diff options
Diffstat (limited to 'net')
| -rw-r--r-- | net/8021q/vlan.c | 2 | ||||
| -rw-r--r-- | net/ax25/ax25_subr.c | 2 | ||||
| -rw-r--r-- | net/bridge/br_device.c | 3 | ||||
| -rw-r--r-- | net/core/dev.c | 6 | ||||
| -rw-r--r-- | net/ipv4/devinet.c | 3 | ||||
| -rw-r--r-- | net/ipv4/esp4.c | 5 | ||||
| -rw-r--r-- | net/ipv4/ipconfig.c | 20 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ip_tables.c | 57 | ||||
| -rw-r--r-- | net/ipv4/tcp_input.c | 2 | ||||
| -rw-r--r-- | net/ipv6/esp6.c | 6 | ||||
| -rw-r--r-- | net/ipv6/ipv6_sockglue.c | 12 | ||||
| -rw-r--r-- | net/ipv6/xfrm6_policy.c | 2 | ||||
| -rw-r--r-- | net/irda/irlmp.c | 1 | ||||
| -rw-r--r-- | net/irda/parameters.c | 6 | ||||
| -rw-r--r-- | net/mac80211/ieee80211_rate.c | 1 | ||||
| -rw-r--r-- | net/netfilter/nf_conntrack_netlink.c | 4 | ||||
| -rw-r--r-- | net/netfilter/x_tables.c | 8 | ||||
| -rw-r--r-- | net/netfilter/xt_hashlimit.c | 2 | ||||
| -rw-r--r-- | net/sctp/ulpqueue.c | 33 | ||||
| -rw-r--r-- | net/sunrpc/xprtrdma/rpc_rdma.c | 9 | ||||
| -rw-r--r-- | net/tipc/socket.c | 2 | ||||
| -rw-r--r-- | net/xfrm/xfrm_policy.c | 9 | ||||
| -rw-r--r-- | net/xfrm/xfrm_state.c | 10 |
23 files changed, 100 insertions, 105 deletions
diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c index 5b183156307a..4add9bd4bc8d 100644 --- a/net/8021q/vlan.c +++ b/net/8021q/vlan.c @@ -124,8 +124,8 @@ static void __exit vlan_cleanup_module(void) { int i; - vlan_netlink_fini(); vlan_ioctl_set(NULL); + vlan_netlink_fini(); /* Un-register us from receiving netdevice events */ unregister_netdevice_notifier(&vlan_notifier_block); diff --git a/net/ax25/ax25_subr.c b/net/ax25/ax25_subr.c index 5fe9b2a6697d..d8f215733175 100644 --- a/net/ax25/ax25_subr.c +++ b/net/ax25/ax25_subr.c @@ -279,6 +279,7 @@ void ax25_disconnect(ax25_cb *ax25, int reason) ax25_link_failed(ax25, reason); if (ax25->sk != NULL) { + local_bh_disable(); bh_lock_sock(ax25->sk); ax25->sk->sk_state = TCP_CLOSE; ax25->sk->sk_err = reason; @@ -288,5 +289,6 @@ void ax25_disconnect(ax25_cb *ax25, int reason) sock_set_flag(ax25->sk, SOCK_DEAD); } bh_unlock_sock(ax25->sk); + local_bh_enable(); } } diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c index c07bac5e3e10..bf7787395fe0 100644 --- a/net/bridge/br_device.c +++ b/net/bridge/br_device.c @@ -157,8 +157,7 @@ static struct ethtool_ops br_ethtool_ops = { void br_dev_setup(struct net_device *dev) { - memset(dev->dev_addr, 0, ETH_ALEN); - + random_ether_addr(dev->dev_addr); ether_setup(dev); dev->do_ioctl = br_dev_ioctl; diff --git a/net/core/dev.c b/net/core/dev.c index 86d62611f2fc..26a3a3a15be0 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -3972,8 +3972,7 @@ void synchronize_net(void) * @dev: device * * This function shuts down a device interface and removes it - * from the kernel tables. On success 0 is returned, on a failure - * a negative errno code is returned. + * from the kernel tables. * * Callers must hold the rtnl semaphore. You may want * unregister_netdev() instead of this. @@ -3991,8 +3990,7 @@ void unregister_netdevice(struct net_device *dev) * @dev: device * * This function shuts down a device interface and removes it - * from the kernel tables. On success 0 is returned, on a failure - * a negative errno code is returned. + * from the kernel tables. * * This is just a wrapper for unregister_netdevice that takes * the rtnl semaphore. In general you want to use this and not diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index 