5 files changed, 22 insertions, 26 deletions

diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c
index ab4ef72f0b1d..debe733386f8 100644
--- a/net/xfrm/xfrm_algo.c
+++ b/net/xfrm/xfrm_algo.c
@@ -802,17 +802,4 @@ int xfrm_count_pfkey_enc_supported(void)
 }
 EXPORT_SYMBOL_GPL(xfrm_count_pfkey_enc_supported);
 
-#if defined(CONFIG_INET_ESP) || defined(CONFIG_INET_ESP_MODULE) || defined(CONFIG_INET6_ESP) || defined(CONFIG_INET6_ESP_MODULE)
-
-void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len)
-{
-        if (tail != skb) {
-                skb->data_len += len;
-                skb->len += len;
-        }
-        return skb_put(tail, len);
-}
-EXPORT_SYMBOL_GPL(pskb_put);
-#endif
-
 MODULE_LICENSE("GPL");
diff --git a/net/xfrm/xfrm_hash.h b/net/xfrm/xfrm_hash.h
index 716502ada53b..0622d319e1f2 100644
--- a/net/xfrm/xfrm_hash.h
+++ b/net/xfrm/xfrm_hash.h
@@ -130,7 +130,7 @@ static inline unsigned int __addr_hash(const xfrm_address_t *daddr,
         return h & hmask;
 }
 
-extern struct hlist_head *xfrm_hash_alloc(unsigned int sz);
-extern void xfrm_hash_free(struct hlist_head *n, unsigned int sz);
+struct hlist_head *xfrm_hash_alloc(unsigned int sz);
+void xfrm_hash_free(struct hlist_head *n, unsigned int sz);
 
 #endif /* _XFRM_HASH_H */
diff --git a/net/xfrm/xfrm_ipcomp.c b/net/xfrm/xfrm_ipcomp.c
index 2906d520eea7..ccfdc7115a83 100644
--- a/net/xfrm/xfrm_ipcomp.c
+++ b/net/xfrm/xfrm_ipcomp.c
@@ -141,14 +141,14 @@ static int ipcomp_compress(struct xfrm_state *x, struct sk_buff *skb)
         const int plen = skb->len;
         int dlen = IPCOMP_SCRATCH_SIZE;
         u8 *start = skb->data;
-        const int cpu = get_cpu();
-        u8 *scratch = *per_cpu_ptr(ipcomp_scratches, cpu);
-        struct crypto_comp *tfm = *per_cpu_ptr(ipcd->tfms, cpu);
+        struct crypto_comp *tfm;
+        u8 *scratch;
         int err;
 
         local_bh_disable();
+        scratch = *this_cpu_ptr(ipcomp_scratches);
+        tfm = *this_cpu_ptr(ipcd->tfms);
         err = crypto_comp_compress(tfm, start, plen, scratch, &dlen);
-        local_bh_enable();
         if (err)
                 goto out;
 
@@ -158,13 +158,13 @@ static int ipcomp_compress(struct xfrm_state *x, struct sk_buff *skb)
         }
 
         memcpy(start + sizeof(struct ip_comp_hdr), scratch, dlen);
-        put_cpu();
+        local_bh_enable();
 
         pskb_trim(skb, dlen + sizeof(struct ip_comp_hdr));
         return 0;
 
 out:
-        put_cpu();
+        local_bh_enable();
         return err;
 }
 
@@ -220,8 +220,8 @@ static void ipcomp_free_scratches(void)
 
 static void * __percpu *ipcomp_alloc_scratches(void)
 {
-        int i;
         void * __percpu *scratches;
+        int i;
 
         if (ipcomp_scratch_users++)
                 return ipcomp_scratches;
@@ -233,7 +233,9 @@ static void * __percpu *ipcomp_alloc_scratches(void)
         ipcomp_scratches = scratches;
 
         for_each_possible_cpu(i) {
-                void *scratch = vmalloc(IPCOMP_SCRATCH_SIZE);
+                void *scratch;
+
+                scratch = vmalloc_node(IPCOMP_SCRATCH_SIZE, cpu_to_node(i));
                 if (!scratch)
                         return NULL;
                 *per_cpu_ptr(scratches, i) = scratch;
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 767c74a91db3..0d49945d0b9e 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -1844,6 +1844,13 @@ static int xdst_queue_output(struct sk_buff *skb)
         struct xfrm_dst *xdst = (struct xfrm_dst *) dst;
         struct xfrm_policy *pol = xdst->pols[0];
         struct xfrm_policy_queue *pq = &pol->polq;
+        const struct sk_buff *fclone = skb + 1;
+
+        if (unlikely(skb->fclone == SKB_FCLONE_ORIG &&
+                     fclone->fclone == SKB_FCLONE_CLONE)) {
+                kfree_skb(skb);
+                return 0;
+        }
 
         if (pq->hold_queue.qlen > XFRM_MAX_QUEUE_LEN) {
                 kfree_skb(skb);
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index dbf0719df5b0..8ed9d0dd4566 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -468,7 +468,7 @@ expired:
         }
 
         err = __xfrm_state_delete(x);
-        if (!err && x->id.spi)
+        if (!err)
                 km_state_expired(x, 1, 0);
 
         xfrm_audit_state_delete(x, err ? 0 : 1,
@@ -815,7 +815,7 @@ xfrm_state_find(const xfrm_address_t *daddr, const xfrm_address_t *saddr,
                         xfrm_state_look_at(pol, x, fl, encap_family,
                                            &best, &acquire_in_progress, &error);
         }
-        if (best)
+        if (best || acquire_in_progress)
                 goto found;
 
         h_wildcard = xfrm_dst_hash(net, daddr, &saddr_wildcard, tmpl->reqid, encap_family);
@@ -824,7 +824,7 @@ xfrm_state_find(const xfrm_address_t *daddr, const xfrm_address_t *saddr,
                     x->props.reqid == tmpl->reqid &&
                     (mark & x->mark.m) == x->mark.v &&
                     !(x->props.flags & XFRM_STATE_WILDRECV) &&
-                    xfrm_state_addr_check(x, daddr, saddr, encap_family) &&
+                    xfrm_addr_equal(&x->id.daddr, daddr, encap_family) &&
                     tmpl->mode == x->props.mode &&
                     tmpl->id.proto == x->id.proto &&
                     (tmpl->id.spi == x->id.spi || !tmpl->id.spi))