aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorSteffen Klassert <steffen.klassert@secunet.com>2011-03-07 19:06:31 -0500
committerDavid S. Miller <davem@davemloft.net>2011-03-13 23:22:28 -0400
commit1ce3644ade9c865c755bf0f6a4e109b7bb6eb60f (patch)
tree14ce0727337a43d1fa28432d01189d1a5f4269c7 /net
parent9736acf395d3608583a7be70f62800b494fa103c (diff)
xfrm: Use separate low and high order bits of the sequence numbers in xfrm_skb_cb
To support IPsec extended sequence numbers, we split the output sequence numbers of xfrm_skb_cb in low and high order 32 bits and we add the high order 32 bits to the input sequence numbers. All users are updated accordingly. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/ipv4/ah4.c2
-rw-r--r--net/ipv4/esp4.c4
-rw-r--r--net/ipv6/ah6.c2
-rw-r--r--net/ipv6/esp6.c4
-rw-r--r--net/xfrm/xfrm_input.c4
-rw-r--r--net/xfrm/xfrm_output.c2
6 files changed, 9 insertions, 9 deletions
diff --git a/net/ipv4/ah4.c b/net/ipv4/ah4.c
index 325053df6e70..4286fd3cc0e2 100644
--- a/net/ipv4/ah4.c
+++ b/net/ipv4/ah4.c
@@ -208,7 +208,7 @@ static int ah_output(struct xfrm_state *x, struct sk_buff *skb)
208 208
209 ah->reserved = 0; 209 ah->reserved = 0;
210 ah->spi = x->id.spi; 210 ah->spi = x->id.spi;
211 ah->seq_no = htonl(XFRM_SKB_CB(skb)->seq.output); 211 ah->seq_no = htonl(XFRM_SKB_CB(skb)->seq.output.low);
212 212
213 sg_init_table(sg, nfrags); 213 sg_init_table(sg, nfrags);
214 skb_to_sgvec(skb, sg, 0, skb->len); 214 skb_to_sgvec(skb, sg, 0, skb->len);
diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c
index e42a905180f0..882dbbb7d799 100644
--- a/net/ipv4/esp4.c
+++ b/net/ipv4/esp4.c
@@ -215,7 +215,7 @@ static int esp_output(struct xfrm_state *x, struct sk_buff *skb)
215 } 215 }
216 216
217 esph->spi = x->id.spi; 217 esph->spi = x->id.spi;
218 esph->seq_no = htonl(XFRM_SKB_CB(skb)->seq.output); 218 esph->seq_no = htonl(XFRM_SKB_CB(skb)->seq.output.low);
219 219
220 sg_init_table(sg, nfrags); 220 sg_init_table(sg, nfrags);
221 skb_to_sgvec(skb, sg, 221 skb_to_sgvec(skb, sg,
@@ -227,7 +227,7 @@ static int esp_output(struct xfrm_state *x, struct sk_buff *skb)
227 aead_givcrypt_set_crypt(req, sg, sg, clen, iv); 227 aead_givcrypt_set_crypt(req, sg, sg, clen, iv);
228 aead_givcrypt_set_assoc(req, asg, sizeof(*esph)); 228 aead_givcrypt_set_assoc(req, asg, sizeof(*esph));
229 aead_givcrypt_set_giv(req, esph->enc_data, 229 aead_givcrypt_set_giv(req, esph->enc_data,
230 XFRM_SKB_CB(skb)->seq.output); 230 XFRM_SKB_CB(skb)->seq.output.low);
231 231
232 ESP_SKB_CB(skb)->tmp = tmp; 232 ESP_SKB_CB(skb)->tmp = tmp;
233 err = crypto_aead_givencrypt(req); 233 err = crypto_aead_givencrypt(req);
diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c
index 1aba54ae53c4..2195ae651923 100644
--- a/net/ipv6/ah6.c
+++ b/net/ipv6/ah6.c
@@ -409,7 +409,7 @@ static int ah6_output(struct xfrm_state *x, struct sk_buff *skb)
409 409
410 ah->reserved = 0; 410 ah->reserved = 0;
411 ah->spi = x->id.spi; 411 ah->spi = x->id.spi;
