Skip to content

Commit

Permalink
---
Browse files Browse the repository at this point in the history 
yaml
---
r: 322740
b: refs/heads/master
c: 3b59df4
h: refs/heads/master
v: v3
  • Loading branch information
Steffen Klassert authored and David S. Miller committed Sep 4, 2012
1 parent e16d8db commit 2027131
Show file tree
Hide file tree
Showing 4 changed files with 20 additions and 2 deletions.
2 changes: 1 addition & 1 deletion [refs]
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
refs/heads/master: 37159ef2c1ae1e696b24b260b241209a19f92c60
refs/heads/master: 3b59df46a449ec9975146d71318c4777ad086744
3 changes: 3 additions & 0 deletions trunk/include/net/xfrm.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -273,6 +273,9 @@ struct xfrm_replay {
int (*check)(struct xfrm_state *x,
struct sk_buff *skb,
__be32 net_seq);
int (*recheck)(struct xfrm_state *x,
struct sk_buff *skb,
__be32 net_seq);
void (*notify)(struct xfrm_state *x, int event);
int (*overflow)(struct xfrm_state *x, struct sk_buff *skb);
};
Expand Down
2 changes: 1 addition & 1 deletion trunk/net/xfrm/xfrm_input.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -212,7 +212,7 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type)
/* only the first xfrm gets the encap type */
encap_type = 0;

if (async && x->repl->check(x, skb, seq)) {
if (async && x->repl->recheck(x, skb, seq)) {
XFRM_INC_STATS(net, LINUX_MIB_XFRMINSTATESEQERROR);
goto drop_unlock;
}
Expand Down
15 changes: 15 additions & 0 deletions trunk/net/xfrm/xfrm_replay.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -420,6 +420,18 @@ static int xfrm_replay_check_esn(struct xfrm_state *x,
return -EINVAL;
}

static int xfrm_replay_recheck_esn(struct xfrm_state *x,
struct sk_buff *skb, __be32 net_seq)
{
if (unlikely(XFRM_SKB_CB(skb)->seq.input.hi !=
htonl(xfrm_replay_seqhi(x, net_seq)))) {
x->stats.replay_window++;
return -EINVAL;
}

return xfrm_replay_check_esn(x, skb, net_seq);
}

static void xfrm_replay_advance_esn(struct xfrm_state *x, __be32 net_seq)
{
unsigned int bitnr, nr, i;
Expand Down Expand Up @@ -479,20 +491,23 @@ static void xfrm_replay_advance_esn(struct xfrm_state *x, __be32 net_seq)
static struct xfrm_replay xfrm_replay_legacy = {
.advance = xfrm_replay_advance,
.check = xfrm_replay_check,
.recheck = xfrm_replay_check,
.notify = xfrm_replay_notify,
.overflow = xfrm_replay_overflow,
};

static struct xfrm_replay xfrm_replay_bmp = {
.advance = xfrm_replay_advance_bmp,
.check = xfrm_replay_check_bmp,
.recheck = xfrm_replay_check_bmp,
.notify = xfrm_replay_notify_bmp,
.overflow = xfrm_replay_overflow_bmp,
};

static struct xfrm_replay xfrm_replay_esn = {
.advance = xfrm_replay_advance_esn,
.check = xfrm_replay_check_esn,
.recheck = xfrm_replay_recheck_esn,
.notify = xfrm_replay_notify_bmp,
.overflow = xfrm_replay_overflow_esn,
};
Expand Down

0 comments on commit 2027131

Please sign in to comment.