Re: [PATCH net-ipsec v2] xfrm: replay: Fix ESN wrap around for GSO

[PATCH net-ipsec v2] xfrm: replay: Fix ESN wrap around for GSO · Christian Langrock <hidden> · 2022-09-27
Re: [PATCH net-ipsec v2] xfrm: replay: Fix ESN wrap around for GSO · Jakub Kicinski <kuba@kernel.org> · 2022-09-27
Re: [PATCH net-ipsec v2] xfrm: replay: Fix ESN wrap around for GSO · Leon Romanovsky <leon@kernel.org> · 2022-09-28
Re: [PATCH net-ipsec v2] xfrm: replay: Fix ESN wrap around for GSO · Steffen Klassert <steffen.klassert@secunet.com> · 2022-09-28
Re: [PATCH net-ipsec v2] xfrm: replay: Fix ESN wrap around for GSO · kernel test robot <hidden> · 2022-09-30
Re: [PATCH net-ipsec v2] xfrm: replay: Fix ESN wrap around for GSO · kernel test robot <hidden> · 2022-09-30

From: Jakub Kicinski <kuba@kernel.org>
Date: 2022-09-27 14:22:59
Also in: lkml

On Tue, 27 Sep 2022 14:59:50 +0200 Christian Langrock wrote:

When using GSO it can happen that the wrong seq_hi is used for the last
packets before the wrap around. This can lead to double usage of a
sequence number. To avoid this, we should serialize this last GSO
packet.

Does not build but please wait for reviews before reposting:

net/xfrm/xfrm_replay.c:773:6: error: conflicting types for ‘xfrm_replay_overflow_check’; have ‘bool(struct xfrm_state *, struct sk_buff *)’ {aka ‘_Bool(struct xfrm_state *, struct sk_buff *)’}
  773 | bool xfrm_replay_overflow_check(struct xfrm_state *x, struct sk_buff *skb)
      |      ^~~~~~~~~~~~~~~~~~~~~~~~~~

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help