Skip to content

Commit

Permalink
xfrm: release neighbor upon dst destruction
Browse files Browse the repository at this point in the history 
Neighbor is cloned in xfrm6_fill_dst but seems to never be released.
Neighbor entry should be released when XFRM6 dst entry is destroyed
in xfrm6_dst_destroy, otherwise references may be kept forever on
the device pointed by the neighbor entry.

I may not have understood all the subtleties of XFRM & dst so I would
be happy to receive comments on this patch.

Signed-off-by: Romain Kuntz <r.kuntz@ipflavors.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Romain KUNTZ authored and David S. Miller committed Feb 18, 2013
1 parent dca9ab9 commit 18cf0d0
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions net/ipv6/xfrm6_policy.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -236,6 +236,8 @@ static void xfrm6_dst_destroy(struct dst_entry *dst)
{
struct xfrm_dst *xdst = (struct xfrm_dst *)dst;

if (likely(xdst->u.rt6.n))
neigh_release(xdst->u.rt6.n);
if (likely(xdst->u.rt6.rt6i_idev))
in6_dev_put(xdst->u.rt6.rt6i_idev);
dst_destroy_metrics_generic(dst);
Expand Down

0 comments on commit 18cf0d0

Please sign in to comment.