struct xfrm_migrate *m) ...@@ -1189,7 +1191,7 @@ struct xfrm_state * xfrm_migrate_state_find(struct xfrm_migrate *m)
struct hlist_node *entry; struct hlist_node *entry;
if (m->reqid) { if (m->reqid) {
h = xfrm_dst_hash(&m->old_daddr, &m->old_saddr, h = xfrm_dst_hash(&init_net, &m->old_daddr, &m->old_saddr,
m->reqid, m->old_family); m->reqid, m->old_family);
hlist_for_each_entry(x, entry, init_net.xfrm.state_bydst+h, bydst) { hlist_for_each_entry(x, entry, init_net.xfrm.state_bydst+h, bydst) {
if (x->props.mode != m->mode || if (x->props.mode != m->mode ||
...@@ -1206,7 +1208,7 @@ struct xfrm_state * xfrm_migrate_state_find(struct xfrm_migrate *m) ...@@ -1206,7 +1208,7 @@ struct xfrm_state * xfrm_migrate_state_find(struct xfrm_migrate *m)
return x; return x;
} }
} else { } else {
h = xfrm_src_hash(&m->old_daddr, &m->old_saddr, h = xfrm_src_hash(&init_net, &m->old_daddr, &m->old_saddr,
m->old_family); m->old_family);
hlist_for_each_entry(x, entry, init_net.xfrm.state_bysrc+h, bysrc) { hlist_for_each_entry(x, entry, init_net.xfrm.state_bysrc+h, bysrc) {
if (x->props.mode != m->mode || if (x->props.mode != m->mode ||
...@@ -1514,7 +1516,7 @@ int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high) ...@@ -1514,7 +1516,7 @@ int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high)
} }
if (x->id.spi) { if (x->id.spi) {
spin_lock_bh(&xfrm_state_lock); spin_lock_bh(&xfrm_state_lock);
h = xfrm_spi_hash(&x->id.daddr, x->id.spi, x->id.proto, x->props.family); h = xfrm_spi_hash(&init_net, &x->id.daddr, x->id.spi, x->id.proto, x->props.family);
hlist_add_head(&x->byspi, init_net.xfrm.state_byspi+h); hlist_add_head(&x->byspi, init_net.xfrm.state_byspi+h);
spin_unlock_bh(&xfrm_state_lock); spin_unlock_bh(&xfrm_state_lock);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册