[3/9] [IPSEC]: Fix __xfrm_find_acq_byseq()

From: Chris Wright
Date: Wed Mar 16 2005 - 19:03:14 EST

Next message: Chris Wright: "[7/9] Timercode race in AX.25"
Previous message: Rik van Riel: "Re: [PATCH] Xen/i386 cleanups - AGP bus/phys cleanups"
In reply to: Jeff Garzik: "Re: [2/9] Possible AMD8111e free irq issue"
Next in thread: Chris Wright: "[7/9] Timercode race in AX.25"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-stable review patch. If anyone has any objections, please let us know.

----

From: "David S. Miller" <davem@xxxxxxxxxxxxx>

This function, as it's name implies, is supposed to only
return IPSEC objects which are in the XFRM_STATE_ACQ
("acquire") state. But it returns any object with the
matching sequence number.

This is wrong and confuses IPSEC daemons to no end.

[XFRM]: xfrm_find_acq_byseq should only return XFRM_STATE_ACQ states.

Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx>
Signed-off-by: Chris Wright <chrisw@xxxxxxxx>

diff -Nru a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
--- a/net/xfrm/xfrm_state.c 2005-03-16 14:27:04 -08:00
+++ b/net/xfrm/xfrm_state.c 2005-03-16 14:27:04 -08:00
@@ -609,7 +609,7 @@

for (i = 0; i < XFRM_DST_HSIZE; i++) {
list_for_each_entry(x, xfrm_state_bydst+i, bydst) {
- if (x->km.seq == seq) {
+ if (x->km.seq == seq && x->km.state == XFRM_STATE_ACQ) {
xfrm_state_hold(x);
return x;
}
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Chris Wright: "[7/9] Timercode race in AX.25"
Previous message: Rik van Riel: "Re: [PATCH] Xen/i386 cleanups - AGP bus/phys cleanups"
In reply to: Jeff Garzik: "Re: [2/9] Possible AMD8111e free irq issue"
Next in thread: Chris Wright: "[7/9] Timercode race in AX.25"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]