xfrm: Fix xfrm_replay_overflow_offload_esn
In case of wrap around, replay_esn->oseq_hi is not updated
before it is tested for it's actual value, leading function
to fail with overflow indication and packets being dropped.
This patch updates replay_esn->oseq_hi in the right place.
Fixes: d7dbefc45c
("xfrm: Add xfrm_replay_overflow functions for offloading")
Signed-off-by: Yossef Efraim <yossefe@mellanox.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
This commit is contained in:
parent
5c0bb261d2
commit
0ba23a2113
|
@ -666,7 +666,7 @@ static int xfrm_replay_overflow_offload_esn(struct xfrm_state *x, struct sk_buff
|
|||
if (unlikely(oseq < replay_esn->oseq)) {
|
||||
XFRM_SKB_CB(skb)->seq.output.hi = ++oseq_hi;
|
||||
xo->seq.hi = oseq_hi;
|
||||
|
||||
replay_esn->oseq_hi = oseq_hi;
|
||||
if (replay_esn->oseq_hi == 0) {
|
||||
replay_esn->oseq--;
|
||||
replay_esn->oseq_hi--;
|
||||
|
@ -678,7 +678,6 @@ static int xfrm_replay_overflow_offload_esn(struct xfrm_state *x, struct sk_buff
|
|||
}
|
||||
|
||||
replay_esn->oseq = oseq;
|
||||
replay_esn->oseq_hi = oseq_hi;
|
||||
|
||||
if (xfrm_aevent_is_on(net))
|
||||
x->repl->notify(x, XFRM_REPLAY_UPDATE);
|
||||
|
|
Loading…
Reference in New Issue