git.openpandora.org
/
pandora-kernel.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Pull asus into release branch
[pandora-kernel.git]
/
net
/
xfrm
/
xfrm_user.c
diff --git
a/net/xfrm/xfrm_user.c
b/net/xfrm/xfrm_user.c
index
2567453
..
816e369
100644
(file)
--- a/
net/xfrm/xfrm_user.c
+++ b/
net/xfrm/xfrm_user.c
@@
-272,9
+272,8
@@
static int attach_encap_tmpl(struct xfrm_encap_tmpl **encapp, struct rtattr *u_a
}
}
-static inline int xfrm_user_sec_ctx_size(struct xfrm_
policy *xp
)
+static inline int xfrm_user_sec_ctx_size(struct xfrm_
sec_ctx *xfrm_ctx
)
{
{
- struct xfrm_sec_ctx *xfrm_ctx = xp->security;
int len = 0;
if (xfrm_ctx) {
int len = 0;
if (xfrm_ctx) {
@@
-530,9
+529,6
@@
static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
err = xfrm_state_delete(x);
err = xfrm_state_delete(x);
- xfrm_audit_log(NETLINK_CB(skb).loginuid, NETLINK_CB(skb).sid,
- AUDIT_MAC_IPSEC_DELSA, err ? 0 : 1, NULL, x);
-
if (err < 0)
goto out;
if (err < 0)
goto out;
@@
-542,6
+538,8
@@
static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
km_state_notify(x, &c);
out:
km_state_notify(x, &c);
out:
+ xfrm_audit_log(NETLINK_CB(skb).loginuid, NETLINK_CB(skb).sid,
+ AUDIT_MAC_IPSEC_DELSA, err ? 0 : 1, NULL, x);
xfrm_state_put(x);
return err;
}
xfrm_state_put(x);
return err;
}
@@
-1254,7
+1252,7
@@
static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
return err;
if (p->index)
return err;
if (p->index)
- xp = xfrm_policy_byid(type, p->dir, p->index, delete);
+ xp = xfrm_policy_byid(type, p->dir, p->index, delete
, &err
);
else {
struct rtattr *rt = xfrma[XFRMA_SEC_CTX-1];
struct xfrm_policy tmp;
else {
struct rtattr *rt = xfrma[XFRMA_SEC_CTX-1];
struct xfrm_policy tmp;
@@
-1270,7
+1268,8
@@
static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
if ((err = security_xfrm_policy_alloc(&tmp, uctx)))
return err;
}
if ((err = security_xfrm_policy_alloc(&tmp, uctx)))
return err;
}
- xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, tmp.security, delete);
+ xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, tmp.security,
+ delete, &err);
security_xfrm_policy_free(&tmp);
}
if (xp == NULL)
security_xfrm_policy_free(&tmp);
}
if (xp == NULL)
@@
-1288,8
+1287,6
@@
static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
MSG_DONTWAIT);
}
} else {
MSG_DONTWAIT);
}
} else {
- err = security_xfrm_policy_delete(xp);
-
xfrm_audit_log(NETLINK_CB(skb).loginuid, NETLINK_CB(skb).sid,
AUDIT_MAC_IPSEC_DELSPD, err ? 0 : 1, xp, NULL);
xfrm_audit_log(NETLINK_CB(skb).loginuid, NETLINK_CB(skb).sid,
AUDIT_MAC_IPSEC_DELSPD, err ? 0 : 1, xp, NULL);
@@
-1303,9
+1300,8
@@
static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
km_policy_notify(xp, p->dir, &c);
}
km_policy_notify(xp, p->dir, &c);
}
- xfrm_pol_put(xp);
-
out:
out:
+ xfrm_pol_put(xp);
return err;
}
return err;
}
@@
-1401,7
+1397,7
@@
static int xfrm_get_ae(struct sk_buff *skb, struct nlmsghdr *nlh,
x = xfrm_state_lookup(&id->daddr, id->spi, id->proto, id->family);
if (x == NULL) {
x = xfrm_state_lookup(&id->daddr, id->spi, id->proto, id->family);
if (x == NULL) {
- kfree(r_skb);
+ kfree
_skb
(r_skb);
return -ESRCH;
}
return -ESRCH;
}
@@
-1502,7
+1498,7
@@
static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
return err;
if (p->index)
return err;
if (p->index)
- xp = xfrm_policy_byid(type, p->dir, p->index, 0);
+ xp = xfrm_policy_byid(type, p->dir, p->index, 0
