projects / powerpc.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
[SCSI] lpfc 8.1.2: Allow turning on internal loop-back mode
[powerpc.git] / net / xfrm / xfrm_state.c
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 479effc..c656cba 100644 (file)
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -10,7 +10,7 @@
  *             Split up af-specific functions
  *     Derek Atkins <derek@ihtfp.com>
  *             Add UDP Encapsulation
- *     
+ *
  */
 
 #include <linux/workqueue.h>
@@ -70,6 +70,7 @@ static void xfrm_state_gc_destroy(struct xfrm_state *x)
                x->type->destructor(x);
                xfrm_put_type(x->type);
        }
+       security_xfrm_state_free(x);
        kfree(x);
 }
 
@@ -219,14 +220,14 @@ static int __xfrm_state_delete(struct xfrm_state *x)
                x->km.state = XFRM_STATE_DEAD;
                spin_lock(&xfrm_state_lock);
                list_del(&x->bydst);
-               atomic_dec(&x->refcnt);
+               __xfrm_state_put(x);
                if (x->id.spi) {
                        list_del(&x->byspi);
-                       atomic_dec(&x->refcnt);
+                       __xfrm_state_put(x);
                }
                spin_unlock(&xfrm_state_lock);
                if (del_timer(&x->timer))
-                       atomic_dec(&x->refcnt);
+                       __xfrm_state_put(x);
 
                /* The number two in this test is the reference
                 * mentioned in the comment below plus the reference
@@ -242,7 +243,7 @@ static int __xfrm_state_delete(struct xfrm_state *x)
                 * The xfrm_state_alloc call gives a reference, and that
                 * is what we are dropping here.
                 */
-               atomic_dec(&x->refcnt);
+               __xfrm_state_put(x);
                err = 0;
        }
 
@@ -343,7 +344,8 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
                              selector.
                         */
                        if (x->km.state == XFRM_STATE_VALID) {
-                               if (!xfrm_selector_match(&x->sel, fl, family))
+                               if (!xfrm_selector_match(&x->sel, fl, family) ||
+                                   !xfrm_sec_ctx_match(pol->security, x->security))
                                        continue;
                                if (!best ||
                                    best->km.dying > x->km.dying ||
@@ -354,7 +356,8 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
                                acquire_in_progress = 1;
                        } else if (x->km.state == XFRM_STATE_ERROR ||
                                   x->km.state == XFRM_STATE_EXPIRED) {
-                               if (xfrm_selector_match(&x->sel, fl, family))
+                               if (xfrm_selector_match(&x->sel, fl, family) &&
+                                   xfrm_sec_ctx_match(pol->security, x->security))
                                        error = -ESRCH;
                        }
                }
DSM-G600 Linux 2.6