diff options
author | David S. Miller <davem@davemloft.net> | 2018-12-20 17:21:47 +0100 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2018-12-20 17:21:47 +0100 |
commit | ac68a3d3c3eba61c693d63a89223e1df8fe1f0c6 (patch) | |
tree | a22c1d9403987da5517b888dfa1906bced8de07e | |
parent | neighbor: Use nda_policy for validating attributes in adds and dump requests (diff) | |
parent | xfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi (diff) | |
download | linux-ac68a3d3c3eba61c693d63a89223e1df8fe1f0c6.tar.xz linux-ac68a3d3c3eba61c693d63a89223e1df8fe1f0c6.zip |
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next
Steffen Klassert says:
====================
pull request (net-next): ipsec-next 2018-12-20
Two last patches for this release cycle:
1) Remove an unused variable in xfrm_policy_lookup_bytype().
From YueHaibing.
2) Fix possible infinite loop in __xfrm6_tunnel_alloc_spi().
Also from YueHaibing.
Please pull or let me know if there are problems.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/ipv6/xfrm6_tunnel.c | 3 | ||||
-rw-r--r-- | net/xfrm/xfrm_policy.c | 3 |
2 files changed, 3 insertions, 3 deletions
diff --git a/net/ipv6/xfrm6_tunnel.c b/net/ipv6/xfrm6_tunnel.c index 4a46df8441c9..f5b4febeaa25 100644 --- a/net/ipv6/xfrm6_tunnel.c +++ b/net/ipv6/xfrm6_tunnel.c @@ -144,6 +144,9 @@ static u32 __xfrm6_tunnel_alloc_spi(struct net *net, xfrm_address_t *saddr) index = __xfrm6_tunnel_spi_check(net, spi); if (index >= 0) goto alloc_spi; + + if (spi == XFRM6_TUNNEL_SPI_MAX) + break; } for (spi = XFRM6_TUNNEL_SPI_MIN; spi < xfrm6_tn->spi; spi++) { index = __xfrm6_tunnel_spi_check(net, spi); diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index d6acba07bdc9..934492bad8e0 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c @@ -2076,7 +2076,6 @@ static struct xfrm_policy *xfrm_policy_lookup_bytype(struct net *net, u8 type, struct xfrm_policy *pol, *ret; struct hlist_head *chain; unsigned int sequence; - u32 priority; int err; daddr = xfrm_flowi_daddr(fl, family); @@ -2091,7 +2090,6 @@ static struct xfrm_policy *xfrm_policy_lookup_bytype(struct net *net, u8 type, chain = policy_hash_direct(net, daddr, saddr, family, dir); } while (read_seqcount_retry(&xfrm_policy_hash_generation, sequence)); - priority = ~0U; ret = NULL; hlist_for_each_entry_rcu(pol, chain, bydst) { err = xfrm_policy_match(pol, fl, type, family, dir, if_id); @@ -2104,7 +2102,6 @@ static struct xfrm_policy *xfrm_policy_lookup_bytype(struct net *net, u8 type, } } else { ret = pol; - priority = ret->priority; break; } } |