public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-08-05 16:54:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

xfrm: Fix xfrm_replay_overflow_offload_esn

Browse source 
In case of wrap around, replay_esn->oseq_hi is not updated
before it is tested for it's actual value, leading function
to fail with overflow indication and packets being dropped.

This patch updates replay_esn->oseq_hi in the right place.

Fixes: d7dbefc45c ("xfrm: Add xfrm_replay_overflow functions for offloading")
Signed-off-by: Yossef Efraim <yossefe@mellanox.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
This commit is contained in:
Yossef Efraim 2017-11-28 11:49:28 +02:00 committed by Steffen Klassert
parent 5c0bb261d2
commit 0ba23a2113
1 changed files with 1 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
net/xfrm/xfrm_replay.c
View file

@ -666,7 +666,7 @@ static int xfrm_replay_overflow_offload_esn(struct xfrm_state *x, struct sk_buff
if (unlikely(oseq < replay_esn->oseq)) { if (unlikely(oseq < replay_esn->oseq)) {
XFRM_SKB_CB(skb)->seq.output.hi = ++oseq_hi; XFRM_SKB_CB(skb)->seq.output.hi = ++oseq_hi;
xo->seq.hi = oseq_hi; xo->seq.hi = oseq_hi;
replay_esn->oseq_hi = oseq_hi;
if (replay_esn->oseq_hi == 0) { if (replay_esn->oseq_hi == 0) {
replay_esn->oseq--; replay_esn->oseq--;
replay_esn->oseq_hi--; replay_esn->oseq_hi--;
@ -678,7 +678,6 @@ static int xfrm_replay_overflow_offload_esn(struct xfrm_state *x, struct sk_buff
} }
replay_esn->oseq = oseq; replay_esn->oseq = oseq;
replay_esn->oseq_hi = oseq_hi;
if (xfrm_aevent_is_on(net)) if (xfrm_aevent_is_on(net))
x->repl->notify(x, XFRM_REPLAY_UPDATE); x->repl->notify(x, XFRM_REPLAY_UPDATE);