diff options
| author | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-02-12 18:34:17 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-02-12 18:34:17 -0500 |
| commit | 89697f1d715e20fff0361cca79efd5a371623af7 (patch) | |
| tree | d64d279f6805fd3d5fb53f059cbe7ea1ae348592 /net/xfrm/xfrm_user.c | |
| parent | fd19e44f449f7e2e58d42d7bb6813e2292c38fba (diff) | |
| parent | 13fcfbb0675bf87da694f55dec11cada489a205c (diff) | |
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (25 commits)
[XFRM]: Fix OOPSes in xfrm_audit_log().
[TCP]: cleanup of htcp (resend)
[TCP]: Use read mostly for CUBIC parameters.
[NETFILTER]: nf_conntrack_tcp: make sysctl variables static
[NETFILTER]: ip6t_mh: drop piggyback payload packet on MH packets
[NETFILTER]: Fix whitespace errors
[NETFILTER]: Kconfig: improve dependency handling
[NETFILTER]: xt_mac/xt_CLASSIFY: use IPv6 hook names for IPv6 registration
[NETFILTER]: nf_conntrack: change nf_conntrack_l[34]proto_unregister to void
[NETFILTER]: nf_conntrack: properly use RCU for nf_conntrack_destroyed callback
[NETFILTER]: ip_conntrack: properly use RCU for ip_conntrack_destroyed callback
[NETFILTER]: nf_conntrack: fix invalid conntrack statistics RCU assumption
[NETFILTER]: ip_conntrack: fix invalid conntrack statistics RCU assumption
[NETFILTER]: nf_conntrack: properly use RCU API for nf_ct_protos/nf_ct_l3protos arrays
[NETFILTER]: ip_conntrack: properly use RCU API for ip_ct_protos array
[NETFILTER]: nf_nat: properly use RCU API for nf_nat_protos array
[NETFILTER]: ip_nat: properly use RCU API for ip_nat_protos array
[NETFILTER]: nf_log: minor cleanups
[NETFILTER]: nf_log: switch logger registration/unregistration to mutex
[NETFILTER]: nf_log: make nf_log_unregister_pf return void
...
Diffstat (limited to 'net/xfrm/xfrm_user.c')
| -rw-r--r-- | net/xfrm/xfrm_user.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index d55436d00e86..256745321611 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c | |||
| @@ -1273,10 +1273,6 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, | |||
| 1273 | xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, tmp.security, delete); | 1273 | xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, tmp.security, delete); |
| 1274 | security_xfrm_policy_free(&tmp); | 1274 | security_xfrm_policy_free(&tmp); |
| 1275 | } | 1275 | } |
| 1276 | if (delete) | ||
| 1277 | xfrm_audit_log(NETLINK_CB(skb).loginuid, NETLINK_CB(skb).sid, | ||
| 1278 | AUDIT_MAC_IPSEC_DELSPD, (xp) ? 1 : 0, xp, NULL); | ||
| 1279 | |||
| 1280 | if (xp == NULL) | 1276 | if (xp == NULL) |
| 1281 | return -ENOENT; | 1277 | return -ENOENT; |
| 1282 | 1278 | ||
| @@ -1292,8 +1288,14 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, | |||
| 1292 | MSG_DONTWAIT); | 1288 | MSG_DONTWAIT); |
| 1293 | } | 1289 | } |
| 1294 | } else { | 1290 | } else { |
| 1295 | if ((err = security_xfrm_policy_delete(xp)) != 0) | 1291 | err = security_xfrm_policy_delete(xp); |
| 1292 | |||
| 1293 | xfrm_audit_log(NETLINK_CB(skb).loginuid, NETLINK_CB(skb).sid, | ||
| 1294 | AUDIT_MAC_IPSEC_DELSPD, err ? 0 : 1, xp, NULL); | ||
| 1295 | |||
| 1296 | if (err != 0) | ||
| 1296 | goto out; | 1297 | goto out; |
| 1298 | |||
| 1297 | c.data.byid = p->index; | 1299 | c.data.byid = p->index; |
| 1298 | c.event = nlh->nlmsg_type; | 1300 | c.event = nlh->nlmsg_type; |
| 1299 | c.seq = nlh->nlmsg_seq; | 1301 | c.seq = nlh->nlmsg_seq; |