Commit ec650b23 authored by Steffen Klassert's avatar Steffen Klassert
Browse files

xfrm: Fix xfrm_dst_cache memleak 



We have a memleak whenever a flow matches a policy without
a matching SA. In this case we generate a dummy bundle and
take an additional refcount on the dst_entry. This was needed
as long as we had the flowcache. The flowcache removal patches
deleted all related refcounts but forgot the one for the
dummy bundle case. Fix the memleak by removing this refcount.

Fixes: 3ca28286 ("xfrm_policy: bypass flow_cache_lookup")
Reported-by: default avatarMaxime Bizon <mbizon@freebox.fr>
Signed-off-by: default avatarSteffen Klassert <steffen.klassert@secunet.com>
parent 864f5af3

net/xfrm/xfrm_policy.c

+0 −1
Original line number Diff line number Diff line
@@ -2076,7 +2076,6 @@ make_dummy_bundle: 
	xdst->num_xfrms = num_xfrms;

	memcpy(xdst->pols, pols, sizeof(struct xfrm_policy *) * num_pols);



	dst_hold(&xdst->u.dst);

	return xdst;



inc_error:

CRA Git | Maintained and supported by SUSTech CRA and CCSE