| From foo@baz Fri Mar 16 15:43:17 CET 2018 |
| From: Yossef Efraim <yossefe@mellanox.com> |
| Date: Tue, 28 Nov 2017 11:49:28 +0200 |
| Subject: xfrm: Fix xfrm_replay_overflow_offload_esn |
| |
| From: Yossef Efraim <yossefe@mellanox.com> |
| |
| |
| [ Upstream commit 0ba23a211360af7b6658e4fcfc571970bbbacc55 ] |
| |
| In case of wrap around, replay_esn->oseq_hi is not updated |
| before it is tested for it's actual value, leading function |
| to fail with overflow indication and packets being dropped. |
| |
| This patch updates replay_esn->oseq_hi in the right place. |
| |
| Fixes: d7dbefc45cf5 ("xfrm: Add xfrm_replay_overflow functions for offloading") |
| Signed-off-by: Yossef Efraim <yossefe@mellanox.com> |
| Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> |
| Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| net/xfrm/xfrm_replay.c | 3 +-- |
| 1 file changed, 1 insertion(+), 2 deletions(-) |
| |
| --- a/net/xfrm/xfrm_replay.c |
| +++ b/net/xfrm/xfrm_replay.c |
| @@ -666,7 +666,7 @@ static int xfrm_replay_overflow_offload_ |
| if (unlikely(oseq < replay_esn->oseq)) { |
| XFRM_SKB_CB(skb)->seq.output.hi = ++oseq_hi; |
| xo->seq.hi = oseq_hi; |
| - |
| + replay_esn->oseq_hi = oseq_hi; |
| if (replay_esn->oseq_hi == 0) { |
| replay_esn->oseq--; |
| replay_esn->oseq_hi--; |
| @@ -678,7 +678,6 @@ static int xfrm_replay_overflow_offload_ |
| } |
| |
| replay_esn->oseq = oseq; |
| - replay_esn->oseq_hi = oseq_hi; |
| |
| if (xfrm_aevent_is_on(net)) |
| x->repl->notify(x, XFRM_REPLAY_UPDATE); |