diff options
| author | Christian Langrock <christian.langrock@secunet.com> | 2022-10-17 08:34:47 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2022-12-02 17:41:02 +0100 |
| commit | 0c69a4658e94d3d66b96c5c181ff32698c974a3b (patch) | |
| tree | 20a6c2e8e8730e9b6461155f98dfa15de54bb67f /net/ipv6/esp6_offload.c | |
| parent | ecc6ce4fdf0d62366604bc6a4cd6f50e19301a4e (diff) | |
| download | linux-stable-0c69a4658e94d3d66b96c5c181ff32698c974a3b.tar.gz linux-stable-0c69a4658e94d3d66b96c5c181ff32698c974a3b.tar.bz2 linux-stable-0c69a4658e94d3d66b96c5c181ff32698c974a3b.zip | |
xfrm: replay: Fix ESN wrap around for GSO
[ Upstream commit 4b549ccce941798703f159b227aa28c716aa78fa ]
When using GSO it can happen that the wrong seq_hi is used for the last
packets before the wrap around. This can lead to double usage of a
sequence number. To avoid this, we should serialize this last GSO
packet.
Fixes: d7dbefc45cf5 ("xfrm: Add xfrm_replay_overflow functions for offloading")
Co-developed-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Christian Langrock <christian.langrock@secunet.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'net/ipv6/esp6_offload.c')
| -rw-r--r-- | net/ipv6/esp6_offload.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/ipv6/esp6_offload.c b/net/ipv6/esp6_offload.c index 302170882382..4cc19acfc369 100644 --- a/net/ipv6/esp6_offload.c +++ b/net/ipv6/esp6_offload.c @@ -343,6 +343,9 @@ static int esp6_xmit(struct xfrm_state *x, struct sk_buff *skb, netdev_features xo->seq.low += skb_shinfo(skb)->gso_segs; } + if (xo->seq.low < seq) + xo->seq.hi++; + esp.seqno = cpu_to_be64(xo->seq.low + ((u64)xo->seq.hi << 32)); len = skb->len - sizeof(struct ipv6hdr); |