[XFRM]: Fix xfrm_state accounting
authorPatrick McHardy <kaber@trash.net>
Tue, 24 Oct 2006 22:34:00 +0000 (15:34 -0700)
committerDavid S. Miller <davem@davemloft.net>
Tue, 24 Oct 2006 22:34:00 +0000 (15:34 -0700)
xfrm_state_num needs to be increased for XFRM_STATE_ACQ states created
by xfrm_state_find() to prevent the counter from going negative when
the state is destroyed.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/xfrm/xfrm_state.c

index 84bbf8474f3eb659fea321cac5629ff1e96a0d48..899de9ed22a678d8b8193f141f0bf24799bc1ab7 100644 (file)
@@ -505,6 +505,14 @@ __xfrm_state_locate(struct xfrm_state *x, int use_spi, int family)
                                                  x->id.proto, family);
 }
 
+static void xfrm_hash_grow_check(int have_hash_collision)
+{
+       if (have_hash_collision &&
+           (xfrm_state_hmask + 1) < xfrm_state_hashmax &&
+           xfrm_state_num > xfrm_state_hmask)
+               schedule_work(&xfrm_hash_work);
+}
+
 struct xfrm_state *
 xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr, 
                struct flowi *fl, struct xfrm_tmpl *tmpl,
@@ -598,6 +606,8 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
                        x->lft.hard_add_expires_seconds = XFRM_ACQ_EXPIRES;
                        x->timer.expires = jiffies + XFRM_ACQ_EXPIRES*HZ;
                        add_timer(&x->timer);
+                       xfrm_state_num++;
+                       xfrm_hash_grow_check(x->bydst.next != NULL);
                } else {
                        x->km.state = XFRM_STATE_DEAD;
                        xfrm_state_put(x);
@@ -614,14 +624,6 @@ out:
        return x;
 }
 
-static void xfrm_hash_grow_check(int have_hash_collision)
-{
-       if (have_hash_collision &&
-           (xfrm_state_hmask + 1) < xfrm_state_hashmax &&
-           xfrm_state_num > xfrm_state_hmask)
-               schedule_work(&xfrm_hash_work);
-}
-
 static void __xfrm_state_insert(struct xfrm_state *x)
 {
        unsigned int h;