, &err
);
else {
struct rtattr *rt = xfrma[XFRMA_SEC_CTX-1];
struct xfrm_policy tmp;
else {
struct rtattr *rt = xfrma[XFRMA_SEC_CTX-1];
struct xfrm_policy tmp;
@@
-1518,13
+1514,14
@@
static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
if ((err = security_xfrm_policy_alloc(&tmp, uctx)))
return err;
}
if ((err = security_xfrm_policy_alloc(&tmp, uctx)))
return err;
}
- xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, tmp.security, 0);
+ xp = xfrm_policy_bysel_ctx(type, p->dir, &p->sel, tmp.security,
+ 0, &err);
security_xfrm_policy_free(&tmp);
}
if (xp == NULL)
security_xfrm_policy_free(&tmp);
}
if (xp == NULL)
- return
err
;
-
read_lock(&xp->lock);
+ return
-ENOENT
;
+ read_lock(&xp->lock);
if (xp->dead) {
read_unlock(&xp->lock);
goto out;
if (xp->dead) {
read_unlock(&xp->lock);
goto out;
@@
-1557,14
+1554,13
@@
static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
struct xfrm_usersa_info *p = &ue->state;
x = xfrm_state_lookup(&p->id.daddr, p->id.spi, p->id.proto, p->family);
struct xfrm_usersa_info *p = &ue->state;
x = xfrm_state_lookup(&p->id.daddr, p->id.spi, p->id.proto, p->family);
- err = -ENOENT;
+ err = -ENOENT;
if (x == NULL)
return err;
if (x == NULL)
return err;
- err = -EINVAL;
-
spin_lock_bh(&x->lock);
spin_lock_bh(&x->lock);
+ err = -EINVAL;
if (x->km.state != XFRM_STATE_VALID)
goto out;
km_state_expired(x, ue->hard, current->pid);
if (x->km.state != XFRM_STATE_VALID)
goto out;
km_state_expired(x, ue->hard, current->pid);
@@
-1574,6
+1570,7
@@
static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
xfrm_audit_log(NETLINK_CB(skb).loginuid, NETLINK_CB(skb).sid,
AUDIT_MAC_IPSEC_DELSA, 1, NULL, x);
}
xfrm_audit_log(NETLINK_CB(skb).loginuid, NETLINK_CB(skb).sid,
AUDIT_MAC_IPSEC_DELSA, 1, NULL, x);
}
+ err = 0;
out:
spin_unlock_bh(&x->lock);
xfrm_state_put(x);
out:
spin_unlock_bh(&x->lock);
xfrm_state_put(x);
@@
-2027,7
+2024,7
@@
nlmsg_failure:
return -1;
}
return -1;
}
-static in
t inline
xfrm_sa_len(struct xfrm_state *x)
+static in
line int
xfrm_sa_len(struct xfrm_state *x)
{
int l = 0;
if (x->aalg)
{
int l = 0;
if (x->aalg)
@@
-2172,7
+2169,7
@@
static int xfrm_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *xt,
len = RTA_SPACE(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr);
len += NLMSG_SPACE(sizeof(struct xfrm_user_acquire));
len = RTA_SPACE(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr);
len += NLMSG_SPACE(sizeof(struct xfrm_user_acquire));
- len += RTA_SPACE(xfrm_user_sec_ctx_size(x
p
));
+ len += RTA_SPACE(xfrm_user_sec_ctx_size(x
->security
));
#ifdef CONFIG_XFRM_SUB_POLICY
len += RTA_SPACE(sizeof(struct xfrm_userpolicy_type));
#endif
#ifdef CONFIG_XFRM_SUB_POLICY
len += RTA_SPACE(sizeof(struct xfrm_userpolicy_type));
#endif
@@
-2282,7
+2279,7
@@
static int xfrm_exp_policy_notify(struct xfrm_policy *xp, int dir, struct km_eve
len = RTA_SPACE(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr);
len += NLMSG_SPACE(sizeof(struct xfrm_user_polexpire));
len = RTA_SPACE(sizeof(struct xfrm_user_tmpl) * xp->xfrm_nr);
len += NLMSG_SPACE(sizeof(struct xfrm_user_polexpire));
- len += RTA_SPACE(xfrm_user_sec_ctx_size(xp));
+ len += RTA_SPACE(xfrm_user_sec_ctx_size(xp
->security
));
#ifdef CONFIG_XFRM_SUB_POLICY
len += RTA_SPACE(sizeof(struct xfrm_userpolicy_type));
#endif
#ifdef CONFIG_XFRM_SUB_POLICY
len += RTA_SPACE(sizeof(struct xfrm_userpolicy_type));
#endif