Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec

Steffen Klassert says: ==================== pull request (net): ipsec 2016-09-21 1) Propagate errors on security context allocation. From Mathias Krause. 2) Fix inbound policy checks for inter address family tunnels. From Thomas Zeitlhofer. 3) Fix an old memory leak on aead algorithm usage. From Ilan Tayari. 4) A recent patch fixed a possible NULL pointer dereference but broke the vti6 input path. Fix from Nicolas Dichtel. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
author: David S. Miller <davem@davemloft.net> 2016-09-22 02:56:23 -0400
committer: David S. Miller <davem@davemloft.net> 2016-09-22 02:56:23 -0400
commit: ba1ba25d3159573ffdc9e79e5c3dfcf9c5742964 (patch)
tree: c2572c4362e4ceaa7bfc6b2d6136d22026d37c40 /net/xfrm/xfrm_user.c
parent: 290b774a1e0cb385658ba117452e2a2962323b1f (diff)
parent: 63c43787d35e45562a6b5927e2edc8f4783d95b8 (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index cb65d916a345..08892091cfe3 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -581,9 +581,12 @@ static struct xfrm_state *xfrm_state_construct(struct net *net,
 	if (err)
 		goto error;
 
-	if (attrs[XFRMA_SEC_CTX] &&
-	    security_xfrm_state_alloc(x, nla_data(attrs[XFRMA_SEC_CTX])))
-		goto error;
+	if (attrs[XFRMA_SEC_CTX]) {
+		err = security_xfrm_state_alloc(x,
+						nla_data(attrs[XFRMA_SEC_CTX]));
+		if (err)
+			goto error;
+	}
 
 	if ((err = xfrm_alloc_replay_state_esn(&x->replay_esn, &x->preplay_esn,
 					       attrs[XFRMA_REPLAY_ESN_VAL])))
author	David S. Miller <davem@davemloft.net>	2016-09-22 02:56:23 -0400
committer	David S. Miller <davem@davemloft.net>	2016-09-22 02:56:23 -0400
commit	ba1ba25d3159573ffdc9e79e5c3dfcf9c5742964 (patch)
tree	c2572c4362e4ceaa7bfc6b2d6136d22026d37c40 /net/xfrm/xfrm_user.c
parent	290b774a1e0cb385658ba117452e2a2962323b1f (diff)
parent	63c43787d35e45562a6b5927e2edc8f4783d95b8 (diff)