• Eric Paris's avatar
    [IPSEC]: xfrm_policy delete security check misplaced · ef41aaa0
    Eric Paris authored
    The security hooks to check permissions to remove an xfrm_policy were
    actually done after the policy was removed.  Since the unlinking and
    deletion are done in xfrm_policy_by* functions this moves the hooks
    inside those 2 functions.  There we have all the information needed to
    do the security check and it can be done before the deletion.  Since
    auditing requires the result of that security check err has to be passed
    back and forth from the xfrm_policy_by* functions.
    
    This patch also fixes a bug where a deletion that failed the security
    check could cause improper accounting on the xfrm_policy
    (xfrm_get_policy didn't have a put on the exit path for the hold taken
    by xfrm_policy_by*)
    
    It also fixes the return code when no policy is found in
    xfrm_add_pol_expire.  In old code (at least back in the 2.6.18 days) err
    wasn't used before the return when no policy is found and so the
    initialization would cause err to be ENOENT.  But since err has since
    been used above when we don't get a policy back from the xfrm_policy_by*
    function we would always return 0 instead of the intended ENOENT.  Also
    fixed some white space damage in the same area.
    Signed-off-by: default avatarEric Paris <eparis@redhat.com>
    Acked-by: default avatarVenkat Yekkirala <vyekkirala@trustedcs.com>
    Acked-by: default avatarJames Morris <jmorris@namei.org>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    ef41aaa0
xfrm_user.c 55.5 KB