[IPSEC]: Remove bogus ref count in xfrm_secpath_reject
authorHerbert Xu <herbert@gondor.apana.org.au>
Tue, 9 Oct 2007 20:24:07 +0000 (13:24 -0700)
committerDavid S. Miller <davem@sunset.davemloft.net>
Wed, 10 Oct 2007 23:54:59 +0000 (16:54 -0700)
Constructs of the form

xfrm_state_hold(x);
foo(x);
xfrm_state_put(x);

tend to be broken because foo is either synchronous where this is totally
unnecessary or if foo is asynchronous then the reference count is in the
wrong spot.

In the case of xfrm_secpath_reject, the function is synchronous and therefore
we should just kill the reference count.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/xfrm/xfrm_policy.c

index 76f172f13f90536a729ef420cfc0ecba53301de5..af27c193697c5ceede169a36588ed36cbd4e4abb 100644 (file)
@@ -1682,17 +1682,13 @@ static inline int
 xfrm_secpath_reject(int idx, struct sk_buff *skb, struct flowi *fl)
 {
        struct xfrm_state *x;
-       int err;
 
        if (!skb->sp || idx < 0 || idx >= skb->sp->len)
                return 0;
        x = skb->sp->xvec[idx];
        if (!x->type->reject)
                return 0;
-       xfrm_state_hold(x);
-       err = x->type->reject(x, skb, fl);
-       xfrm_state_put(x);
-       return err;
+       return x->type->reject(x, skb, fl);
 }
 
 /* When skb is transformed back to its "native" form, we have to