[PATCH] slab: clean up kmem_getpages

[safe/jmp/linux-2.6] / net / xfrm / xfrm_user.c

diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index b46ee7d..c21dc26 100644 (file)
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -28,8 +28,6 @@
 #include <net/netlink.h>
 #include <asm/uaccess.h>
 
-struct sock *xfrm_nl;
-
 static int verify_one_alg(struct rtattr **xfrma, enum xfrm_attr_type_t type)
 {
        struct rtattr *rt = xfrma[type - 1];
@@ -103,9 +101,6 @@ static inline int verify_sec_ctx_len(struct rtattr **xfrma)
 
        uctx = RTA_DATA(rt);
 
-       if (uctx->ctx_len > PAGE_SIZE)
-               return -EINVAL;
-
        len += sizeof(struct xfrm_user_sec_ctx);
        len += uctx->ctx_len;
 
@@ -432,23 +427,25 @@ static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfrma)
        if (x == NULL)
                return -ESRCH;
 
+       if ((err = security_xfrm_state_delete(x)) != 0)
+               goto out;
+
        if (xfrm_state_kern(x)) {
-               xfrm_state_put(x);
-               return -EPERM;
+               err = -EPERM;
+               goto out;
        }
 
        err = xfrm_state_delete(x);
-       if (err < 0) {
-               xfrm_state_put(x);
-               return err;
-       }
+       if (err < 0)
+               goto out;
 
        c.seq = nlh->nlmsg_seq;
        c.pid = nlh->nlmsg_pid;
        c.event = nlh->nlmsg_type;
        km_state_notify(x, &c);
-       xfrm_state_put(x);
 
+out:
+       xfrm_state_put(x);
        return err;
 }
 
@@ -1060,6 +1057,8 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfr
                                              MSG_DONTWAIT);
                }
        } else {
+               if ((err = security_xfrm_policy_delete(xp)) != 0)
+                       goto out;
                c.data.byid = p->index;
                c.event = nlh->nlmsg_type;
                c.seq = nlh->nlmsg_seq;
@@ -1069,6 +1068,7 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, void **xfr
 
        xfrm_pol_put(xp);
 
+out:
        return err;
 }
 
@@ -1491,9 +1491,9 @@ static void xfrm_netlink_rcv(struct sock *sk, int len)
        unsigned int qlen = 0;
 
        do {
-               down(&xfrm_cfg_sem);
+               mutex_lock(&xfrm_cfg_mutex);
                netlink_run_queue(sk, &qlen, &xfrm_user_rcv_msg);
-               up(&xfrm_cfg_sem);
+               mutex_unlock(&xfrm_cfg_mutex);
 
        } while (qlen);
 }
@@ -1952,12 +1952,15 @@ static struct xfrm_mgr netlink_mgr = {
 
 static int __init xfrm_user_init(void)
 {
+       struct sock *nlsk;
+
        printk(KERN_INFO "Initializing IPsec netlink socket\n");
 
-       xfrm_nl = netlink_kernel_create(NETLINK_XFRM, XFRMNLGRP_MAX,
-                                       xfrm_netlink_rcv, THIS_MODULE);
-       if (xfrm_nl == NULL)
+       nlsk = netlink_kernel_create(NETLINK_XFRM, XFRMNLGRP_MAX,
+                                    xfrm_netlink_rcv, THIS_MODULE);
+       if (nlsk == NULL)
                return -ENOMEM;
+       rcu_assign_pointer(xfrm_nl, nlsk);
 
        xfrm_register_km(&netlink_mgr);
 
@@ -1966,13 +1969,16 @@ static int __init xfrm_user_init(void)
 
 static void __exit xfrm_user_exit(void)
 {
+       struct sock *nlsk = xfrm_nl;
+
        xfrm_unregister_km(&netlink_mgr);
-       sock_release(xfrm_nl->sk_socket);
+       rcu_assign_pointer(xfrm_nl, NULL);
+       synchronize_rcu();
+       sock_release(nlsk->sk_socket);
 }
 
 module_init(xfrm_user_init);
 module_exit(xfrm_user_exit);
 MODULE_LICENSE("GPL");
 MODULE_ALIAS_NET_PF_PROTO(PF_NETLINK, NETLINK_XFRM);
-EXPORT_SYMBOL(xfrm_nl);