Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-12-30 14:52:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
6d7581e62f
linux/net
History
Paul Moore e4c1721642 xfrm: force a garbage collection after deleting a policy 
In some cases after deleting a policy from the SPD the policy would
remain in the dst/flow/route cache for an extended period of time
which caused problems for SELinux as its dynamic network access
controls key off of the number of XFRM policy and state entries.
This patch corrects this problem by forcing a XFRM garbage collection
whenever a policy is sucessfully removed.

Reported-by: Ondrej Moris <omoris@redhat.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-05-31 17:30:07 -07:00
..
9p Lots of virtio work which wasn't quite ready for last merge window. Plus 2013-05-02 14:14:04 -07:00
802 net/802/mrp: fix lockdep splat 2013-05-14 13:02:30 -07:00
8021q net: vlan,ethtool: netdev_features_t is more than 32 bit 2013-05-02 13:58:12 -04:00
appletalk
atm Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
ax25
batman-adv batman-adv: Avoid double freeing of bat_counters 2013-05-21 21:34:36 +02:00
bluetooth Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
bridge netfilter: log: netns NULL ptr bug when calling from conntrack 2013-05-15 14:11:07 +02:00
caif
can Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
ceph libceph: init sent and completed when starting 2013-05-13 12:52:23 -05:00
core net/core: dev_mc_sync_multiple calls wrong helper 2013-05-31 16:56:56 -07:00
dcb
dccp
decnet
dns_resolver
dsa
ethernet
ieee802154
ipv4 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2013-05-30 16:38:38 -07:00
ipv6 udp6: Fix udp fragmentation for tunnel traffic. 2013-05-31 17:06:07 -07:00
ipx
irda net: irda: using kzalloc() instead of kmalloc() to avoid strncpy() issue. 2013-05-19 15:10:47 -07:00
iucv
key xfrm: force a garbage collection after deleting a policy 2013-05-31 17:30:07 -07:00
l2tp
lapb
llc
mac80211 mac80211: Allow single vif mac address change with addr_mask 2013-05-27 11:26:48 +02:00
mac802154
netfilter ipvs: ip_vs_sh: fix build 2013-05-29 17:50:39 +02:00
netlabel netlabel: improve domain mapping validation 2013-05-19 14:49:55 -07:00
netlink
netrom
nfc NFC: Remove commented out LLCP related Makefile line 2013-05-21 10:47:41 +02:00
openvswitch
packet packet: tpacket_v3: do not trigger bug() on wrong header status 2013-05-03 16:10:33 -04:00
phonet
rds
rfkill
rose
rxrpc
sched
sctp
sunrpc Merge branch 'for-3.10' of git://linux-nfs.org/~bfields/linux 2013-05-10 09:28:55 -07:00
tipc tipc: potential divide by zero in tipc_link_recv_fragment() 2013-05-06 16:16:52 -04:00
unix
vmw_vsock
wimax
wireless cfg80211: fix reporting 64-bit station info tx bytes 2013-05-23 22:08:18 +02:00
x25
xfrm xfrm: force a garbage collection after deleting a policy 2013-05-31 17:30:07 -07:00
compat.c
Kconfig
Makefile
nonet.c
socket.c net: Block MSG_CMSG_COMPAT in send(m)msg and recv(m)msg 2013-05-28 23:55:41 -07:00
sysctl_net.c