From: Leon Romanovsky <leon@kernel.org>
To: Christian Langrock <christian.langrock@secunet.com>
Cc: Steffen Klassert <steffen.klassert@secunet.com>,
herbert@gondor.apana.org.au, davem@davemloft.net,
edumazet@google.com, kuba@kernel.org, pabeni@redhat.com,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH net-ipsec v2] xfrm: replay: Fix ESN wrap around for GSO
Date: Wed, 28 Sep 2022 09:18:07 +0300 [thread overview]
Message-ID: <YzPnH/JrIFbPteR3@unreal> (raw)
In-Reply-To: <fe554921-104e-2365-a09b-812a1cedac65@secunet.com>
On Tue, Sep 27, 2022 at 02:59:50PM +0200, Christian Langrock wrote:
> When using GSO it can happen that the wrong seq_hi is used for the last
> packets before the wrap around. This can lead to double usage of a
> sequence number. To avoid this, we should serialize this last GSO
> packet.
>
> Fixes: d7dbefc45cf5 ("xfrm: Add xfrm_replay_overflow functions for...")
> Signed-off-by: Christian Langrock <christian.langrock@secunet.com>
> ---
> include/net/xfrm.h | 1 +
> net/xfrm/xfrm_output.c | 2 +-
> net/xfrm/xfrm_replay.c | 33 +++++++++++++++++++++++++++++++++
> 3 files changed, 35 insertions(+), 1 deletion(-)
>
> diff --git a/include/net/xfrm.h b/include/net/xfrm.h
> index 6e8fa98f786f..49d6d974f493 100644
> --- a/include/net/xfrm.h
> +++ b/include/net/xfrm.h
> @@ -1749,6 +1749,7 @@ void xfrm_replay_advance(struct xfrm_state *x, __be32 net_seq);
> int xfrm_replay_check(struct xfrm_state *x, struct sk_buff *skb, __be32 net_seq);
> void xfrm_replay_notify(struct xfrm_state *x, int event);
> int xfrm_replay_overflow(struct xfrm_state *x, struct sk_buff *skb);
> +int xfrm_replay_overflow_check(struct xfrm_state *x, struct sk_buff *skb);
> int xfrm_replay_recheck(struct xfrm_state *x, struct sk_buff *skb, __be32 net_seq);
>
> static inline int xfrm_aevent_is_on(struct net *net)
> diff --git a/net/xfrm/xfrm_output.c b/net/xfrm/xfrm_output.c
> index 9a5e79a38c67..c470a68d9c88 100644
> --- a/net/xfrm/xfrm_output.c
> +++ b/net/xfrm/xfrm_output.c
> @@ -738,7 +738,7 @@ int xfrm_output(struct sock *sk, struct sk_buff *skb)
> skb->encapsulation = 1;
>
> if (skb_is_gso(skb)) {
> - if (skb->inner_protocol)
> + if (skb->inner_protocol || xfrm_replay_overflow_check(x, skb))
> return xfrm_output_gso(net, sk, skb);
>
> skb_shinfo(skb)->gso_type |= SKB_GSO_ESP;
> diff --git a/net/xfrm/xfrm_replay.c b/net/xfrm/xfrm_replay.c
> index 9277d81b344c..991cfc7a091d 100644
> --- a/net/xfrm/xfrm_replay.c
> +++ b/net/xfrm/xfrm_replay.c
> @@ -750,6 +750,34 @@ int xfrm_replay_overflow(struct xfrm_state *x, struct sk_buff *skb)
>
> return xfrm_replay_overflow_offload(x, skb);
> }
> +
> +static bool xfrm_replay_overflow_check_offload_esn(struct xfrm_state *x, struct sk_buff *skb)
> +{
> + struct xfrm_replay_state_esn *replay_esn = x->replay_esn;
> + __u32 oseq = replay_esn->oseq;
> + bool ret = false;
> +
> + /* We assume that this function is called with
> + * skb_is_gso(skb) == true
> + */
> +
> + if (x->type->flags & XFRM_TYPE_REPLAY_PROT) {
> + oseq = oseq + 1 + skb_shinfo(skb)->gso_segs;
> + if (unlikely(oseq < replay_esn->oseq))
> + ret = true;
return true;
> + }
> +
> + return ret;
return false;
> +}
> +
> +bool xfrm_replay_overflow_check(struct xfrm_state *x, struct sk_buff *skb)
> +{
> + if (x->repl_mode == XFRM_REPLAY_MODE_ESN)
> + return xfrm_replay_overflow_check_offload_esn(x, skb);
> +
> + return false;
> +}
I still think that functions above should be merged into one. This is
called only if xfrm_dev_offload_ok() success -> in crypto offload path.
Thanks
> +
> #else
> int xfrm_replay_overflow(struct xfrm_state *x, struct sk_buff *skb)
> {
> @@ -764,6 +792,11 @@ int xfrm_replay_overflow(struct xfrm_state *x, struct sk_buff *skb)
>
> return __xfrm_replay_overflow(x, skb);
> }
> +
> +int xfrm_replay_overflow_check(struct xfrm_state *x, struct sk_buff *skb)
int -> bool
> +{
> + return 0;
> +}
> #endif
>
> int xfrm_init_replay(struct xfrm_state *x)
> --
> 2.37.1.223.g6a475b71f8
>
next prev parent reply other threads:[~2022-09-28 6:18 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-27 12:59 [PATCH net-ipsec v2] xfrm: replay: Fix ESN wrap around for GSO Christian Langrock
2022-09-27 14:22 ` Jakub Kicinski
2022-09-28 6:18 ` Leon Romanovsky [this message]
2022-09-28 6:49 ` Steffen Klassert
2022-09-28 21:28 ` kernel test robot
2022-09-28 21:29 ` kernel test robot
-- strict thread matches above, loose matches on Subject: below --
2022-09-27 12:03 Christian Langrock
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YzPnH/JrIFbPteR3@unreal \
--to=leon@kernel.org \
--cc=christian.langrock@secunet.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=herbert@gondor.apana.org.au \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=steffen.klassert@secunet.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.