if (x == NULL)
return -ESRCH;
- if ((err = security_xfrm_state_delete(x)) != 0)
- goto out;
-
if (xfrm_state_kern(x)) {
- err = -EPERM;
- goto out;
+ xfrm_state_put(x);
+ return -EPERM;
}
err = xfrm_state_delete(x);
- if (err < 0)
- goto out;
+ if (err < 0) {
+ xfrm_state_put(x);
+ return err;
+ }
c.seq = nlh->nlmsg_seq;
c.pid = nlh->nlmsg_pid;
c.event = nlh->nlmsg_type;
km_state_notify(x, &c);
-
-out:
xfrm_state_put(x);
+
return err;
}
MSG_DONTWAIT);
}
} else {
- if ((err = security_xfrm_policy_delete(xp)) != 0)
- goto out;
c.data.byid = p->index;
c.event = nlh->nlmsg_type;
c.seq = nlh->nlmsg_seq;
xfrm_pol_put(xp);
-out:
return err;
}
link = &xfrm_dispatch[type];
/* All operations require privileges, even GET */
- if (security_netlink_recv(skb, CAP_NET_ADMIN)) {
+ if (security_netlink_recv(skb)) {
*errp = -EPERM;
return -1;
}