From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Mon, 27 Mar 2006 01:37:54 +0000 (-0800)
Subject: [IPSEC]: Fix tunnel error handling in ipcomp6
X-Git-Tag: v2.6.17-rc1~275^2~1
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6abaaaae6d5ed52422c8caf65f3cdbb95579bb58;p=pandora-kernel.git

[IPSEC]: Fix tunnel error handling in ipcomp6

The error handling in ipcomp6_tunnel_create is broken in two ways:

1) If we fail to allocate an SPI (this should never happen in practice
since there are plenty of 32-bit SPI values for us to use), we will
still go ahead and create the SA.

2) When xfrm_init_state fails, we first of all may trigger the BUG_TRAP
in __xfrm_state_destroy because we didn't set the state to DEAD.  More
importantly we end up returning the freed state as if we succeeded!

This patch fixes them both.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
---

Reading git-diff-tree failed