diff options
Diffstat (limited to 'main/linux-grsec/0016-xfrm-remove-policy-garbage-collection.patch')
-rw-r--r-- | main/linux-grsec/0016-xfrm-remove-policy-garbage-collection.patch | 91 |
1 files changed, 91 insertions, 0 deletions
diff --git a/main/linux-grsec/0016-xfrm-remove-policy-garbage-collection.patch b/main/linux-grsec/0016-xfrm-remove-policy-garbage-collection.patch new file mode 100644 index 0000000000..4a45c7f40d --- /dev/null +++ b/main/linux-grsec/0016-xfrm-remove-policy-garbage-collection.patch @@ -0,0 +1,91 @@ +From 4c53c9239069f48ec9a86f8e596c163b72e8bc4d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> +Date: Wed, 7 Apr 2010 00:30:06 +0000 +Subject: [PATCH 16/18] xfrm: remove policy garbage collection + +Policies are now properly reference counted and destroyed from +all code paths. The delayed gc is just an overhead now and can +be removed. + +Signed-off-by: Timo Teras <timo.teras@iki.fi> +Signed-off-by: David S. Miller <davem@davemloft.net> +(cherry picked from commit 285ead175c5dd5075cab5b6c94f35a3e6c0a3ae6) +--- + net/xfrm/xfrm_policy.c | 39 +++++---------------------------------- + 1 files changed, 5 insertions(+), 34 deletions(-) + +diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c +index 0379d82..5606841 100644 +--- a/net/xfrm/xfrm_policy.c ++++ b/net/xfrm/xfrm_policy.c +@@ -46,9 +46,6 @@ static struct xfrm_policy_afinfo *xfrm_policy_afinfo[NPROTO]; + + static struct kmem_cache *xfrm_dst_cache __read_mostly; + +-static HLIST_HEAD(xfrm_policy_gc_list); +-static DEFINE_SPINLOCK(xfrm_policy_gc_lock); +- + static struct xfrm_policy_afinfo *xfrm_policy_get_afinfo(unsigned short family); + static void xfrm_policy_put_afinfo(struct xfrm_policy_afinfo *afinfo); + static void xfrm_init_pmtu(struct dst_entry *dst); +@@ -288,32 +285,6 @@ void xfrm_policy_destroy(struct xfrm_policy *policy) + } + EXPORT_SYMBOL(xfrm_policy_destroy); + +-static void xfrm_policy_gc_kill(struct xfrm_policy *policy) +-{ +- atomic_inc(&policy->genid); +- +- if (del_timer(&policy->timer)) +- atomic_dec(&policy->refcnt); +- +- xfrm_pol_put(policy); +-} +- +-static void xfrm_policy_gc_task(struct work_struct *work) +-{ +- struct xfrm_policy *policy; +- struct hlist_node *entry, *tmp; +- struct hlist_head gc_list; +- +- spin_lock_bh(&xfrm_policy_gc_lock); +- gc_list.first = xfrm_policy_gc_list.first; +- INIT_HLIST_HEAD(&xfrm_policy_gc_list); +- spin_unlock_bh(&xfrm_policy_gc_lock); +- +- hlist_for_each_entry_safe(policy, entry, tmp, &gc_list, bydst) +- xfrm_policy_gc_kill(policy); +-} +-static DECLARE_WORK(xfrm_policy_gc_work, xfrm_policy_gc_task); +- + /* Rule must be locked. Release descentant resources, announce + * entry dead. The rule must be unlinked from lists to the moment. + */ +@@ -322,11 +293,12 @@ static void xfrm_policy_kill(struct xfrm_policy *policy) + { + policy->walk.dead = 1; + +- spin_lock_bh(&xfrm_policy_gc_lock); +- hlist_add_head(&policy->bydst, &xfrm_policy_gc_list); +- spin_unlock_bh(&xfrm_policy_gc_lock); ++ atomic_inc(&policy->genid); + +- schedule_work(&xfrm_policy_gc_work); ++ if (del_timer(&policy->timer)) ++ xfrm_pol_put(policy); ++ ++ xfrm_pol_put(policy); + } + + static unsigned int xfrm_policy_hashmax __read_mostly = 1 * 1024 * 1024; +@@ -2535,7 +2507,6 @@ static void xfrm_policy_fini(struct net *net) + audit_info.sessionid = -1; + audit_info.secid = 0; + xfrm_policy_flush(net, XFRM_POLICY_TYPE_MAIN, &audit_info); +- flush_work(&xfrm_policy_gc_work); + + WARN_ON(!list_empty(&net->xfrm.policy_all)); + +-- +1.7.0.2 + |