net: xfrm: don't double-hold dst when sk_policy in use. (8a4b5784) · Commits · Kirill Smelkov / linux

Commit 8a4b5784 authored Aug 23, 2017 by

Lorenzo Colitti Committed by Steffen Klassert Aug 24, 2017

net: xfrm: don't double-hold dst when sk_policy in use.

While removing dst_entry garbage collection, commit 52df157f
("xfrm: take refcnt of dst when creating struct xfrm_dst bundle")
changed xfrm_resolve_and_create_bundle so it returns an xdst with
a refcount of 1 instead of 0.

However, it did not delete the dst_hold performed by xfrm_lookup
when a per-socket policy is in use. This means that when a
socket policy is in use, dst entries returned by xfrm_lookup have
a refcount of 2, and are not freed when no longer in use.

Cc: Wei Wang <weiwan@google.com>
Fixes: 52df157f ("xfrm: take refcnt of dst when creating struct xfrm_dst bundle")
Tested: https://android-review.googlesource.com/417481
Tested: https://android-review.googlesource.com/418659
Tested: https://android-review.googlesource.com/424463
Tested: https://android-review.googlesource.com/452776 passes on net-next
Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
Acked-by: Wei Wang <weiwan@google.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

parent 2b33bc8a

Hide whitespace changes

Inline Side-by-side

View file @ 8a4b5784

@@ -2226,7 +2226,6 @@ struct dst_entry *xfrm_lookup(struct net *net, struct dst_entry *dst_orig,
 				goto no_transform;
+			}
 			dst_hold(&xdst->u.dst);
 			route = xdst->route;
+		}
+	}
-...

Please register or to comment