]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blobdiff - net/ipv6/ah6.c
projects / mirror_ubuntu-bionic-kernel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
[IPSEC] proto: Move transport mode input path into xfrm_mode_transport
[mirror_ubuntu-bionic-kernel.git] / net / ipv6 / ah6.c
diff --git a/net/ipv6/ah6.c b/net/ipv6/ah6.c
index c7932cb420a5c91987fa4034abacee84c1ffb76b..d31c0d6c04488c90cf7c8972851c9f526aa1f1f0 100644 (file)
--- a/net/ipv6/ah6.c
+++ b/net/ipv6/ah6.c
@@ -213,6 +213,7 @@ static int ah6_output(struct xfrm_state *x, struct sk_buff *skb)
        ah->reserved = 0;
        ah->spi = x->id.spi;
        ah->seq_no = htonl(++x->replay.oseq);
+       xfrm_aevent_doreplay(x);
        ahp->icv(ahp, skb, ah->auth_data);
 
        err = 0;
@@ -228,7 +229,7 @@ error:
        return err;
 }
 
-static int ah6_input(struct xfrm_state *x, struct xfrm_decap_state *decap, struct sk_buff *skb)
+static int ah6_input(struct xfrm_state *x, struct sk_buff *skb)
 {
        /*
         * Before process AH
@@ -279,7 +280,7 @@ static int ah6_input(struct xfrm_state *x, struct xfrm_decap_state *decap, struc
                goto out;
        memcpy(tmp_hdr, skb->nh.raw, hdr_len);
        if (ipv6_clear_mutable_options(skb->nh.ipv6h, hdr_len))
-               goto out;
+               goto free_out;
        skb->nh.ipv6h->priority    = 0;
        skb->nh.ipv6h->flow_lbl[0] = 0;
        skb->nh.ipv6h->flow_lbl[1] = 0;
@@ -291,7 +292,7 @@ static int ah6_input(struct xfrm_state *x, struct xfrm_decap_state *decap, struc
 
                memcpy(auth_data, ah->auth_data, ahp->icv_trunc_len);
                memset(ah->auth_data, 0, ahp->icv_trunc_len);
-               skb_push(skb, skb->data - skb->nh.raw);
+               skb_push(skb, hdr_len);
                ahp->icv(ahp, skb, ah->auth_data);
                if (memcmp(ah->auth_data, auth_data, ahp->icv_trunc_len)) {
                        LIMIT_NETDEBUG(KERN_WARNING "ipsec ah authentication error\n");
@@ -300,12 +301,8 @@ static int ah6_input(struct xfrm_state *x, struct xfrm_decap_state *decap, struc
                }
        }
 
-       skb->nh.raw = skb_pull(skb, ah_hlen);
-       memcpy(skb->nh.raw, tmp_hdr, hdr_len);
-       skb->nh.ipv6h->payload_len = htons(skb->len - sizeof(struct ipv6hdr));
-       skb_pull(skb, hdr_len);
-       skb->h.raw = skb->data;
-
+       skb->h.raw = memcpy(skb->nh.raw += ah_hlen, tmp_hdr, hdr_len);
+       __skb_pull(skb, ah_hlen + hdr_len);
 
        kfree(tmp_hdr);
 
@@ -353,12 +350,10 @@ static int ah6_init_state(struct xfrm_state *x)
        if (x->encap)
                goto error;
 
-       ahp = kmalloc(sizeof(*ahp), GFP_KERNEL);
+       ahp = kzalloc(sizeof(*ahp), GFP_KERNEL);
        if (ahp == NULL)
                return -ENOMEM;
 
-       memset(ahp, 0, sizeof(*ahp));
-
        ahp->key = x->aalg->alg_key;
        ahp->key_len = (x->aalg->alg_key_len+7)/8;
        ahp->tfm = crypto_alloc_tfm(x->aalg->alg_name, 0);
ubuntu-bionic-kernel mirror