55d199e4ae21..3168c3de4919 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -516,8 +516,6 @@ static struct in_ifaddr *rtm_to_ifaddr(struct nlmsghdr *nlh) goto errout; } - ipv4_devconf_setall(in_dev); - ifa = inet_alloc_ifa(); if (ifa == NULL) { /* @@ -528,6 +526,7 @@ static struct in_ifaddr *rtm_to_ifaddr(struct nlmsghdr *nlh) goto errout; } + ipv4_devconf_setall(in_dev); in_dev_hold(in_dev); if (tb[IFA_ADDRESS] == NULL) diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c index c31bccb9b526..1738113268bc 100644 --- a/net/ipv4/esp4.c +++ b/net/ipv4/esp4.c @@ -9,6 +9,7 @@ #include <linux/pfkeyv2.h> #include <linux/random.h> #include <linux/spinlock.h> +#include <linux/in6.h> #include <net/icmp.h> #include <net/protocol.h> #include <net/udp.h> @@ -224,6 +225,10 @@ static int esp_input(struct xfrm_state *x, struct sk_buff *skb) /* ... check padding bits here. Silly. :-) */ + /* RFC4303: Drop dummy packets without any error */ + if (nexthdr[1] == IPPROTO_NONE) + goto out; + iph = ip_hdr(skb); ihl = iph->ihl * 4; diff --git a/net/ipv4/ipconfig.c b/net/ipv4/ipconfig.c index c5c107a01823..96400b0bd08a 100644 --- a/net/ipv4/ipconfig.c +++ b/net/ipv4/ipconfig.c @@ -1396,25 +1396,7 @@ late_initcall(ip_auto_config); /* * Decode any IP configuration options in the "ip=" or "nfsaddrs=" kernel - * command line parameter. It consists of option fields separated by colons in - * the following order: - * - * <client-ip>:<server-ip>:<gw-ip>:<netmask>:<host name>:<device>:<PROTO> - * - * Any of the fields can be empty which means to use a default value: - * <client-ip> - address given by BOOTP or RARP - * <server-ip> - address of host returning BOOTP or RARP packet - * <gw-ip> - none, or the address returned by BOOTP - * <netmask> - automatically determined from <client-ip>, or the - * one returned by BOOTP - * <host name> - <client-ip> in ASCII notation, or the name returned - * by BOOTP - * <device> - use all available devices - * <PROTO>: - * off|none - don't do autoconfig at all (DEFAULT) - * on|any - use any configured protocol - * dhcp|bootp|rarp - use only the specified protocol - * both - use both BOOTP and RARP (not DHCP) + * command line parameter. See Documentation/nfsroot.txt. */ static int __init ic_proto_name(char *name) { diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index 4b10b98640ac..b9b189c26208 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c @@ -1492,8 +1492,10 @@ static inline int compat_copy_match_to_user(struct ipt_entry_match *m, return xt_compat_match_to_user(m, dstptr, size); } -static int compat_copy_entry_to_user(struct ipt_entry *e, - void __user **dstptr, compat_uint_t *size) +static int +compat_copy_entry_to_user(struct ipt_entry *e, void __user **dstptr, + compat_uint_t *size, struct xt_counters *counters, + unsigned int *i) { struct ipt_entry_target *t; struct compat_ipt_entry __user *ce; @@ -1507,6 +1509,9 @@ static int compat_copy_entry_to_user(struct ipt_entry *e, if (copy_to_user(ce, e, sizeof(struct ipt_entry))) goto out; + if (copy_to_user(&ce->counters, &counters[*i], sizeof(counters[*i]))) + goto out; + *dstptr += sizeof(struct compat_ipt_entry); ret = IPT_MATCH_ITERATE(e, compat_copy_match_to_user, dstptr, size); target_offset = e->target_offset - (origsize - *size); @@ -1522,6 +1527,8 @@ static int compat_copy_entry_to_user(struct ipt_entry *e, goto out; if (put_user(next_offset, &ce->next_offset)) goto out; + + (*i)++; return 0; out: return ret; @@ -1937,14 +1944,13 @@ struct