Commit e071041b authored by Alexey Dobriyan's avatar Alexey Dobriyan Committed by David S. Miller

netns xfrm: fix "ip xfrm state|policy count" misreport

"ip xfrm state|policy count" report SA/SP count from init_net,
not from netns of caller process.
Signed-off-by: default avatarAlexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 2ca4231d
...@@ -1367,8 +1367,8 @@ struct xfrmk_spdinfo { ...@@ -1367,8 +1367,8 @@ struct xfrmk_spdinfo {
extern struct xfrm_state *xfrm_find_acq_byseq(struct net *net, u32 seq); extern struct xfrm_state *xfrm_find_acq_byseq(struct net *net, u32 seq);
extern int xfrm_state_delete(struct xfrm_state *x); extern int xfrm_state_delete(struct xfrm_state *x);
extern int xfrm_state_flush(struct net *net, u8 proto, struct xfrm_audit *audit_info); extern int xfrm_state_flush(struct net *net, u8 proto, struct xfrm_audit *audit_info);
extern void xfrm_sad_getinfo(struct xfrmk_sadinfo *si); extern void xfrm_sad_getinfo(struct net *net, struct xfrmk_sadinfo *si);
extern void xfrm_spd_getinfo(struct xfrmk_spdinfo *si); extern void xfrm_spd_getinfo(struct net *net, struct xfrmk_spdinfo *si);
extern int xfrm_replay_check(struct xfrm_state *x, extern int xfrm_replay_check(struct xfrm_state *x,
struct sk_buff *skb, __be32 seq); struct sk_buff *skb, __be32 seq);
extern void xfrm_replay_advance(struct xfrm_state *x, __be32 seq); extern void xfrm_replay_advance(struct xfrm_state *x, __be32 seq);
......
...@@ -469,16 +469,16 @@ static inline int xfrm_byidx_should_resize(struct net *net, int total) ...@@ -469,16 +469,16 @@ static inline int xfrm_byidx_should_resize(struct net *net, int total)
return 0; return 0;
} }
void xfrm_spd_getinfo(struct xfrmk_spdinfo *si) void xfrm_spd_getinfo(struct net *net, struct xfrmk_spdinfo *si)
{ {
read_lock_bh(&xfrm_policy_lock); read_lock_bh(&xfrm_policy_lock);
si->incnt = init_net.xfrm.policy_count[XFRM_POLICY_IN]; si->incnt = net->xfrm.policy_count[XFRM_POLICY_IN];
si->outcnt = init_net.xfrm.policy_count[XFRM_POLICY_OUT]; si->outcnt = net->xfrm.policy_count[XFRM_POLICY_OUT];
si->fwdcnt = init_net.xfrm.policy_count[XFRM_POLICY_FWD]; si->fwdcnt = net->xfrm.policy_count[XFRM_POLICY_FWD];
si->inscnt = init_net.xfrm.policy_count[XFRM_POLICY_IN+XFRM_POLICY_MAX]; si->inscnt = net->xfrm.policy_count[XFRM_POLICY_IN+XFRM_POLICY_MAX];
si->outscnt = init_net.xfrm.policy_count[XFRM_POLICY_OUT+XFRM_POLICY_MAX]; si->outscnt = net->xfrm.policy_count[XFRM_POLICY_OUT+XFRM_POLICY_MAX];
si->fwdscnt = init_net.xfrm.policy_count[XFRM_POLICY_FWD+XFRM_POLICY_MAX]; si->fwdscnt = net->xfrm.policy_count[XFRM_POLICY_FWD+XFRM_POLICY_MAX];
si->spdhcnt = init_net.xfrm.policy_idx_hmask; si->spdhcnt = net->xfrm.policy_idx_hmask;
si->spdhmcnt = xfrm_policy_hashmax; si->spdhmcnt = xfrm_policy_hashmax;
read_unlock_bh(&xfrm_policy_lock); read_unlock_bh(&xfrm_policy_lock);
} }
......
...@@ -641,11 +641,11 @@ int xfrm_state_flush(struct net *net, u8 proto, struct xfrm_audit *audit_info) ...@@ -641,11 +641,11 @@ int xfrm_state_flush(struct net *net, u8 proto, struct xfrm_audit *audit_info)
} }
EXPORT_SYMBOL(xfrm_state_flush); EXPORT_SYMBOL(xfrm_state_flush);
void xfrm_sad_getinfo(struct xfrmk_sadinfo *si) void xfrm_sad_getinfo(struct net *net, struct xfrmk_sadinfo *si)
{ {
spin_lock_bh(&xfrm_state_lock); spin_lock_bh(&xfrm_state_lock);
si->sadcnt = init_net.xfrm.state_num; si->sadcnt = net->xfrm.state_num;
si->sadhcnt = init_net.xfrm.state_hmask; si->sadhcnt = net->xfrm.state_hmask;
si->sadhmcnt = xfrm_state_hashmax; si->sadhmcnt = xfrm_state_hashmax;
spin_unlock_bh(&xfrm_state_lock); spin_unlock_bh(&xfrm_state_lock);
} }
......
