diff options
| author | Florian Westphal <fw@strlen.de> | 2016-11-17 07:21:46 -0500 |
|---|---|---|
| committer | Steffen Klassert <steffen.klassert@secunet.com> | 2016-11-18 01:00:05 -0500 |
| commit | 330e832abda923df06a4ca6d3faac6e9c1b42548 (patch) | |
| tree | cbe128eef39cf12faf87898eebd7fdfd54f9a6bc /net/xfrm | |
| parent | 7f92083eb58f85ea114d97f65fcbe22be5b0468d (diff) | |
xfrm: unbreak xfrm_sk_policy_lookup
if we succeed grabbing the refcount, then
if (err && !xfrm_pol_hold_rcu)
will evaluate to false so this hits last else branch which then
sets policy to ERR_PTR(0).
Fixes: ae33786f73a7ce ("xfrm: policy: only use rcu in xfrm_sk_policy_lookup")
Reported-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Tested-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net/xfrm')
| -rw-r--r-- | net/xfrm/xfrm_policy.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index fd6986634e6f..5bf7e1bfeac7 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c | |||
| @@ -1268,12 +1268,14 @@ static struct xfrm_policy *xfrm_sk_policy_lookup(const struct sock *sk, int dir, | |||
| 1268 | err = security_xfrm_policy_lookup(pol->security, | 1268 | err = security_xfrm_policy_lookup(pol->security, |
| 1269 | fl->flowi_secid, | 1269 | fl->flowi_secid, |
| 1270 | policy_to_flow_dir(dir)); | 1270 | policy_to_flow_dir(dir)); |
| 1271 | if (!err && !xfrm_pol_hold_rcu(pol)) | 1271 | if (!err) { |
| 1272 | goto again; | 1272 | if (!xfrm_pol_hold_rcu(pol)) |
| 1273 | else if (err == -ESRCH) | 1273 | goto again; |
| 1274 | } else if (err == -ESRCH) { | ||
| 1274 | pol = NULL; | 1275 | pol = NULL; |
| 1275 | else | 1276 | } else { |
| 1276 | pol = ERR_PTR(err); | 1277 | pol = ERR_PTR(err); |
| 1278 | } | ||
| 1277 | } else | 1279 | } else |
| 1278 | pol = NULL; | 1280 | pol = NULL; |
| 1279 | } | 1281 | } |