412 ah->seq_no = htonl(XFRM_SKB_CB(skb)->seq.output); 412 ah->seq_no = htonl(XFRM_SKB_CB(skb)->seq.output.low);
413 413
414 sg_init_table(sg, nfrags); 414 sg_init_table(sg, nfrags);
415 skb_to_sgvec(skb, sg, 0, skb->len); 415 skb_to_sgvec(skb, sg, 0, skb->len);
diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c
index 1b5c9825743b..c7b5d5ee0dee 100644
--- a/net/ipv6/esp6.c
+++ b/net/ipv6/esp6.c
@@ -204,7 +204,7 @@ static int esp6_output(struct xfrm_state *x, struct sk_buff *skb)
204 *skb_mac_header(skb) = IPPROTO_ESP; 204 *skb_mac_header(skb) = IPPROTO_ESP;
205 205
206 esph->spi = x->id.spi; 206 esph->spi = x->id.spi;
207 esph->seq_no = htonl(XFRM_SKB_CB(skb)->seq.output); 207 esph->seq_no = htonl(XFRM_SKB_CB(skb)->seq.output.low);
208 208
209 sg_init_table(sg, nfrags); 209 sg_init_table(sg, nfrags);
210 skb_to_sgvec(skb, sg, 210 skb_to_sgvec(skb, sg,
@@ -216,7 +216,7 @@ static int esp6_output(struct xfrm_state *x, struct sk_buff *skb)
216 aead_givcrypt_set_crypt(req, sg, sg, clen, iv); 216 aead_givcrypt_set_crypt(req, sg, sg, clen, iv);
217 aead_givcrypt_set_assoc(req, asg, sizeof(*esph)); 217 aead_givcrypt_set_assoc(req, asg, sizeof(*esph));
218 aead_givcrypt_set_giv(req, esph->enc_data, 218 aead_givcrypt_set_giv(req, esph->enc_data,
219 XFRM_SKB_CB(skb)->seq.output); 219 XFRM_SKB_CB(skb)->seq.output.low);
220 220
221 ESP_SKB_CB(skb)->tmp = tmp; 221 ESP_SKB_CB(skb)->tmp = tmp;
222 err = crypto_aead_givencrypt(req); 222 err = crypto_aead_givencrypt(req);
diff --git a/net/xfrm/xfrm_input.c b/net/xfrm/xfrm_input.c
index 45f1c98d4fce..b173b7fdc433 100644
--- a/net/xfrm/xfrm_input.c
+++ b/net/xfrm/xfrm_input.c
@@ -118,7 +118,7 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type)
118 if (encap_type < 0) { 118 if (encap_type < 0) {
119 async = 1; 119 async = 1;
120 x = xfrm_input_state(skb); 120 x = xfrm_input_state(skb);
121 seq = XFRM_SKB_CB(skb)->seq.input; 121 seq = XFRM_SKB_CB(skb)->seq.input.low;
122 goto resume; 122 goto resume;
123 } 123 }
124 124
@@ -184,7 +184,7 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type)
184 184
185 spin_unlock(&x->lock); 185 spin_unlock(&x->lock);
186 186
187 XFRM_SKB_CB(skb)->seq.input = seq; 187 XFRM_SKB_CB(skb)->seq.input.low = seq;
188 188
189 nexthdr = x->type->input(x, skb); 189 nexthdr = x->type->input(x, skb);
190 190
diff --git a/net/xfrm/xfrm_output.c b/net/xfrm/xfrm_output.c
index 64f2ae1fdc15..4b63776a0264 100644
--- a/net/xfrm/xfrm_output.c
+++ b/net/xfrm/xfrm_output.c
@@ -68,7 +68,7 @@ static int xfrm_output_one(struct sk_buff *skb, int err)
68 } 68 }
69 69
70 if (x->type->flags & XFRM_TYPE_REPLAY_PROT) { 70 if (x->type->flags & XFRM_TYPE_REPLAY_PROT) {
71 XFRM_SKB_CB(skb)->seq.output = ++x->replay.oseq; 71 XFRM_SKB_CB(skb)->seq.output.low = ++x->replay.oseq;
72 if (unlikely(x->replay.oseq == 0)) { 72 if (unlikely(x->replay.oseq == 0)) {
73 XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTSTATESEQERROR); 73 XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTSTATESEQERROR);
74 x->replay.oseq--; 74 x->replay.oseq--;