This is the patch referred to in the netlink_get_spi thread.
I was actually wrong about the reason for this patch though. Firstly
it's the SPI check that is redundant and not the find_acq() call.
And it's redundant because of the find_acq() patch, not because
of the fact that this is in xfrm_state_add().
Now that find_acq() only returns SAs with SPIs, we don't need to
check this in xfrm_state_add() anymore.
We do still need the call though to clean up leftover larval states.
Another side-effect of the change is that we can move the existence
check above find_acq() since find_acq() will never return any SAs
matching the SPI we're trying to add (It doesn't need to because if
an SA with a matching SPI existed, it would've been returned by
state_lookup() already).
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@redhat.com>
spin_lock_bh(&xfrm_state_lock);
x1 = afinfo->state_lookup(&x->id.daddr, x->id.spi, x->id.proto);
- if (!x1) {
- x1 = afinfo->find_acq(
- x->props.mode, x->props.reqid, x->id.proto,
- &x->id.daddr, &x->props.saddr, 0);
- if (x1 && x1->id.spi != x->id.spi && x1->id.spi) {
- xfrm_state_put(x1);
- x1 = NULL;
- }
- }
-
- if (x1 && x1->id.spi) {
+ if (x1) {
xfrm_state_put(x1);
x1 = NULL;
err = -EEXIST;
goto out;
}
+ x1 = afinfo->find_acq(
+ x->props.mode, x->props.reqid, x->id.proto,
+ &x->id.daddr, &x->props.saddr, 0);
+
__xfrm_state_insert(x);
err = 0;
projects / linux / commitdiff