Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec (6a787d6f) · Commits · e / devices / android_kernel_fairphone_FP5

net/xfrm/xfrm_policy.c

+19 −11

Original line number	Diff line number	Diff line
		@@ -1305,6 +1305,7 @@ static struct xfrm_policy clone_policy(const struct xfrm_policy old, int dir)
		newp->xfrm_nr = old->xfrm_nr;
		newp->index = old->index;
		newp->type = old->type;
		newp->family = old->family;
		memcpy(newp->xfrm_vec, old->xfrm_vec,
		newp->xfrm_nr*sizeof(struct xfrm_tmpl));
		spin_lock_bh(&net->xfrm.xfrm_policy_lock);
		@@ -1360,14 +1361,18 @@ xfrm_tmpl_resolve_one(struct xfrm_policy policy, const struct flowi fl,
		struct net *net = xp_net(policy);
		int nx;
		int i, error;
		xfrm_address_t *daddr = xfrm_flowi_daddr(fl, family);
		xfrm_address_t *saddr = xfrm_flowi_saddr(fl, family);
		xfrm_address_t tmp;

		for (nx = 0, i = 0; i < policy->xfrm_nr; i++) {
		struct xfrm_state *x;
		xfrm_address_t *local;
		xfrm_address_t *remote;
		xfrm_address_t *remote = daddr;
		xfrm_address_t *local = saddr;
		struct xfrm_tmpl *tmpl = &policy->xfrm_vec[i];

		if (tmpl->mode == XFRM_MODE_TUNNEL \|\|
		tmpl->mode == XFRM_MODE_BEET) {
		remote = &tmpl->id.daddr;
		local = &tmpl->saddr;
		if (xfrm_addr_any(local, tmpl->encap_family)) {
		@@ -1378,11 +1383,14 @@ xfrm_tmpl_resolve_one(struct xfrm_policy policy, const struct flowi fl,
		goto fail;
		local = &tmp;
		}
		}

		x = xfrm_state_find(remote, local, fl, tmpl, policy, &error, family);

		if (x && x->km.state == XFRM_STATE_VALID) {
		xfrm[nx++] = x;
		daddr = remote;
		saddr = local;
		continue;
		}
		if (x) {