compat_ipt_get_entries static int compat_copy_entries_to_user(unsigned int total_size, struct xt_table *table, void __user *userptr) { - unsigned int off, num; - struct compat_ipt_entry e; struct xt_counters *counters; struct xt_table_info *private = table->private; void __user *pos; unsigned int size; int ret = 0; void *loc_cpu_entry; + unsigned int i = 0; counters = alloc_counters(table); if (IS_ERR(counters)) @@ -1958,48 +1964,9 @@ static int compat_copy_entries_to_user(unsigned int total_size, pos = userptr; size = total_size; ret = IPT_ENTRY_ITERATE(loc_cpu_entry, total_size, - compat_copy_entry_to_user, &pos, &size); - if (ret) - goto free_counters; - - /* ... then go back and fix counters and names */ - for (off = 0, num = 0; off < size; off += e.next_offset, num++) { - unsigned int i; - struct ipt_entry_match m; - struct ipt_entry_target t; + compat_copy_entry_to_user, + &pos, &size, counters, &i); - ret = -EFAULT; - if (copy_from_user(&e, userptr + off, - sizeof(struct compat_ipt_entry))) - goto free_counters; - if (copy_to_user(userptr + off + - offsetof(struct compat_ipt_entry, counters), - &counters[num], sizeof(counters[num]))) - goto free_counters; - - for (i = sizeof(struct compat_ipt_entry); - i < e.target_offset; i += m.u.match_size) { - if (copy_from_user(&m, userptr + off + i, - sizeof(struct ipt_entry_match))) - goto free_counters; - if (copy_to_user(userptr + off + i + - offsetof(struct ipt_entry_match, u.user.name), - m.u.kernel.match->name, - strlen(m.u.kernel.match->name) + 1)) - goto free_counters; - } - - if (copy_from_user(&t, userptr + off + e.target_offset, - sizeof(struct ipt_entry_target))) - goto free_counters; - if (copy_to_user(userptr + off + e.target_offset + - offsetof(struct ipt_entry_target, u.user.name), - t.u.kernel.target->name, - strlen(t.u.kernel.target->name) + 1)) - goto free_counters; - } - ret = 0; -free_counters: vfree(counters); return ret; } diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index b9e429d2d1de..889c89362bfc 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -923,7 +923,7 @@ static void tcp_init_metrics(struct sock *sk) } if (dst_metric(dst, RTAX_RTTVAR) > tp->mdev) { tp->mdev = dst_metric(dst, RTAX_RTTVAR); - tp->mdev_max = tp->rttvar = max(tp->mdev, TCP_RTO_MIN); + tp->mdev_max = tp->rttvar = max(tp->mdev, tcp_rto_min(sk)); } tcp_set_rto(sk); tcp_bound_rto(sk); diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c index 7db66f10e00d..444053254676 100644 --- a/net/ipv6/esp6.c +++ b/net/ipv6/esp6.c @@ -230,6 +230,12 @@ static int esp6_input(struct xfrm_state *x, struct sk_buff *skb) } /* ... check padding bits here. Silly. :-) */ + /* RFC4303: Drop dummy packets without any error */ + if (nexthdr[1] == IPPROTO_NONE) { + ret = -EINVAL; + goto out; + } + pskb_trim(skb, skb->len - alen - padlen - 2); ret = nexthdr[1]; } diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c index 1334fc174bcf..8c5f80fd03ad 100644 --- a/net/ipv6/ipv6_sockglue.c +++ b/net/ipv6/ipv6_sockglue.c @@ -1046,7 +1046,7 @@ static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, break; default: - return -EINVAL; + return -ENOPROTOOPT; } len = min_t(unsigned int, sizeof(int), len); if(put_user(len, optlen)) @@ -1069,9 +1069,8 @@ int ipv6_getsockopt(struct sock *sk, int level, int optname, err = do_ipv6_getsockopt(sk, level, optname, optval, optlen); #ifdef CONFIG_NETFILTER - /* we need to exclude all possible EINVALs except default case */ - if (err == -EINVAL && optname != IPV6_ADDRFORM && - optname != MCAST_MSFILTER) { + /* we need to exclude all possible ENOPROTOOPTs except default case */ + if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { int len; if (get_user(len, optlen)) @@ -1108,9 +1107,8 @@ int compat_ipv6_getsockopt(struct sock *sk, int level, int optname, err = do_ipv6_getsockopt(sk, level, optname, optval, optlen); #ifdef CONFIG_NETFILTER - /* we need to exclude all possible EINVALs except default case */ - if (err == -EINVAL && optname != IPV6_ADDRFORM && - optname != MCAST_MSFILTER) { + /* we need to exclude all possible ENOPROTOOPTs except default case */ + if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) { int len; if (get_user(len, optlen)) diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c index 82e27b80d07d..b8e9eb445d74 100644 --- a/net/ipv6/xfrm6_policy.c +++ b/net/ipv6/xfrm6_policy.c @@ -233,7 +233,7 @@ __xfrm6_bundle_create(struct xfrm_policy *policy, struct xfrm_state **xfrm, int dst_prev->output = dst_prev->xfrm->outer_mode->afinfo->output; /* Sheit... I remember I did this right. Apparently, * it was magically lost, so this code needs audit */ - x->u.rt6.rt6i_flags = rt0->rt6i_flags&(RTCF_BROADCAST|RTCF_MULTICAST|RTCF_LOCAL); + x->u.rt6.rt6i_flags = rt0->rt6i_flags&(RTF_ANYCAST|RTF_LOCAL); x->u.rt6.rt6i_metric = rt0->rt6i_metric; x->u.rt6.rt6i_node = rt0->rt6i_node; x->u.rt6.rt6i_gateway = rt0->rt6i_gateway; diff --git a/net/irda/irlmp.c b/net/irda/irlmp.c index cedff8068fbc..f24cb755908e 100644 --- a/net/irda/irlmp.c +++ b/net/irda/irlmp.c @@ -353,6 +353,7 @@ void irlmp_unregister_link(__u32 saddr) /* Final cleanup */ del_timer(&link->idle_timer); link->magic = 0; + hashbin_delete(link->lsaps, (FREE_FUNC) __irlmp_close_lsap); kfree(link); } } diff --git a/net/irda/parameters.c b/net/irda/parameters.c index 2627dad7cd87..7183e9ef7996 100644 --- a/net/irda/parameters.c +++ b/net/irda/parameters.c @@ -463,7 +463,7 @@ int irda_param_insert(void *self, __u8 pi, __u8 *buf, int len, int n = 0; IRDA_ASSERT(buf != NULL, return ret;); - IRDA_ASSERT(info != 0, return ret;); + IRDA_ASSERT(info != NULL, return ret;); pi_minor = pi & info->pi_mask; pi_major = pi >> info->pi_major_offset; @@ -517,7 +517,7 @@ static int irda_param_extract(void *self, __u8 *buf, int len, int n = 0; IRDA_ASSERT(buf != NULL, return ret;); - IRDA_ASSERT(info != 0, return ret;); + IRDA_ASSERT(info != NULL, return ret;); pi_minor = buf[n] & info->pi_mask; pi_major = buf[n] >> info->pi_major_offset; @@ -570,7 +570,7 @@ int irda_param_extract_all(void *self, __u8 *buf, int len, int n = 0; IRDA_ASSERT(buf != NULL, return ret;); - IRDA_ASSERT(info != 0, return ret;); + IRDA_ASSERT(info != NULL, return ret;); /* * Parse all parameters. Each parameter must be at least two bytes diff --git a/net/mac80211/ieee80211_rate.c b/net/mac80211/ieee80211_rate.c index 7254bd609839..3260a4a0ecc5 100644 --- a/net/mac80211/ieee80211_rate.c +++ b/net/mac80211/ieee80211_rate.c @@ -33,6 +33,7 @@ int ieee80211_rate_control_register(struct rate_control_ops *ops) if (!strcmp(alg->ops->name, ops->name)) { /* don't register an algorithm twice */ WARN_ON(1); + mutex_unlock(&rate_ctrl_mutex); return -EALREADY; } } diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 9be1826e6cdd..7d231243754a 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -1024,8 +1024,10 @@ ctnetlink_create_conntrack(struct nlattr *cda[], } /* setup master conntrack: this is a confirmed expectation */ - if (master_ct) + if (master_ct) { + __set_bit(IPS_EXPECTED_BIT, &ct->status); ct->master = master_ct; + } add_timer(&ct->timeout); nf_conntrack_hash_insert(ct); diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index d9a3bded0d00..b6160e41eb1c 100644 --- a/net/netfilter/x_tables.c +++ b/net/netfilter/x_tables.c @@ -377,7 +377,9 @@ int xt_compat_match_to_user(struct xt_entry_match *m, void __user **dstptr, u_int16_t msize = m->u.user.match_size - off; if (copy_to_user(cm, m, sizeof(*cm)) || - put_user(msize, &cm->u.user.match_size)) + put_user(msize, &cm->u.user.match_size) || + copy_to_user(cm->u.user.name, m->u.kernel.match->name, + strlen(m->u.kernel.match->name) + 1)) return -EFAULT; if (match->compat_to_user) { @@ -468,7 +470,9 @@ int xt_compat_target_to_user(struct xt_entry_target *t, void __user **dstptr, u_int16_t tsize = t->u.user.target_size - off; if (copy_to_user(ct, t, sizeof(*ct)) || - put_user(tsize, &ct->u.user.target_size)) + put_user(tsize, &ct->u.user.target_size) || + copy_to_user(ct->u.user.name, t->u.kernel.target->name, + strlen(t->u.kernel.target->name) + 1)) return -EFAULT; if (target->compat_to_user) { diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c index 19103678bf20..2ef44d8560c1 100644 --- a/net/netfilter/xt_hashlimit.c +++ b/net/netfilter/xt_hashlimit.c @@ -240,7 +240,7 @@ static bool select_all(const struct xt_hashlimit_htable *ht, static bool select_gc(const struct xt_hashlimit_htable *ht, const struct dsthash_ent *he) { - return jiffies >= he->expires; + return time_after_eq(jiffies, he->expires); } static void htable_selective_cleanup(struct xt_hashlimit_htable *ht, diff --git a/net/sctp/ulpqueue.c b/net/sctp/ulpqueue.c index 4908041ffb31..1733fa29a501 100644 --- a/net/sctp/ulpqueue.c +++ b/net/sctp/ulpqueue.c @@ -53,6 +53,7 @@ static struct sctp_ulpevent * sctp_ulpq_reasm(struct sctp_ulpq *ulpq, struct sctp_ulpevent *); static struct sctp_ulpevent * sctp_ulpq_order(struct sctp_ulpq *, struct sctp_ulpevent *); +static void sctp_ulpq_reasm_drain(struct sctp_ulpq *ulpq); /* 1st Level Abstractions */ @@ -190,6 +191,7 @@ static void sctp_ulpq_set_pd(struct sctp_ulpq *ulpq) static int sctp_ulpq_clear_pd(struct sctp_ulpq *ulpq) { ulpq->pd_mode = 0; + sctp_ulpq_reasm_drain(ulpq); return sctp_clear_pd(ulpq->asoc->base.sk, ulpq->asoc); } @@ -699,6 +701,37 @@ void sctp_ulpq_reasm_flushtsn(struct sctp_ulpq *ulpq, __u32 fwd_tsn) } } +/* + * Drain the reassembly queue. If we just cleared parted delivery, it + * is possible that the reassembly queue will contain already reassembled + * messages. Retrieve any such messages and give them to the user. + */ +static void sctp_ulpq_reasm_drain(struct sctp_ulpq *ulpq) +{ + struct sctp_ulpevent *event = NULL; + struct sk_buff_head temp; + + if (skb_queue_empty(&ulpq->reasm)) + return; + + while ((event = sctp_ulpq_retrieve_reassembled(ulpq)) != NULL) { + /* Do ordering if needed. */ + if ((event) && (event->msg_flags & MSG_EOR)){ + skb_queue_head_init(&temp); + __skb_queue_tail(&temp, sctp_event2skb(event)); + + event = sctp_ulpq_order(ulpq, event); + } + + /* Send event to the ULP. 