1 files changed, 10 insertions, 5 deletions
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 277c1c46fe94..a131f9ff979e 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -1488,10 +1488,15 @@ static int validate_tmpl(int nr, struct xfrm_user_tmpl *ut, u16 family)
                if (!ut[i].family)
                        ut[i].family = family;
-                if ((ut[i].mode == XFRM_MODE_TRANSPORT) &&
+                switch (ut[i].mode) {
-                    (ut[i].family != prev_family))
+                case XFRM_MODE_TUNNEL:
-                        return -EINVAL;
+                case XFRM_MODE_BEET:
+                        break;
+                default:
+                        if (ut[i].family != prev_family)
+                                return -EINVAL;
+                        break;
+                }
                if (ut[i].mode >= XFRM_MODE_MAX)
                        return -EINVAL;
@@ -1927,7 +1932,7 @@ static int xfrm_flush_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
        struct xfrm_usersa_flush *p = nlmsg_data(nlh);
        int err;
-        err = xfrm_state_flush(net, p->proto, true);
+        err = xfrm_state_flush(net, p->proto, true, false);
        if (err) {
                if (err == -ESRCH) /* empty table */
                        return 0;

diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index 277c1c46fe94..a131f9ff979e 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c
@@ -1488,10 +1488,15 @@ static int validate_tmpl(int nr, struct xfrm_user_tmpl *ut, u16 family)
1488	if (!ut[i].family)	1488	if (!ut[i].family)
1489	ut[i].family = family;	1489	ut[i].family = family;
1490		1490
1491	if ((ut[i].mode == XFRM_MODE_TRANSPORT) &&	1491	switch (ut[i].mode) {
1492	(ut[i].family != prev_family))	1492	case XFRM_MODE_TUNNEL:
1493	return -EINVAL;	1493	case XFRM_MODE_BEET:
1494		1494	break;
		1495	default:
		1496	if (ut[i].family != prev_family)
		1497	return -EINVAL;
		1498	break;
		1499	}
1495	if (ut[i].mode >= XFRM_MODE_MAX)	1500	if (ut[i].mode >= XFRM_MODE_MAX)
1496	return -EINVAL;	1501	return -EINVAL;
1497		1502
@@ -1927,7 +1932,7 @@ static int xfrm_flush_sa(struct sk_buff skb, struct nlmsghdr nlh,
1927	struct xfrm_usersa_flush *p = nlmsg_data(nlh);	1932	struct xfrm_usersa_flush *p = nlmsg_data(nlh);
1928	int err;	1933	int err;
1929		1934
1930	err = xfrm_state_flush(net, p->proto, true);	1935	err = xfrm_state_flush(net, p->proto, true, false);
1931	if (err) {	1936	if (err) {
1932	if (err == -ESRCH) /* empty table */	1937	if (err == -ESRCH) /* empty table */
1933	return 0;	1938	return 0;