• David S. Miller's avatar
    [XFRM]: Add generation count to xfrm_state and xfrm_dst. · 9d4a706d
    David S. Miller authored
    Each xfrm_state inserted gets a new generation counter
    value.  When a bundle is created, the xfrm_dst objects
    get the current generation counter of the xfrm_state
    they will attach to at dst->xfrm.
    
    xfrm_bundle_ok() will return false if it sees an
    xfrm_dst with a generation count different from the
    generation count of the xfrm_state that dst points to.
    
    This provides a facility by which to passively and
    cheaply invalidate cached IPSEC routes during SA
    database changes.
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    9d4a706d
xfrm_state.c 38.6 KB