Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next

		return -EAFNOSUPPORT;

	spin_lock_bh(&xfrm_input_afinfo_lock);

	if (unlikely(xfrm_input_afinfo[afinfo->family] != NULL))

		err = -ENOBUFS;

		err = -EEXIST;

	else

		rcu_assign_pointer(xfrm_input_afinfo[afinfo->family], afinfo);

	spin_unlock_bh(&xfrm_input_afinfo_lock);

		skb->sp->xvec[skb->sp->len++] = x;

		spin_lock(&x->lock);

		if (unlikely(x->km.state == XFRM_STATE_ACQ)) {

			XFRM_INC_STATS(net, LINUX_MIB_XFRMACQUIREERROR);

			goto drop_unlock;

		}

		if (unlikely(x->km.state != XFRM_STATE_VALID)) {

			XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATEINVALID);

			if (x->km.state == XFRM_STATE_ACQ)

				XFRM_INC_STATS(net, LINUX_MIB_XFRMACQUIREERROR);

			else

				XFRM_INC_STATS(net,

					       LINUX_MIB_XFRMINSTATEINVALID);

			goto drop_unlock;

		}

}

EXPORT_SYMBOL(xfrm_policy_destroy);

static void xfrm_queue_purge(struct sk_buff_head *list)

{

	struct sk_buff *skb;

	while ((skb = skb_dequeue(list)) != NULL)

		kfree_skb(skb);

}

/* Rule must be locked. Release descentant resources, announce

 * entry dead. The rule must be unlinked from lists to the moment.

 */

	if (del_timer(&policy->polq.hold_timer))

		xfrm_pol_put(policy);

	xfrm_queue_purge(&policy->polq.hold_queue);

	skb_queue_purge(&policy->polq.hold_queue);

	if (del_timer(&policy->timer))

		xfrm_pol_put(policy);

	struct xfrm_policy_queue *pq = &old->polq;

	struct sk_buff_head list;

	if (skb_queue_empty(&pq->hold_queue))

		return;

	__skb_queue_head_init(&list);

	spin_lock_bh(&pq->hold_queue.lock);

		xfrm_pol_put(old);

	spin_unlock_bh(&pq->hold_queue.lock);

	if (skb_queue_empty(&list))

		return;

	pq = &new->polq;

	spin_lock_bh(&pq->hold_queue.lock);

	if (list_empty(&walk->walk.all))

		x = list_first_entry(&net->xfrm.policy_all, struct xfrm_policy_walk_entry, all);

	else

		x = list_entry(&walk->walk.all, struct xfrm_policy_walk_entry, all);

		x = list_first_entry(&walk->walk.all,

				     struct xfrm_policy_walk_entry, all);

	list_for_each_entry_from(x, &net->xfrm.policy_all, all) {

		if (x->dead)

			continue;

	}

	chain = &net->xfrm.policy_inexact[dir];

	hlist_for_each_entry(pol, chain, bydst) {

		if ((pol->priority >= priority) && ret)

			break;

		err = xfrm_policy_match(pol, fl, type, family, dir);

		if (err) {

			if (err == -ESRCH)

				ret = ERR_PTR(err);

				goto fail;

			}

		} else if (pol->priority < priority) {

		} else {

			ret = pol;

			break;

		}

	}

	if (ret)

	xfrm_pol_hold(ret);

fail:

	read_unlock_bh(&net->xfrm.xfrm_policy_lock);

purge_queue:

	pq->timeout = 0;

	xfrm_queue_purge(&pq->hold_queue);

	skb_queue_purge(&pq->hold_queue);

	xfrm_pol_put(pol);

}

		return -EAFNOSUPPORT;

	spin_lock(&xfrm_policy_afinfo_lock);

	if (unlikely(xfrm_policy_afinfo[afinfo->family] != NULL))

		err = -ENOBUFS;

		err = -EEXIST;

	else {

		struct dst_ops *dst_ops = afinfo->dst_ops;

		if (likely(dst_ops->kmem_cachep == NULL))

	}

	chain = &net->xfrm.policy_inexact[dir];

	hlist_for_each_entry(pol, chain, bydst) {

		if ((pol->priority >= priority) && ret)

			break;

		if (xfrm_migrate_selector_match(sel, &pol->selector) &&

		    pol->type == type &&

		    pol->priority < priority) {

		    pol->type == type) {

			ret = pol;

			break;

		}

	}

	if (ret)

	xfrm_pol_hold(ret);

	read_unlock_bh(&net->xfrm.xfrm_policy_lock);

	if (list_empty(&walk->all))

		x = list_first_entry(&net->xfrm.state_all, struct xfrm_state_walk, all);

	else

		x = list_entry(&walk->all, struct xfrm_state_walk, all);

		x = list_first_entry(&walk->all, struct xfrm_state_walk, all);

	list_for_each_entry_from(x, &net->xfrm.state_all, all) {

		if (x->state == XFRM_STATE_DEAD)

			continue;

		return -EAFNOSUPPORT;

	spin_lock_bh(&xfrm_state_afinfo_lock);

	if (unlikely(xfrm_state_afinfo[afinfo->family] != NULL))

		err = -ENOBUFS;

		err = -EEXIST;

	else

		rcu_assign_pointer(xfrm_state_afinfo[afinfo->family], afinfo);

	spin_unlock_bh(&xfrm_state_afinfo_lock);