xfrm: invalidate dst on policy insertion/deletion
When a policy is inserted or deleted, all dst should be recalculated. Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
b42664f898
commit
ee8372dd19
|
@ -585,6 +585,7 @@ int xfrm_policy_insert(int dir, struct xfrm_policy *policy, int excl)
|
|||
xfrm_pol_hold(policy);
|
||||
net->xfrm.policy_count[dir]++;
|
||||
atomic_inc(&flow_cache_genid);
|
||||
rt_genid_bump(net);
|
||||
if (delpol)
|
||||
__xfrm_policy_unlink(delpol, dir);
|
||||
policy->index = delpol ? delpol->index : xfrm_gen_index(net, dir);
|
||||
|
|
|
@ -51,6 +51,7 @@ int selinux_xfrm_decode_session(struct sk_buff *skb, u32 *sid, int ckall);
|
|||
static inline void selinux_xfrm_notify_policyload(void)
|
||||
{
|
||||
atomic_inc(&flow_cache_genid);
|
||||
rt_genid_bump(&init_net);
|
||||
}
|
||||
#else
|
||||
static inline int selinux_xfrm_enabled(void)
|
||||
|
|
Loading…
Reference in New Issue