diff options
| author |   David S. Miller <davem@davemloft.net> | 2017-12-29 15:14:27 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2017-12-29 15:42:26 -0500 |
| commit | 6bb8824732f69de0f233ae6b1a8158e149627b38 (patch) | |
| tree | 78642311a28f42df9042da41eb98652c39d51327 /net/xfrm/xfrm_policy.c | |
| parent | Merge tag 'mlx5-shared-4.16-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mellanox/linux (diff) | |
| parent | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net (diff) | |
| download | linux-dev-6bb8824732f69de0f233ae6b1a8158e149627b38.tar.xz linux-dev-6bb8824732f69de0f233ae6b1a8158e149627b38.zip | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
net/ipv6/ip6_gre.c is a case of parallel adds.
include/trace/events/tcp.h is a little bit more tricky. The removal
of in-trace-macro ifdefs in 'net' paralleled with moving
show_tcp_state_name and friends over to include/trace/events/sock.h
in 'net-next'.
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/xfrm/xfrm_policy.c')
| -rw-r--r-- | net/xfrm/xfrm_policy.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index e3a5aca9cdda..d8a8129b9232 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c @@ -1168,9 +1168,15 @@ static struct xfrm_policy *xfrm_sk_policy_lookup(const struct sock *sk, int dir, again: pol = rcu_dereference(sk->sk_policy[dir]); if (pol != NULL) { - bool match = xfrm_selector_match(&pol->selector, fl, family); + bool match; int err = 0; + if (pol->family != family) { + pol = NULL; + goto out; + } + + match = xfrm_selector_match(&pol->selector, fl, family); if (match) { if ((sk->sk_mark & pol->mark.m) != pol->mark.v) { pol = NULL; @@ -1835,6 +1841,7 @@ xfrm_resolve_and_create_bundle(struct xfrm_policy **pols, int num_pols, sizeof(struct xfrm_policy *) * num_pols) == 0 && xfrm_xdst_can_reuse(xdst, xfrm, err)) { dst_hold(&xdst->u.dst); + xfrm_pols_put(pols, num_pols); while (err > 0) xfrm_state_put(xfrm[--err]); return xdst; |