'event' is the + * sctp_ulpevent for very first SKB on the temp' list. + */ + if (event) + sctp_ulpq_tail_event(ulpq, event); + } +} + + /* Helper function to gather skbs that have possibly become * ordered by an an incoming chunk. */ diff --git a/net/sunrpc/xprtrdma/rpc_rdma.c b/net/sunrpc/xprtrdma/rpc_rdma.c index 9e11ce715958..ee8de7af2a5b 100644 --- a/net/sunrpc/xprtrdma/rpc_rdma.c +++ b/net/sunrpc/xprtrdma/rpc_rdma.c @@ -92,7 +92,6 @@ rpcrdma_convert_iovs(struct xdr_buf *xdrbuf, int pos, seg[n].mr_page = NULL; seg[n].mr_offset = xdrbuf->head[0].iov_base; seg[n].mr_len = xdrbuf->head[0].iov_len; - pos += xdrbuf->head[0].iov_len; ++n; } @@ -104,7 +103,6 @@ rpcrdma_convert_iovs(struct xdr_buf *xdrbuf, int pos, seg[n].mr_len = min_t(u32, PAGE_SIZE - xdrbuf->page_base, xdrbuf->page_len); len = xdrbuf->page_len - seg[n].mr_len; - pos += len; ++n; p = 1; while (len > 0) { @@ -119,20 +117,15 @@ rpcrdma_convert_iovs(struct xdr_buf *xdrbuf, int pos, } } - if (pos < xdrbuf->len && xdrbuf->tail[0].iov_len) { + if (xdrbuf->tail[0].iov_len) { if (n == nsegs) return 0; seg[n].mr_page = NULL; seg[n].mr_offset = xdrbuf->tail[0].iov_base; seg[n].mr_len = xdrbuf->tail[0].iov_len; - pos += xdrbuf->tail[0].iov_len; ++n; } - if (pos < xdrbuf->len) - dprintk("RPC: %s: marshaled only %d of %d\n", - __func__, pos, xdrbuf->len); - return n; } diff --git a/net/tipc/socket.c b/net/tipc/socket.c index 6b792265dc06..24ddfd2ca38b 100644 --- a/net/tipc/socket.c +++ b/net/tipc/socket.c @@ -253,7 +253,7 @@ static int release(struct socket *sock) dbg("sock_delete: %x\n",tsock); if (!tsock) return 0; - down_interruptible(&tsock->sem); + down(&tsock->sem); if (!sock->sk) { up(&tsock->sem); return 0; diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index 9a4cf2e45a15..b91b16671c1e 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c @@ -1318,8 +1318,9 @@ restart: if (sk && sk->sk_policy[XFRM_POLICY_OUT]) { policy = xfrm_sk_policy_lookup(sk, XFRM_POLICY_OUT, fl); + err = PTR_ERR(policy); if (IS_ERR(policy)) - return PTR_ERR(policy); + goto dropdst; } if (!policy) { @@ -1330,8 +1331,9 @@ restart: policy = flow_cache_lookup(fl, dst_orig->ops->family, dir, xfrm_policy_lookup); + err = PTR_ERR(policy); if (IS_ERR(policy)) - return PTR_ERR(policy); + goto dropdst; } if (!policy) @@ -1501,8 +1503,9 @@ restart: return 0; error: - dst_release(dst_orig); xfrm_pols_put(pols, npols); +dropdst: + dst_release(dst_orig); *dst_p = NULL; return err; } diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index cf43c49eab37..1af522bf12ca 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c @@ -2028,6 +2028,7 @@ void xfrm_audit_state_add(struct xfrm_state *x, int result, u32 auid, u32 sid) { struct audit_buffer *audit_buf; + u32 spi; extern int audit_enabled; if (audit_enabled == 0) @@ -2037,8 +2038,8 @@ xfrm_audit_state_add(struct xfrm_state *x, int result, u32 auid, u32 sid) return; audit_log_format(audit_buf, " op=SAD-add res=%u",result); xfrm_audit_common_stateinfo(x, audit_buf); - audit_log_format(audit_buf, " spi=%lu(0x%lx)", - (unsigned long)x->id.spi, (unsigned long)x->id.spi); + spi = ntohl(x->id.spi); + audit_log_format(audit_buf, " spi=%u(0x%x)", spi, spi); audit_log_end(audit_buf); } EXPORT_SYMBOL_GPL(xfrm_audit_state_add); @@ -2047,6 +2048,7 @@ void xfrm_audit_state_delete(struct xfrm_state *x, int result, u32 auid, u32 sid) { struct audit_buffer *audit_buf; + u32 spi; extern int audit_enabled; if (audit_enabled == 0) @@ -2056,8 +2058,8 @@ xfrm_audit_state_delete(struct xfrm_state *x, int result, u32 auid, u32 sid) return; audit_log_format(audit_buf, " op=SAD-delete res=%u",result); xfrm_audit_common_stateinfo(x, audit_buf); - audit_log_format(audit_buf, " spi=%lu(0x%lx)", - (unsigned long)x->id.spi, (unsigned long)x->id.spi); + spi = ntohl(x->id.spi); + audit_log_format(audit_buf, " spi=%u(0x%x)", spi, spi); audit_log_end(audit_buf); } EXPORT_SYMBOL_GPL(xfrm_audit_state_delete); |