xfrm: Flushing empty SPD generates false events

[safe/jmp/linux-2.6] / net / key / af_key.c

diff --git a/net/key/af_key.c b/net/key/af_key.c
index c269ce6..a20d2fa 100644 (file)
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -2735,8 +2735,11 @@ static int pfkey_spdflush(struct sock *sk, struct sk_buff *skb, struct sadb_msg
        audit_info.secid = 0;
        err = xfrm_policy_flush(net, XFRM_POLICY_TYPE_MAIN, &audit_info);
        err2 = unicast_flush_resp(sk, hdr);
-       if (err || err2)
-               return err ? err : err2;
+       if (err || err2) {
+               if (err == -ESRCH) /* empty table - old silent behavior */
+                       return 0;
+               return err;
+       }
 
        c.data.type = XFRM_POLICY_TYPE_MAIN;
        c.event = XFRM_MSG_FLUSHPOLICY;