net: split rt_genid for ipv4 and ipv6 Current net name space has only one genid for both IPv4 and IPv6, it has below drawbacks: - Add/delete an IPv4 address will invalidate all IPv6 routing table entries. - Insert/remove XFRM policy will also invalidate both IPv4/IPv6 routing table entries even when the policy is only applied for one address family. Thus, this patch attempt to split one genid for two to cater for IPv4 and IPv6 separately in a fine granularity. Signed-off-by: Fan Du <fan.du@windriver.com> Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: ca4c3fc24e293719fe7410c4e63da9b6bc633b83 [log] [tgz]
author: fan.du <fan.du@windriver.com> Tue Jul 30 08:33:53 2013 +0800
committer: David S. Miller <davem@davemloft.net> Wed Jul 31 14:56:36 2013 -0700
tree: 0461841f3d10b11a26ebe1a0adc99c7b00a489a2
parent: ba361cb3d4c977e2b94b5d97905f66b4d48964de [diff] [blame]
diff --git a/security/selinux/include/xfrm.h b/security/selinux/include/xfrm.h
index 65f67cb..6713f04 100644
--- a/security/selinux/include/xfrm.h
+++ b/security/selinux/include/xfrm.h

@@ -50,8 +50,13 @@
 
 static inline void selinux_xfrm_notify_policyload(void)
 {
+	struct net *net;
+
 	atomic_inc(&flow_cache_genid);
-	rt_genid_bump(&init_net);
+	rtnl_lock();
+	for_each_net(net)
+		rt_genid_bump_all(net);
+	rtnl_unlock();
 }
 #else
 static inline int selinux_xfrm_enabled(void)
commit	ca4c3fc24e293719fe7410c4e63da9b6bc633b83	[log] [tgz]
author	fan.du <fan.du@windriver.com>	Tue Jul 30 08:33:53 2013 +0800
committer	David S. Miller <davem@davemloft.net>	Wed Jul 31 14:56:36 2013 -0700
tree	0461841f3d10b11a26ebe1a0adc99c7b00a489a2
parent	ba361cb3d4c977e2b94b5d97905f66b4d48964de [diff] [blame]