Hi Dave:
This patch wakes up km_waitq everytime the SPD is manipulated. Without
this, the KM can only unblock pending connections by adding states. For
example, if Opportunistic Encryption fails, FreeSWAN adds a pass policy
to let traffic through. Without this patch, the packet that caused this
ends up being dropped.
Cheers,
--
Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Index: kernel-source-2.5/net/xfrm/xfrm_policy.c
===================================================================
RCS file: /home/gondolin/herbert/src/CVS/debian/kernel-source-2.5/net/xfrm/xfrm_policy.c,v
retrieving revision 1.7
diff -u -r1.7 xfrm_policy.c
--- kernel-source-2.5/net/xfrm/xfrm_policy.c 13 Jun 2003 11:22:19 -0000 1.7
+++ kernel-source-2.5/net/xfrm/xfrm_policy.c 13 Jun 2003 12:09:29 -0000
@@ -319,6 +319,7 @@
if (delpol) {
xfrm_policy_kill(delpol);
}
+ wake_up(&km_waitq);
return 0;
}
@@ -336,9 +337,10 @@
}
}
if (pol) {
- if (delete)
+ if (delete) {
atomic_inc(&flow_cache_genid);
- else
+ wake_up(&km_waitq);
+ } else
xfrm_pol_hold(pol);
}
write_unlock_bh(&xfrm_policy_lock);
@@ -358,9 +360,10 @@
}
}
if (pol) {
- if (delete)
+ if (delete) {
atomic_inc(&flow_cache_genid);
- else
+ wake_up(&km_waitq);
+ } else
xfrm_pol_hold(pol);
}
write_unlock_bh(&xfrm_policy_lock);
@@ -385,6 +388,7 @@
}
atomic_inc(&flow_cache_genid);
write_unlock_bh(&xfrm_policy_lock);
+ wake_up(&km_waitq);
}
int xfrm_policy_walk(int (*func)(struct xfrm_policy *, int, int, void*),
@@ -504,6 +508,7 @@
if (old_pol) {
xfrm_policy_kill(old_pol);
}
+ wake_up(&km_waitq);
return 0;
}
