mirror of
https://github.com/torvalds/linux
synced 2024-10-03 18:00:50 +00:00
e901cbc293
validate the re-inserted policies match the lookup node. Policies that fail this test won't be returned in the candidate set. This is enabled by default for now, it should not cause noticeable reinsert slow down. Such reinserts are needed when we have to merge an existing node (e.g. for 10.0.0.0/28 because a overlapping subnet was added (e.g. 10.0.0.0/24), so whenever this happens existing policies have to be placed on the list of the new node. Signed-off-by: Florian Westphal <fw@strlen.de> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> |
||
|---|---|---|
| .. | ||
| Kconfig | ||
| Makefile | ||
| xfrm_algo.c | ||
| xfrm_device.c | ||
| xfrm_hash.c | ||
| xfrm_hash.h | ||
| xfrm_input.c | ||
| xfrm_interface.c | ||
| xfrm_ipcomp.c | ||
| xfrm_output.c | ||
| xfrm_policy.c | ||
| xfrm_proc.c | ||
| xfrm_replay.c | ||
| xfrm_state.c | ||
| xfrm_sysctl.c | ||
| xfrm_user.c | ||