Lines Matching +full:output +full:- +full:low
1 // SPDX-License-Identifier: GPL-2.0-only
3 * xfrm_replay.c - xfrm replay detection, derived from xfrm_state.c.
15 struct xfrm_replay_state_esn *replay_esn = x->replay_esn; in xfrm_replay_seqhi()
17 if (!(x->props.flags & XFRM_STATE_ESN)) in xfrm_replay_seqhi()
21 seq_hi = replay_esn->seq_hi; in xfrm_replay_seqhi()
22 bottom = replay_esn->seq - replay_esn->replay_window + 1; in xfrm_replay_seqhi()
24 if (likely(replay_esn->seq >= replay_esn->replay_window - 1)) { in xfrm_replay_seqhi()
31 seq_hi--; in xfrm_replay_seqhi()
43 * is at least x->replay_maxdiff, in this case we also update the in xfrm_replay_notify()
45 * 2. if x->replay_maxage has elapsed since last update, in xfrm_replay_notify()
53 if (!x->replay_maxdiff || in xfrm_replay_notify()
54 ((x->replay.seq - x->preplay.seq < x->replay_maxdiff) && in xfrm_replay_notify()
55 (x->replay.oseq - x->preplay.oseq < x->replay_maxdiff))) { in xfrm_replay_notify()
56 if (x->xflags & XFRM_TIME_DEFER) in xfrm_replay_notify()
65 if (memcmp(&x->replay, &x->preplay, in xfrm_replay_notify()
67 x->xflags |= XFRM_TIME_DEFER; in xfrm_replay_notify()
74 memcpy(&x->preplay, &x->replay, sizeof(struct xfrm_replay_state)); in xfrm_replay_notify()
79 if (x->replay_maxage && in xfrm_replay_notify()
80 !mod_timer(&x->rtimer, jiffies + x->replay_maxage)) in xfrm_replay_notify()
81 x->xflags &= ~XFRM_TIME_DEFER; in xfrm_replay_notify()
89 if (x->type->flags & XFRM_TYPE_REPLAY_PROT) { in xfrm_replay_overflow()
90 XFRM_SKB_CB(skb)->seq.output.low = ++x->replay.oseq; in xfrm_replay_overflow()
91 XFRM_SKB_CB(skb)->seq.output.hi = 0; in xfrm_replay_overflow()
92 if (unlikely(x->replay.oseq == 0) && in xfrm_replay_overflow()
93 !(x->props.extra_flags & XFRM_SA_XFLAG_OSEQ_MAY_WRAP)) { in xfrm_replay_overflow()
94 x->replay.oseq--; in xfrm_replay_overflow()
96 err = -EOVERFLOW; in xfrm_replay_overflow()
101 x->repl->notify(x, XFRM_REPLAY_UPDATE); in xfrm_replay_overflow()
113 if (!x->props.replay_window) in xfrm_replay_check()
119 if (likely(seq > x->replay.seq)) in xfrm_replay_check()
122 diff = x->replay.seq - seq; in xfrm_replay_check()
123 if (diff >= x->props.replay_window) { in xfrm_replay_check()
124 x->stats.replay_window++; in xfrm_replay_check()
128 if (x->replay.bitmap & (1U << diff)) { in xfrm_replay_check()
129 x->stats.replay++; in xfrm_replay_check()
136 return -EINVAL; in xfrm_replay_check()
144 if (!x->props.replay_window) in xfrm_replay_advance()
147 if (seq > x->replay.seq) { in xfrm_replay_advance()
148 diff = seq - x->replay.seq; in xfrm_replay_advance()
149 if (diff < x->props.replay_window) in xfrm_replay_advance()
150 x->replay.bitmap = ((x->replay.bitmap) << diff) | 1; in xfrm_replay_advance()
152 x->replay.bitmap = 1; in xfrm_replay_advance()
153 x->replay.seq = seq; in xfrm_replay_advance()
