Re: [PATCH] xfrm: ah: account for ESN high bits in async callbacks

[Steffen Klassert <steffen.klassert@secunet.com>]

On Sun, Apr 19, 2026 at 06:35:42PM -0400, Michael Bommarito wrote:
> AH allocates its temporary auth/ICV layout differently when ESN is enabled:
> the async ahash setup appends a 4-byte seqhi slot before the ICV or
> auth_data area, but the async completion callbacks still reconstruct the
> temporary layout as if seqhi were absent.
> 
> With an async AH implementation selected, that makes AH copy or compare
> the wrong bytes on both the IPv4 and IPv6 paths. In UML repro on IPv4 AH
> with ESN and forced async hmac(sha1), ping fails with 100% packet loss,
> and the callback logs show the pre-fix drift:
> 
>   ah4 output_done: esn=1 err=0 icv_off=20 expected_off=24
>   ah4 input_done: esn=1 auth_off=20 expected_auth_off=24 icv_off=32 expected_icv_off=36
> 
> Reconstruct the callback-side layout the same way the setup path built it
> by skipping the ESN seqhi slot before locating the saved auth_data or ICV.
> Per RFC 4302, the ESN high-order 32 bits participate in the AH ICV
> computation, so the async callbacks must account for the seqhi slot.
> 
> Post-fix, the same IPv4 AH+ESN+forced-async-hmac(sha1) UML repro shows
> the corrected offset (ah4 output_done: esn=1 err=0 icv_off=24
> expected_off=24) and ping succeeds; net/ipv4/ah4.o and net/ipv6/ah6.o
> build clean at W=1. IPv6 AH+ESN was not exercised at runtime, and the
> change has not been tested against a real async hardware AH engine.
> 
> Fixes: d4d573d0334d ("{IPv4,xfrm} Add ESN support for AH egress part")
> Fixes: d8b2a8600b0e ("{IPv4,xfrm} Add ESN support for AH ingress part")
> Fixes: 26dd70c3fad3 ("{IPv6,xfrm} Add ESN support for AH egress part")
> Fixes: 8d6da6f32557 ("{IPv6,xfrm} Add ESN support for AH ingress part")
> Cc: stable@vger.kernel.org
> Assisted-by: Codex:gpt-5-4
> Assisted-by: Claude:claude-opus-4-7
> Signed-off-by: Michael Bommarito <michael.bommarito@gmail.com>

Applied to the ipsec tree, thanks a lot Michael!