[IPSEC]: xfrm audit hook misplaced in pfkey_delete and xfrm_del_sa (16bec31d) · Commits · e / devices / android_kernel_xiaomi_markw

net/key/af_key.c

+2 −3

Original line number	Original line	Diff line number	Diff line
	@@ -1467,9 +1467,6 @@ static int pfkey_delete(struct sock sk, struct sk_buff skb, struct sadb_msg *h

	err = xfrm_state_delete(x);		err = xfrm_state_delete(x);

	xfrm_audit_log(audit_get_loginuid(current->audit_context), 0,
	AUDIT_MAC_IPSEC_DELSA, err ? 0 : 1, NULL, x);

	if (err < 0)		if (err < 0)
	goto out;		goto out;

	@@ -1478,6 +1475,8 @@ static int pfkey_delete(struct sock sk, struct sk_buff skb, struct sadb_msg *h
	c.event = XFRM_MSG_DELSA;		c.event = XFRM_MSG_DELSA;
	km_state_notify(x, &c);		km_state_notify(x, &c);
	out:		out:
			xfrm_audit_log(audit_get_loginuid(current->audit_context), 0,
			AUDIT_MAC_IPSEC_DELSA, err ? 0 : 1, NULL, x);
	xfrm_state_put(x);		xfrm_state_put(x);

	return err;		return err;

+2 −3

Original line number	Original line	Diff line number	Diff line
	@@ -530,9 +530,6 @@ static int xfrm_del_sa(struct sk_buff skb, struct nlmsghdr nlh,

	err = xfrm_state_delete(x);		err = xfrm_state_delete(x);

	xfrm_audit_log(NETLINK_CB(skb).loginuid, NETLINK_CB(skb).sid,
	AUDIT_MAC_IPSEC_DELSA, err ? 0 : 1, NULL, x);

	if (err < 0)		if (err < 0)
	goto out;		goto out;

	@@ -542,6 +539,8 @@ static int xfrm_del_sa(struct sk_buff skb, struct nlmsghdr nlh,
	km_state_notify(x, &c);		km_state_notify(x, &c);

	out:		out:
			xfrm_audit_log(NETLINK_CB(skb).loginuid, NETLINK_CB(skb).sid,
			AUDIT_MAC_IPSEC_DELSA, err ? 0 : 1, NULL, x);
	xfrm_state_put(x);		xfrm_state_put(x);
	return err;		return err;
	}		}