155 diff = x->replay.seq - seq; in xfrm_replay_advance()
156 x->replay.bitmap |= (1U << diff); in xfrm_replay_advance()
160 x->repl->notify(x, XFRM_REPLAY_UPDATE); in xfrm_replay_advance()
166 struct xfrm_replay_state_esn *replay_esn = x->replay_esn; in xfrm_replay_overflow_bmp()
169 if (x->type->flags & XFRM_TYPE_REPLAY_PROT) { in xfrm_replay_overflow_bmp()
170 XFRM_SKB_CB(skb)->seq.output.low = ++replay_esn->oseq; in xfrm_replay_overflow_bmp()
171 XFRM_SKB_CB(skb)->seq.output.hi = 0; in xfrm_replay_overflow_bmp()
172 if (unlikely(replay_esn->oseq == 0) && in xfrm_replay_overflow_bmp()
173 !(x->props.extra_flags & XFRM_SA_XFLAG_OSEQ_MAY_WRAP)) { in xfrm_replay_overflow_bmp()
174 replay_esn->oseq--; in xfrm_replay_overflow_bmp()
176 err = -EOVERFLOW; in xfrm_replay_overflow_bmp()
181 x->repl->notify(x, XFRM_REPLAY_UPDATE); in xfrm_replay_overflow_bmp()
191 struct xfrm_replay_state_esn *replay_esn = x->replay_esn; in xfrm_replay_check_bmp()
194 u32 diff = replay_esn->seq - seq; in xfrm_replay_check_bmp()
196 if (!replay_esn->replay_window) in xfrm_replay_check_bmp()
202 if (likely(seq > replay_esn->seq)) in xfrm_replay_check_bmp()
205 if (diff >= replay_esn->replay_window) { in xfrm_replay_check_bmp()
206 x->stats.replay_window++; in xfrm_replay_check_bmp()
210 pos = (replay_esn->seq - 1) % replay_esn->replay_window; in xfrm_replay_check_bmp()
213 bitnr = (pos - diff) % replay_esn->replay_window; in xfrm_replay_check_bmp()
215 bitnr = replay_esn->replay_window - (diff - pos); in xfrm_replay_check_bmp()
219 if (replay_esn->bmp[nr] & (1U << bitnr)) in xfrm_replay_check_bmp()
225 x->stats.replay++; in xfrm_replay_check_bmp()
228 return -EINVAL; in xfrm_replay_check_bmp()
235 struct xfrm_replay_state_esn *replay_esn = x->replay_esn; in xfrm_replay_advance_bmp()
239 if (!replay_esn->replay_window) in xfrm_replay_advance_bmp()
242 pos = (replay_esn->seq - 1) % replay_esn->replay_window; in xfrm_replay_advance_bmp()
244 if (seq > replay_esn->seq) { in xfrm_replay_advance_bmp()
245 diff = seq - replay_esn->seq; in xfrm_replay_advance_bmp()
247 if (diff < replay_esn->replay_window) { in xfrm_replay_advance_bmp()
249 bitnr = (pos + i) % replay_esn->replay_window; in xfrm_replay_advance_bmp()
252 replay_esn->bmp[nr] &= ~(1U << bitnr); in xfrm_replay_advance_bmp()
255 nr = (replay_esn->replay_window - 1) >> 5; in xfrm_replay_advance_bmp()
257 replay_esn->bmp[i] = 0; in xfrm_replay_advance_bmp()
260 bitnr = (pos + diff) % replay_esn->replay_window; in xfrm_replay_advance_bmp()
261 replay_esn->seq = seq; in xfrm_replay_advance_bmp()
263 diff = replay_esn->seq - seq; in xfrm_replay_advance_bmp()
266 bitnr = (pos - diff) % replay_esn->replay_window; in xfrm_replay_advance_bmp()
268 bitnr = replay_esn->replay_window - (diff - pos); in xfrm_replay_advance_bmp()
