Skip to content

Commit ac37e25

Browse files
huaibin Wangklassert
huaibin Wang
authored and
klassert
committed
xfrm: release dst_orig in case of error in xfrm_lookup()
dst_orig should be released on error. Function like __xfrm_route_forward() expects that behavior. Since a recent commit, xfrm_lookup() may also be called by xfrm_lookup_route(), which expects the opposite. Let's introduce a new flag (XFRM_LOOKUP_KEEP_DST_REF) to tell what should be done in case of error. Fixes: f92ee61("xfrm: Generate blackhole routes only from route lookup functions") Signed-off-by: huaibin Wang <[email protected]> Signed-off-by: Nicolas Dichtel <[email protected]> Signed-off-by: Steffen Klassert <[email protected]>
1 parent 044a832 commit ac37e25

File tree

2 files changed

+7
-6
lines changed

2 files changed

+7
-6
lines changed

include/net/dst.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -481,6 +481,7 @@ void dst_init(void);
481481
enum {
482482
XFRM_LOOKUP_ICMP = 1 << 0,
483483
XFRM_LOOKUP_QUEUE = 1 << 1,
484+
XFRM_LOOKUP_KEEP_DST_REF = 1 << 2,
484485
};
485486

486487
struct flowi;

net/xfrm/xfrm_policy.c

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -2269,11 +2269,9 @@ struct dst_entry *xfrm_lookup(struct net *net, struct dst_entry *dst_orig,
22692269
* have the xfrm_state's. We need to wait for KM to
22702270
* negotiate new SA's or bail out with error.*/
22712271
if (net->xfrm.sysctl_larval_drop) {
2272-
dst_release(dst);
2273-
xfrm_pols_put(pols, drop_pols);
22742272
XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTNOSTATES);
2275-
2276-
return ERR_PTR(-EREMOTE);
2273+
err = -EREMOTE;
2274+
goto error;
22772275
}
22782276

22792277
err = -EAGAIN;
@@ -2324,7 +2322,8 @@ struct dst_entry *xfrm_lookup(struct net *net, struct dst_entry *dst_orig,
23242322
error:
23252323
dst_release(dst);
23262324
dropdst:
2327-
dst_release(dst_orig);
2325+
if (!(flags & XFRM_LOOKUP_KEEP_DST_REF))
2326+
dst_release(dst_orig);
23282327
xfrm_pols_put(pols, drop_pols);
23292328
return ERR_PTR(err);
23302329
}
@@ -2338,7 +2337,8 @@ struct dst_entry *xfrm_lookup_route(struct net *net, struct dst_entry *dst_orig,
23382337
struct sock *sk, int flags)
23392338
{
23402339
struct dst_entry *dst = xfrm_lookup(net, dst_orig, fl, sk,
2341-
flags | XFRM_LOOKUP_QUEUE);
2340+
flags | XFRM_LOOKUP_QUEUE |
2341+
XFRM_LOOKUP_KEEP_DST_REF);
23422342

23432343
if (IS_ERR(dst) && PTR_ERR(dst) == -EREMOTE)
23442344
return make_blackhole(net, dst_orig->ops->family, dst_orig);

0 commit comments

Comments
 (0)