summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2018-12-20 17:21:47 +0100
committerDavid S. Miller <davem@davemloft.net>2018-12-20 17:21:47 +0100
commitac68a3d3c3eba61c693d63a89223e1df8fe1f0c6 (patch)
treea22c1d9403987da5517b888dfa1906bced8de07e
parentneighbor: Use nda_policy for validating attributes in adds and dump requests (diff)
parentxfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi (diff)
downloadlinux-ac68a3d3c3eba61c693d63a89223e1df8fe1f0c6.tar.xz
linux-ac68a3d3c3eba61c693d63a89223e1df8fe1f0c6.zip
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next
Steffen Klassert says: ==================== pull request (net-next): ipsec-next 2018-12-20 Two last patches for this release cycle: 1) Remove an unused variable in xfrm_policy_lookup_bytype(). From YueHaibing. 2) Fix possible infinite loop in __xfrm6_tunnel_alloc_spi(). Also from YueHaibing. Please pull or let me know if there are problems. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv6/xfrm6_tunnel.c3
-rw-r--r--net/xfrm/xfrm_policy.c3
2 files changed, 3 insertions, 3 deletions
diff --git a/net/ipv6/xfrm6_tunnel.c b/net/ipv6/xfrm6_tunnel.c
index 4a46df8441c9..f5b4febeaa25 100644
--- a/net/ipv6/xfrm6_tunnel.c
+++ b/net/ipv6/xfrm6_tunnel.c
@@ -144,6 +144,9 @@ static u32 __xfrm6_tunnel_alloc_spi(struct net *net, xfrm_address_t *saddr)
index = __xfrm6_tunnel_spi_check(net, spi);
if (index >= 0)
goto alloc_spi;
+
+ if (spi == XFRM6_TUNNEL_SPI_MAX)
+ break;
}
for (spi = XFRM6_TUNNEL_SPI_MIN; spi < xfrm6_tn->spi; spi++) {
index = __xfrm6_tunnel_spi_check(net, spi);
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index d6acba07bdc9..934492bad8e0 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -2076,7 +2076,6 @@ static struct xfrm_policy *xfrm_policy_lookup_bytype(struct net *net, u8 type,
struct xfrm_policy *pol, *ret;
struct hlist_head *chain;
unsigned int sequence;
- u32 priority;
int err;
daddr = xfrm_flowi_daddr(fl, family);
@@ -2091,7 +2090,6 @@ static struct xfrm_policy *xfrm_policy_lookup_bytype(struct net *net, u8 type,
chain = policy_hash_direct(net, daddr, saddr, family, dir);
} while (read_seqcount_retry(&xfrm_policy_hash_generation, sequence));
- priority = ~0U;
ret = NULL;
hlist_for_each_entry_rcu(pol, chain, bydst) {
err = xfrm_policy_match(pol, fl, type, family, dir, if_id);
@@ -2104,7 +2102,6 @@ static struct xfrm_policy *xfrm_policy_lookup_bytype(struct net *net, u8 type,
}
} else {
ret = pol;
- priority = ret->priority;
break;
}
}