diff options
author | Florian Westphal <fw@strlen.de> | 2016-11-17 13:21:46 +0100 |
---|---|---|
committer | Steffen Klassert <steffen.klassert@secunet.com> | 2016-11-18 07:00:05 +0100 |
commit | 330e832abda923df06a4ca6d3faac6e9c1b42548 (patch) | |
tree | cbe128eef39cf12faf87898eebd7fdfd54f9a6bc /net | |
parent | vti6: flush x-netns xfrm cache when vti interface is removed (diff) | |
download | linux-330e832abda923df06a4ca6d3faac6e9c1b42548.tar.xz linux-330e832abda923df06a4ca6d3faac6e9c1b42548.zip |
xfrm: unbreak xfrm_sk_policy_lookup
if we succeed grabbing the refcount, then
if (err && !xfrm_pol_hold_rcu)
will evaluate to false so this hits last else branch which then
sets policy to ERR_PTR(0).
Fixes: ae33786f73a7ce ("xfrm: policy: only use rcu in xfrm_sk_policy_lookup")
Reported-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Tested-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net')
-rw-r--r-- | net/xfrm/xfrm_policy.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index fd6986634e6f..5bf7e1bfeac7 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c @@ -1268,12 +1268,14 @@ static struct xfrm_policy *xfrm_sk_policy_lookup(const struct sock *sk, int dir, err = security_xfrm_policy_lookup(pol->security, fl->flowi_secid, policy_to_flow_dir(dir)); - if (!err && !xfrm_pol_hold_rcu(pol)) - goto again; - else if (err == -ESRCH) + if (!err) { + if (!xfrm_pol_hold_rcu(pol)) + goto again; + } else if (err == -ESRCH) { pol = NULL; - else + } else { pol = ERR_PTR(err); + } } else pol = NULL; } |