ipsec: Fix xfrm_state_walk race

[safe/jmp/linux-2.6] / net / netlink / af_netlink.c

diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 1d16d95..b0eacc0 100644 (file)
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -54,7 +54,6 @@
 #include <linux/mm.h>
 #include <linux/types.h>
 #include <linux/audit.h>
-#include <linux/selinux.h>
 #include <linux/mutex.h>
 
 #include <net/net_namespace.h>
@@ -159,9 +158,10 @@ static void netlink_sock_destruct(struct sock *sk)
                printk(KERN_ERR "Freeing alive netlink socket %p\n", sk);
                return;
        }
-       BUG_TRAP(!atomic_read(&sk->sk_rmem_alloc));
-       BUG_TRAP(!atomic_read(&sk->sk_wmem_alloc));
-       BUG_TRAP(!nlk_sk(sk)->groups);
+
+       WARN_ON(atomic_read(&sk->sk_rmem_alloc));
+       WARN_ON(atomic_read(&sk->sk_wmem_alloc));
+       WARN_ON(nlk_sk(sk)->groups);
 }
 
 /* This lock without WQ_FLAG_EXCLUSIVE is good on UP and it is _very_ bad on
@@ -228,7 +228,7 @@ static inline struct sock *netlink_lookup(struct net *net, int protocol,
        read_lock(&nl_table_lock);
        head = nl_pid_hashfn(hash, pid);
        sk_for_each(sk, node, head) {
-               if (sock_net(sk) == net && (nlk_sk(sk)->pid == pid)) {
+               if (net_eq(sock_net(sk), net) && (nlk_sk(sk)->pid == pid)) {
                        sock_hold(sk);
                        goto found;
                }
@@ -348,7 +348,7 @@ static int netlink_insert(struct sock *sk, struct net *net, u32 pid)
        head = nl_pid_hashfn(hash, pid);
        len = 0;
        sk_for_each(osk, node, head) {
-               if (sock_net(osk) == net && (nlk_sk(osk)->pid == pid))
+               if (net_eq(sock_net(osk), net) && (nlk_sk(osk)->pid == pid))
                        break;
                len++;
        }
@@ -532,7 +532,7 @@ retry:
        netlink_table_grab();
        head = nl_pid_hashfn(hash, pid);
        sk_for_each(osk, node, head) {
-               if (sock_net(osk) != net)
+               if (!net_eq(sock_net(osk), net))
                        continue;
                if (nlk_sk(osk)->pid == pid) {
                        /* Bind collision, search negative pid values. */
@@ -760,7 +760,7 @@ struct sock *netlink_getsockbyfilp(struct file *filp)
  * 0: continue
  * 1: repeat lookup - reference dropped while waiting for socket memory.
  */
-int netlink_attachskb(struct sock *sk, struct sk_buff *skb, int nonblock,
+int netlink_attachskb(struct sock *sk, struct sk_buff *skb,
                      long *timeo, struct sock *ssk)
 {
        struct netlink_sock *nlk;
@@ -887,13 +887,13 @@ retry:
                return netlink_unicast_kernel(sk, skb);
 
        if (sk_filter(sk, skb)) {
-               int err = skb->len;
+               err = skb->len;
                kfree_skb(skb);
                sock_put(sk);
                return err;
        }
 
-       err = netlink_attachskb(sk, skb, nonblock, &timeo, ssk);
+       err = netlink_attachskb(sk, skb, &timeo, ssk);
        if (err == 1)
                goto retry;
        if (err)
@@ -962,7 +962,7 @@ static inline int do_one_broadcast(struct sock *sk,
            !test_bit(p->group - 1, nlk->groups))
                goto out;
 
-       if (sock_net(sk) != p->net)
+       if (!net_eq(sock_net(sk), p->net))
                goto out;
 
        if (p->failure) {
@@ -1249,7 +1249,8 @@ static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock,
        NETLINK_CB(skb).pid     = nlk->pid;
        NETLINK_CB(skb).dst_group = dst_group;
        NETLINK_CB(skb).loginuid = audit_get_loginuid(current);
-       selinux_get_task_sid(current, &(NETLINK_CB(skb).sid));
+       NETLINK_CB(skb).sessionid = audit_get_sessionid(current);
+       security_task_getsecid(current, &(NETLINK_CB(skb).sid));
        memcpy(NETLINK_CREDS(skb), &siocb->scm->creds, sizeof(struct ucred));
 
        /* What can I do? Netlink is asynchronous, so that