aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv4
diff options
context:
space:
mode:
Diffstat (limited to 'net/ipv4')
-rw-r--r--net/ipv4/cipso_ipv4.c39
1 files changed, 10 insertions, 29 deletions
diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c
index 805a78e6ed55..f18e88bc86ec 100644
--- a/net/ipv4/cipso_ipv4.c
+++ b/net/ipv4/cipso_ipv4.c
@@ -504,22 +504,16 @@ int cipso_v4_doi_add(struct cipso_v4_doi *doi_def)
504 INIT_RCU_HEAD(&doi_def->rcu); 504 INIT_RCU_HEAD(&doi_def->rcu);
505 INIT_LIST_HEAD(&doi_def->dom_list); 505 INIT_LIST_HEAD(&doi_def->dom_list);
506 506
507 rcu_read_lock();
508 if (cipso_v4_doi_search(doi_def->doi) != NULL)
509 goto doi_add_failure_rlock;
510 spin_lock(&cipso_v4_doi_list_lock); 507 spin_lock(&cipso_v4_doi_list_lock);
511 if (cipso_v4_doi_search(doi_def->doi) != NULL) 508 if (cipso_v4_doi_search(doi_def->doi) != NULL)
512 goto doi_add_failure_slock; 509 goto doi_add_failure;
513 list_add_tail_rcu(&doi_def->list, &cipso_v4_doi_list); 510 list_add_tail_rcu(&doi_def->list, &cipso_v4_doi_list);
514 spin_unlock(&cipso_v4_doi_list_lock); 511 spin_unlock(&cipso_v4_doi_list_lock);
515 rcu_read_unlock();
516 512
517 return 0; 513 return 0;
518 514
519doi_add_failure_slock: 515doi_add_failure:
520 spin_unlock(&cipso_v4_doi_list_lock); 516 spin_unlock(&cipso_v4_doi_list_lock);
521doi_add_failure_rlock:
522 rcu_read_unlock();
523 return -EEXIST; 517 return -EEXIST;
524} 518}
525 519
@@ -543,29 +537,23 @@ int cipso_v4_doi_remove(u32 doi,
543 struct cipso_v4_doi *doi_def; 537 struct cipso_v4_doi *doi_def;
544 struct cipso_v4_domhsh_entry *dom_iter; 538 struct cipso_v4_domhsh_entry *dom_iter;
545 539
546 rcu_read_lock(); 540 spin_lock(&cipso_v4_doi_list_lock);
547 if (cipso_v4_doi_search(doi) != NULL) { 541 doi_def = cipso_v4_doi_search(doi);
548 spin_lock(&cipso_v4_doi_list_lock); 542 if (doi_def != NULL) {
549 doi_def = cipso_v4_doi_search(doi);
550 if (doi_def == NULL) {
551 spin_unlock(&cipso_v4_doi_list_lock);
552 rcu_read_unlock();
553 return -ENOENT;
554 }
555 doi_def->valid = 0; 543 doi_def->valid = 0;
556 list_del_rcu(&doi_def->list); 544 list_del_rcu(&doi_def->list);
557 spin_unlock(&cipso_v4_doi_list_lock); 545 spin_unlock(&cipso_v4_doi_list_lock);
546 rcu_read_lock();
558 list_for_each_entry_rcu(dom_iter, &doi_def->dom_list, list) 547 list_for_each_entry_rcu(dom_iter, &doi_def->dom_list, list)
559 if (dom_iter->valid) 548 if (dom_iter->valid)
560 netlbl_domhsh_remove(dom_iter->domain, 549 netlbl_domhsh_remove(dom_iter->domain,
561 audit_info); 550 audit_info);
562 cipso_v4_cache_invalidate();
563 rcu_read_unlock(); 551 rcu_read_unlock();
564 552 cipso_v4_cache_invalidate();
565 call_rcu(&doi_def->rcu, callback); 553 call_rcu(&doi_def->rcu, callback);
