Re: [PATCH net-ipsec v2] xfrm: replay: Fix ESN wrap around for GSO

From: Jakub Kicinski
Date: Tue Sep 27 2022 - 10:22:59 EST

Next message: Joel Fernandes: "Re: [PATCH v6 1/4] rcu: Make call_rcu() lazy to save power"
Previous message: Kees Cook: "Re: [PATCH] sethostname: dump new hostname into RNG"
In reply to: Christian Langrock: "[PATCH net-ipsec v2] xfrm: replay: Fix ESN wrap around for GSO"
Next in thread: Leon Romanovsky: "Re: [PATCH net-ipsec v2] xfrm: replay: Fix ESN wrap around for GSO"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 27 Sep 2022 14:59:50 +0200 Christian Langrock wrote:
> When using GSO it can happen that the wrong seq_hi is used for the last
> packets before the wrap around. This can lead to double usage of a
> sequence number. To avoid this, we should serialize this last GSO
> packet.

Does not build but please wait for reviews before reposting:

net/xfrm/xfrm_replay.c:773:6: error: conflicting types for ‘xfrm_replay_overflow_check’; have ‘bool(struct xfrm_state *, struct sk_buff *)’ {aka ‘_Bool(struct xfrm_state *, struct sk_buff *)’}
773 | bool xfrm_replay_overflow_check(struct xfrm_state *x, struct sk_buff *skb)
| ^~~~~~~~~~~~~~~~~~~~~~~~~~

Next message: Joel Fernandes: "Re: [PATCH v6 1/4] rcu: Make call_rcu() lazy to save power"
Previous message: Kees Cook: "Re: [PATCH] sethostname: dump new hostname into RNG"
In reply to: Christian Langrock: "[PATCH net-ipsec v2] xfrm: replay: Fix ESN wrap around for GSO"
Next in thread: Leon Romanovsky: "Re: [PATCH net-ipsec v2] xfrm: replay: Fix ESN wrap around for GSO"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]