aboutsummaryrefslogtreecommitdiffstats
path: root/net/xfrm
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2007-10-09 16:24:07 -0400
committerDavid S. Miller <davem@sunset.davemloft.net>2007-10-10 19:54:59 -0400
commit1ecafede835321ebdc396531245adc37d22366f7 (patch)
tree230419433b8a08b86abf8998da84652c66c3b20e /net/xfrm
parent32f0c4cbe495d121c09ed14d9c84f9e1b9574415 (diff)
[IPSEC]: Remove bogus ref count in xfrm_secpath_reject
Constructs of the form xfrm_state_hold(x); foo(x); xfrm_state_put(x); tend to be broken because foo is either synchronous where this is totally unnecessary or if foo is asynchronous then the reference count is in the wrong spot. In the case of xfrm_secpath_reject, the function is synchronous and therefore we should just kill the reference count. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/xfrm')
-rw-r--r--net/xfrm/xfrm_policy.c6
1 files changed, 1 insertions, 5 deletions
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 76f172f13f9..af27c193697 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -1682,17 +1682,13 @@ static inline int
1682xfrm_secpath_reject(int idx, struct sk_buff *skb, struct flowi *fl) 1682xfrm_secpath_reject(int idx, struct sk_buff *skb, struct flowi *fl)
1683{ 1683{
1684 struct xfrm_state *x; 1684 struct xfrm_state *x;
1685 int err;
1686 1685
1687 if (!skb->sp || idx < 0 || idx >= skb->sp->len) 1686 if (!skb->sp || idx < 0 || idx >= skb->sp->len)
1688 return 0; 1687 return 0;
1689 x = skb->sp->xvec[idx]; 1688 x = skb->sp->xvec[idx];
1690 if (!x->type->reject) 1689 if (!x->type->reject)
1691 return 0; 1690 return 0;
1692 xfrm_state_hold(x); 1691 return x->type->reject(x, skb, fl);
1693 err = x->type->reject(x, skb, fl);
1694 xfrm_state_put(x);
1695 return err;
1696} 1692}
1697 1693
1698/* When skb is transformed back to its "native" form, we have to 1694/* When skb is transformed back to its "native" form, we have to