rfkill: drop current_state from tasks in rfkill-input

[linux-2.6-omap-h63xx.git] / net / xfrm / xfrm_state.c
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c

index 9880b792e6a52bbf4c4032f41468cf8b817c99b0..72fddafd891a0b3f3be603804e6c5727a56a5b3d 100644 (file)
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c
@@ -389,6 +389,8 @@ static void xfrm_state_gc_destroy(struct xfrm_state *x)
         kfree(x->coaddr);
         if (x->inner_mode)
                 xfrm_put_mode(x->inner_mode);
+       if (x->inner_mode_iaf)
+               xfrm_put_mode(x->inner_mode_iaf);
         if (x->outer_mode)
                 xfrm_put_mode(x->outer_mode);
         if (x->type) {
@@ -494,7 +496,8 @@ expired:
                 km_state_expired(x, 1, 0);
  
         xfrm_audit_state_delete(x, err ? 0 : 1,
-                               audit_get_loginuid(current), 0);
+                               audit_get_loginuid(current),
+                               audit_get_sessionid(current), 0);
  
  out:
         spin_unlock(&x->lock);
@@ -525,6 +528,8 @@ struct xfrm_state *xfrm_state_alloc(void)
                 x->lft.hard_packet_limit = XFRM_INF;
                 x->replay_maxage = 0;
                 x->replay_maxdiff = 0;
+               x->inner_mode = NULL;
+               x->inner_mode_iaf = NULL;
                 spin_lock_init(&x->lock);
         }
         return x;
@@ -599,6 +604,7 @@ xfrm_state_flush_secctx_check(u8 proto, struct xfrm_audit *audit_info)
                            (err = security_xfrm_state_delete(x)) != 0) {
                                 xfrm_audit_state_delete(x, 0,
                                                         audit_info->loginuid,
+                                                       audit_info->sessionid,
                                                         audit_info->secid);
                                 return err;
                         }
@@ -637,6 +643,7 @@ restart:
                                 err = xfrm_state_delete(x);
                                 xfrm_audit_state_delete(x, err ? 0 : 1,
                                                         audit_info->loginuid,
+                                                       audit_info->sessionid,
                                                         audit_info->secid);
                                 xfrm_state_put(x);
  
@@ -802,7 +809,7 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr,
                               selector.
                          */
                         if (x->km.state == XFRM_STATE_VALID) {
-                               if (!xfrm_selector_match(&x->sel, fl, x->sel.family) ||
+                               if ((x->sel.family && !xfrm_selector_match(&x->sel, fl, x->sel.family)) ||
                                     !security_xfrm_state_pol_flow_match(x, pol, fl))
                                         continue;
                                 if (!best ||
@@ -1963,6 +1970,7 @@ int xfrm_state_mtu(struct xfrm_state *x, int mtu)
  int xfrm_init_state(struct xfrm_state *x)
  {
         struct xfrm_state_afinfo *afinfo;
+       struct xfrm_mode *inner_mode;
         int family = x->props.family;
         int err;
  
@@ -1981,13 +1989,48 @@ int xfrm_init_state(struct xfrm_state *x)
                 goto error;
  
         err = -EPROTONOSUPPORT;
-       x->inner_mode = xfrm_get_mode(x->props.mode, x->sel.family);
-       if (x->inner_mode == NULL)
-               goto error;
  
-       if (!(x->inner_mode->flags & XFRM_MODE_FLAG_TUNNEL) &&
-           family != x->sel.family)
-               goto error;
+       if (x->sel.family != AF_UNSPEC) {
+               inner_mode = xfrm_get_mode(x->props.mode, x->sel.family);
+               if (inner_mode == NULL)
+                       goto error;
+
+               if (!(inner_mode->flags & XFRM_MODE_FLAG_TUNNEL) &&
+                   family != x->sel.family) {
+                       xfrm_put_mode(inner_mode);
+                       goto error;
+               }
+
+               x->inner_mode = inner_mode;
+       } else {
+               struct xfrm_mode *inner_mode_iaf;
+
+               inner_mode = xfrm_get_mode(x->props.mode, AF_INET);
+               if (inner_mode == NULL)
+                       goto error;
+
+               if (!(inner_mode->flags & XFRM_MODE_FLAG_TUNNEL)) {
+                       xfrm_put_mode(inner_mode);
+                       goto error;
+               }
+
+               inner_mode_iaf = xfrm_get_mode(x->props.mode, AF_INET6);
+               if (inner_mode_iaf == NULL)
+                       goto error;
+
+               if (!(inner_mode_iaf->flags & XFRM_MODE_FLAG_TUNNEL)) {
+                       xfrm_put_mode(inner_mode_iaf);
+                       goto error;
+               }
+
+               if (x->props.family == AF_INET) {
+                       x->inner_mode = inner_mode;
+                       x->inner_mode_iaf = inner_mode_iaf;
+               } else {
+                       x->inner_mode = inner_mode_iaf;
+                       x->inner_mode_iaf = inner_mode;
+               }
+       }
  
         x->type = xfrm_get_type(x->id.proto, family);
         if (x->type == NULL)
@@ -2072,7 +2115,7 @@ static void xfrm_audit_helper_pktinfo(struct sk_buff *skb, u16 family,
                 iph6 = ipv6_hdr(skb);
                 audit_log_format(audit_buf,
                                  " src=" NIP6_FMT " dst=" NIP6_FMT
-                                " flowlbl=0x%x%x%x",
+                                " flowlbl=0x%x%02x%02x",
                                  NIP6(iph6->saddr),
                                  NIP6(iph6->daddr),
                                  iph6->flow_lbl[0] & 0x0f,
@@ -2083,14 +2126,14 @@ static void xfrm_audit_helper_pktinfo(struct sk_buff *skb, u16 family,
  }
  
  void xfrm_audit_state_add(struct xfrm_state *x, int result,
-                         u32 auid, u32 secid)
+                         uid_t auid, u32 sessionid, u32 secid)
  {
         struct audit_buffer *audit_buf;
  
         audit_buf = xfrm_audit_start("SAD-add");
         if (audit_buf == NULL)
                 return;
-       xfrm_audit_helper_usrinfo(auid, secid, audit_buf);
+       xfrm_audit_helper_usrinfo(auid, sessionid, secid, audit_buf);
         xfrm_audit_helper_sainfo(x, audit_buf);
         audit_log_format(audit_buf, " res=%u", result);
         audit_log_end(audit_buf);
@@ -2098,14 +2141,14 @@ void xfrm_audit_state_add(struct xfrm_state *x, int result,
  EXPORT_SYMBOL_GPL(xfrm_audit_state_add);
  
  void xfrm_audit_state_delete(struct xfrm_state *x, int result,
-                            u32 auid, u32 secid)
+                            uid_t auid, u32 sessionid, u32 secid)
  {
         struct audit_buffer *audit_buf;
  
         audit_buf = xfrm_audit_start("SAD-delete");
         if (audit_buf == NULL)
                 return;
-       xfrm_audit_helper_usrinfo(auid, secid, audit_buf);
+       xfrm_audit_helper_usrinfo(auid, sessionid, secid, audit_buf);
         xfrm_audit_helper_sainfo(x, audit_buf);
         audit_log_format(audit_buf, " res=%u", result);
         audit_log_end(audit_buf);