diff options
Diffstat (limited to 'net/xfrm')
| -rw-r--r-- | net/xfrm/xfrm_policy.c | 7 | ||||
| -rw-r--r-- | net/xfrm/xfrm_user.c | 9 |
2 files changed, 4 insertions, 12 deletions
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index fffdd34f3baf..695761ff1321 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c | |||
| @@ -1744,7 +1744,7 @@ static struct dst_entry *xfrm_dst_check(struct dst_entry *dst, u32 cookie) | |||
| 1744 | 1744 | ||
| 1745 | static int stale_bundle(struct dst_entry *dst) | 1745 | static int stale_bundle(struct dst_entry *dst) |
| 1746 | { | 1746 | { |
| 1747 | return !xfrm_bundle_ok((struct xfrm_dst *)dst, NULL, AF_UNSPEC, 0); | 1747 | return !xfrm_bundle_ok(NULL, (struct xfrm_dst *)dst, NULL, AF_UNSPEC, 0); |
| 1748 | } | 1748 | } |
| 1749 | 1749 | ||
| 1750 | void xfrm_dst_ifdown(struct dst_entry *dst, struct net_device *dev) | 1750 | void xfrm_dst_ifdown(struct dst_entry *dst, struct net_device *dev) |
| @@ -1866,7 +1866,8 @@ EXPORT_SYMBOL(xfrm_init_pmtu); | |||
| 1866 | * still valid. | 1866 | * still valid. |
| 1867 | */ | 1867 | */ |
| 1868 | 1868 | ||
| 1869 | int xfrm_bundle_ok(struct xfrm_dst *first, struct flowi *fl, int family, int strict) | 1869 | int xfrm_bundle_ok(struct xfrm_policy *pol, struct xfrm_dst *first, |
| 1870 | struct flowi *fl, int family, int strict) | ||
| 1870 | { | 1871 | { |
| 1871 | struct dst_entry *dst = &first->u.dst; | 1872 | struct dst_entry *dst = &first->u.dst; |
| 1872 | struct xfrm_dst *last; | 1873 | struct xfrm_dst *last; |
| @@ -1883,7 +1884,7 @@ int xfrm_bundle_ok(struct xfrm_dst *first, struct flowi *fl, int family, int str | |||
| 1883 | 1884 | ||
| 1884 | if (fl && !xfrm_selector_match(&dst->xfrm->sel, fl, family)) | 1885 | if (fl && !xfrm_selector_match(&dst->xfrm->sel, fl, family)) |
| 1885 | return 0; | 1886 | return 0; |
| 1886 | if (fl && !security_xfrm_flow_state_match(fl, dst->xfrm)) | 1887 | if (fl && !security_xfrm_flow_state_match(fl, dst->xfrm, pol)) |
| 1887 | return 0; | 1888 | return 0; |
| 1888 | if (dst->xfrm->km.state != XFRM_STATE_VALID) | 1889 | if (dst->xfrm->km.state != XFRM_STATE_VALID) |
| 1889 | return 0; | 1890 | return 0; |
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index d54b3a70d5df..2b2e59d8ffbc 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c | |||
| @@ -1992,15 +1992,6 @@ static struct xfrm_policy *xfrm_compile_policy(struct sock *sk, int opt, | |||
| 1992 | xp->type = XFRM_POLICY_TYPE_MAIN; | 1992 | xp->type = XFRM_POLICY_TYPE_MAIN; |
| 1993 | copy_templates(xp, ut, nr); | 1993 | copy_templates(xp, ut, nr); |
| 1994 | 1994 | ||
| 1995 | if (!xp->security) { | ||
| 1996 | int err = security_xfrm_sock_policy_alloc(xp, sk); | ||
| 1997 | if (err) { | ||
| 1998 | kfree(xp); | ||
| 1999 | *dir = err; | ||
| 2000 | return NULL; | ||
| 2001 | } | ||
| 2002 | } | ||
| 2003 | |||
| 2004 | *dir = p->dir; | 1995 | *dir = p->dir; |
| 2005 | 1996 | ||
| 2006 | return xp; | 1997 | return xp; |