566 return 0; 554 return 0;
567 } 555 }
568 rcu_read_unlock(); 556 spin_unlock(&cipso_v4_doi_list_lock);
569 557
570 return -ENOENT; 558 return -ENOENT;
571} 559}
@@ -653,22 +641,19 @@ int cipso_v4_doi_domhsh_add(struct cipso_v4_doi *doi_def, const char *domain)
653 new_dom->valid = 1; 641 new_dom->valid = 1;
654 INIT_RCU_HEAD(&new_dom->rcu); 642 INIT_RCU_HEAD(&new_dom->rcu);
655 643
656 rcu_read_lock();
657 spin_lock(&cipso_v4_doi_list_lock); 644 spin_lock(&cipso_v4_doi_list_lock);
658 list_for_each_entry_rcu(iter, &doi_def->dom_list, list) 645 list_for_each_entry(iter, &doi_def->dom_list, list)
659 if (iter->valid && 646 if (iter->valid &&
660 ((domain != NULL && iter->domain != NULL && 647 ((domain != NULL && iter->domain != NULL &&
661 strcmp(iter->domain, domain) == 0) || 648 strcmp(iter->domain, domain) == 0) ||
662 (domain == NULL && iter->domain == NULL))) { 649 (domain == NULL && iter->domain == NULL))) {
663 spin_unlock(&cipso_v4_doi_list_lock); 650 spin_unlock(&cipso_v4_doi_list_lock);
664 rcu_read_unlock();
665 kfree(new_dom->domain); 651 kfree(new_dom->domain);
666 kfree(new_dom); 652 kfree(new_dom);
667 return -EEXIST; 653 return -EEXIST;
668 } 654 }
669 list_add_tail_rcu(&new_dom->list, &doi_def->dom_list); 655 list_add_tail_rcu(&new_dom->list, &doi_def->dom_list);
670 spin_unlock(&cipso_v4_doi_list_lock); 656 spin_unlock(&cipso_v4_doi_list_lock);
671 rcu_read_unlock();
672 657
673 return 0; 658 return 0;
674} 659}
@@ -689,9 +674,8 @@ int cipso_v4_doi_domhsh_remove(struct cipso_v4_doi *doi_def,
689{ 674{
690 struct cipso_v4_domhsh_entry *iter; 675 struct cipso_v4_domhsh_entry *iter;
691 676
692 rcu_read_lock();
693 spin_lock(&cipso_v4_doi_list_lock); 677 spin_lock(&cipso_v4_doi_list_lock);
694 list_for_each_entry_rcu(iter, &doi_def->dom_list, list) 678 list_for_each_entry(iter, &doi_def->dom_list, list)
695 if (iter->valid && 679 if (iter->valid &&
696 ((domain != NULL && iter->domain != NULL && 680 ((domain != NULL && iter->domain != NULL &&
697 strcmp(iter->domain, domain) == 0) || 681 strcmp(iter->domain, domain) == 0) ||
@@ -699,13 +683,10 @@ int cipso_v4_doi_domhsh_remove(struct cipso_v4_doi *doi_def,
699 iter->valid = 0; 683 iter->valid = 0;
700 list_del_rcu(&iter->list); 684 list_del_rcu(&iter->list);
701 spin_unlock(&cipso_v4_doi_list_lock); 685 spin_unlock(&cipso_v4_doi_list_lock);
702 rcu_read_unlock();
703 call_rcu(&iter->rcu, cipso_v4_doi_domhsh_free); 686 call_rcu(&iter->rcu, cipso_v4_doi_domhsh_free);
704
705 return 0; 687 return 0;
706 } 688 }
707 spin_unlock(&cipso_v4_doi_list_lock); 689 spin_unlock(&cipso_v4_doi_list_lock);
708 rcu_read_unlock();
709 690
710 return -ENOENT; 691 return -ENOENT;
711} 692}