...@@ -781,7 +781,8 @@ static inline size_t xfrm_spdinfo_msgsize(void) ...@@ -781,7 +781,8 @@ static inline size_t xfrm_spdinfo_msgsize(void)
+ nla_total_size(sizeof(struct xfrmu_spdhinfo)); + nla_total_size(sizeof(struct xfrmu_spdhinfo));
} }
static int build_spdinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags) static int build_spdinfo(struct sk_buff *skb, struct net *net,
u32 pid, u32 seq, u32 flags)
{ {
struct xfrmk_spdinfo si; struct xfrmk_spdinfo si;
struct xfrmu_spdinfo spc; struct xfrmu_spdinfo spc;
...@@ -795,7 +796,7 @@ static int build_spdinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags) ...@@ -795,7 +796,7 @@ static int build_spdinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags)
f = nlmsg_data(nlh); f = nlmsg_data(nlh);
*f = flags; *f = flags;
xfrm_spd_getinfo(&si); xfrm_spd_getinfo(net, &si);
spc.incnt = si.incnt; spc.incnt = si.incnt;
spc.outcnt = si.outcnt; spc.outcnt = si.outcnt;
spc.fwdcnt = si.fwdcnt; spc.fwdcnt = si.fwdcnt;
...@@ -828,7 +829,7 @@ static int xfrm_get_spdinfo(struct sk_buff *skb, struct nlmsghdr *nlh, ...@@ -828,7 +829,7 @@ static int xfrm_get_spdinfo(struct sk_buff *skb, struct nlmsghdr *nlh,
if (r_skb == NULL) if (r_skb == NULL)
return -ENOMEM; return -ENOMEM;
if (build_spdinfo(r_skb, spid, seq, *flags) < 0) if (build_spdinfo(r_skb, net, spid, seq, *flags) < 0)
BUG(); BUG();
return nlmsg_unicast(net->xfrm.nlsk, r_skb, spid); return nlmsg_unicast(net->xfrm.nlsk, r_skb, spid);
...@@ -841,7 +842,8 @@ static inline size_t xfrm_sadinfo_msgsize(void) ...@@ -841,7 +842,8 @@ static inline size_t xfrm_sadinfo_msgsize(void)
+ nla_total_size(4); /* XFRMA_SAD_CNT */ + nla_total_size(4); /* XFRMA_SAD_CNT */
} }
static int build_sadinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags) static int build_sadinfo(struct sk_buff *skb, struct net *net,
u32 pid, u32 seq, u32 flags)
{ {
struct xfrmk_sadinfo si; struct xfrmk_sadinfo si;
struct xfrmu_sadhinfo sh; struct xfrmu_sadhinfo sh;
...@@ -854,7 +856,7 @@ static int build_sadinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags) ...@@ -854,7 +856,7 @@ static int build_sadinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags)
f = nlmsg_data(nlh); f = nlmsg_data(nlh);
*f = flags; *f = flags;
xfrm_sad_getinfo(&si); xfrm_sad_getinfo(net, &si);
sh.sadhmcnt = si.sadhmcnt; sh.sadhmcnt = si.sadhmcnt;
sh.sadhcnt = si.sadhcnt; sh.sadhcnt = si.sadhcnt;
...@@ -882,7 +884,7 @@ static int xfrm_get_sadinfo(struct sk_buff *skb, struct nlmsghdr *nlh, ...@@ -882,7 +884,7 @@ static int xfrm_get_sadinfo(struct sk_buff *skb, struct nlmsghdr *nlh,
if (r_skb == NULL) if (r_skb == NULL)
return -ENOMEM; return -ENOMEM;
if (build_sadinfo(r_skb, spid, seq, *flags) < 0) if (build_sadinfo(r_skb, net, spid, seq, *flags) < 0)
BUG(); BUG();
return nlmsg_unicast(net->xfrm.nlsk, r_skb, spid); return nlmsg_unicast(net->xfrm.nlsk, r_skb, spid);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment