From: Patrick McHardy <kaber@trash.net>
To: "David S. Miller" <davem@redhat.com>
Cc: netdev@oss.sgi.com
Subject: [PATCH 2.6]: Fix policy update bug when increasing priority of last policy
Date: Mon, 18 Oct 2004 22:48:36 +0200 [thread overview]
Message-ID: <41742C24.6070305@trash.net> (raw)
[-- Attachment #1: Type: text/plain, Size: 1555 bytes --]
When the last policy for a direction is replaced by a policy
with equal selector but a higher priority, insertion of the
new policy fails.
in xfrm_policy_insert:
for (p = &xfrm_policy_list[dir]; (pol=*p)!=NULL; p = &pol->next) {
if (!delpol && memcmp(&policy->selector, &pol->selector,
sizeof(pol->selector)) == 0) {
if (excl) {
write_unlock_bh(&xfrm_policy_lock);
return -EEXIST;
}
*p = pol->next;
delpol = pol;
X if (policy->priority > pol->priority)
X continue;
} else if (policy->priority >= pol->priority)
continue;
if (!newpos)
newpos = p;
if (delpol)
break;
}
If the new policy has a higher priority than the old one, the
loop will be continued in the lines marked with X, but because
there are no further elements, it will leave the loop without
setting newpos.
The problem can be verified with ip xfrm:
# ip xfrm policy list
# ip xfrm policy update dir fwd src 10.0.0.1 dst 10.0.0.2 action allow
priority 0
# ip xfrm policy list
src 10.0.0.1/32 dst 10.0.0.2/32
dir fwd priority 0
# ip xfrm policy update dir fwd src 10.0.0.1 dst 10.0.0.2 action allow
priority 1
# ip xfrm policy list
#
This patch checks for *p != NULL before continuing the loop.
Regards
Patrick
[-- Attachment #2: x --]
[-- Type: text/plain, Size: 881 bytes --]
# This is a BitKeeper generated diff -Nru style patch.
#
# ChangeSet
# 2004/10/18 21:57:18+02:00 kaber@coreworks.de
# [XFRM]: Fix policy update bug when increasing priority of last policy
#
# Signed-off-by: Patrick McHardy <kaber@trash.net>
#
# net/xfrm/xfrm_policy.c
# 2004/10/18 21:56:41+02:00 kaber@coreworks.de +1 -1
# [XFRM]: Fix policy update bug when increasing priority of last policy
#
# Signed-off-by: Patrick McHardy <kaber@trash.net>
#
diff -Nru a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
--- a/net/xfrm/xfrm_policy.c 2004-10-18 21:58:24 +02:00
+++ b/net/xfrm/xfrm_policy.c 2004-10-18 21:58:24 +02:00
@@ -340,7 +340,7 @@
}
*p = pol->next;
delpol = pol;
- if (policy->priority > pol->priority)
+ if (policy->priority > pol->priority && *p != NULL)
continue;
} else if (policy->priority >= pol->priority)
continue;
next reply other threads:[~2004-10-18 20:48 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-10-18 20:48 Patrick McHardy [this message]
2004-10-18 23:48 ` [PATCH 2.6]: Fix policy update bug when increasing priority of last policy Herbert Xu
2004-10-19 14:24 ` Patrick McHardy
2004-10-21 5:05 ` David S. Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41742C24.6070305@trash.net \
--to=kaber@trash.net \
--cc=davem@redhat.com \
--cc=netdev@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).