[IPSEC]: Remove bogus ref count in xfrm_secpath_reject Constructs of the form xfrm_state_hold(x); foo(x); xfrm_state_put(x); tend to be broken because foo is either synchronous where this is totally unnecessary or if foo is asynchronous then the reference count is in the wrong spot. In the case of xfrm_secpath_reject, the function is synchronous and therefore we should just kill the reference count. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: 1ecafede835321ebdc396531245adc37d22366f7 [log] [tgz]
author: Herbert Xu <herbert@gondor.apana.org.au> Tue Oct 09 13:24:07 2007 -0700
committer: David S. Miller <davem@sunset.davemloft.net> Wed Oct 10 16:54:59 2007 -0700
tree: 230419433b8a08b86abf8998da84652c66c3b20e
parent: 32f0c4cbe495d121c09ed14d9c84f9e1b9574415 [diff] [blame]
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 76f172f..af27c19 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c

@@ -1682,17 +1682,13 @@
 xfrm_secpath_reject(int idx, struct sk_buff *skb, struct flowi *fl)
 {
 	struct xfrm_state *x;
-	int err;
 
 	if (!skb->sp || idx < 0 || idx >= skb->sp->len)
 		return 0;
 	x = skb->sp->xvec[idx];
 	if (!x->type->reject)
 		return 0;
-	xfrm_state_hold(x);
-	err = x->type->reject(x, skb, fl);
-	xfrm_state_put(x);
-	return err;
+	return x->type->reject(x, skb, fl);
 }
 
 /* When skb is transformed back to its "native" form, we have to
commit	1ecafede835321ebdc396531245adc37d22366f7	[log] [tgz]
author	Herbert Xu <herbert@gondor.apana.org.au>	Tue Oct 09 13:24:07 2007 -0700
committer	David S. Miller <davem@sunset.davemloft.net>	Wed Oct 10 16:54:59 2007 -0700
tree	230419433b8a08b86abf8998da84652c66c3b20e
parent	32f0c4cbe495d121c09ed14d9c84f9e1b9574415 [diff] [blame]