273 replay_esn->bmp[nr] |= (1U << bitnr); in xfrm_replay_advance_bmp()
276 x->repl->notify(x, XFRM_REPLAY_UPDATE); in xfrm_replay_advance_bmp()
282 struct xfrm_replay_state_esn *replay_esn = x->replay_esn; in xfrm_replay_notify_bmp()
283 struct xfrm_replay_state_esn *preplay_esn = x->preplay_esn; in xfrm_replay_notify_bmp()
287 * is at least x->replay_maxdiff, in this case we also update the in xfrm_replay_notify_bmp()
289 * 2. if x->replay_maxage has elapsed since last update, in xfrm_replay_notify_bmp()
297 if (!x->replay_maxdiff || in xfrm_replay_notify_bmp()
298 ((replay_esn->seq - preplay_esn->seq < x->replay_maxdiff) && in xfrm_replay_notify_bmp()
299 (replay_esn->oseq - preplay_esn->oseq in xfrm_replay_notify_bmp()
300 < x->replay_maxdiff))) { in xfrm_replay_notify_bmp()
301 if (x->xflags & XFRM_TIME_DEFER) in xfrm_replay_notify_bmp()
310 if (memcmp(x->replay_esn, x->preplay_esn, in xfrm_replay_notify_bmp()
312 x->xflags |= XFRM_TIME_DEFER; in xfrm_replay_notify_bmp()
319 memcpy(x->preplay_esn, x->replay_esn, in xfrm_replay_notify_bmp()
325 if (x->replay_maxage && in xfrm_replay_notify_bmp()
326 !mod_timer(&x->rtimer, jiffies + x->replay_maxage)) in xfrm_replay_notify_bmp()
327 x->xflags &= ~XFRM_TIME_DEFER; in xfrm_replay_notify_bmp()
334 struct xfrm_replay_state_esn *replay_esn = x->replay_esn; in xfrm_replay_notify_esn()
335 struct xfrm_replay_state_esn *preplay_esn = x->preplay_esn; in xfrm_replay_notify_esn()
339 * is at least x->replay_maxdiff, in this case we also update the in xfrm_replay_notify_esn()
341 * 2. if x->replay_maxage has elapsed since last update, in xfrm_replay_notify_esn()
349 if (x->replay_maxdiff) { in xfrm_replay_notify_esn()
350 if (replay_esn->seq_hi == preplay_esn->seq_hi) in xfrm_replay_notify_esn()
351 seq_diff = replay_esn->seq - preplay_esn->seq; in xfrm_replay_notify_esn()
353 seq_diff = ~preplay_esn->seq + replay_esn->seq in xfrm_replay_notify_esn()
356 if (replay_esn->oseq_hi == preplay_esn->oseq_hi) in xfrm_replay_notify_esn()
357 oseq_diff = replay_esn->oseq in xfrm_replay_notify_esn()
358 - preplay_esn->oseq; in xfrm_replay_notify_esn()
360 oseq_diff = ~preplay_esn->oseq in xfrm_replay_notify_esn()
361 + replay_esn->oseq + 1; in xfrm_replay_notify_esn()
363 if (seq_diff >= x->replay_maxdiff || in xfrm_replay_notify_esn()
364 oseq_diff >= x->replay_maxdiff) in xfrm_replay_notify_esn()
368 if (x->xflags & XFRM_TIME_DEFER) in xfrm_replay_notify_esn()
376 if (memcmp(x->replay_esn, x->preplay_esn, in xfrm_replay_notify_esn()
378 x->xflags |= XFRM_TIME_DEFER; in xfrm_replay_notify_esn()
385 memcpy(x->preplay_esn, x->replay_esn, in xfrm_replay_notify_esn()
391 if (x->replay_maxage && in xfrm_replay_notify_esn()
392 !mod_timer(&x->rtimer, jiffies + x->replay_maxage)) in xfrm_replay_notify_esn()
393 x->xflags &= ~XFRM_TIME_DEFER; in xfrm_replay_notify_esn()
399 struct xfrm_replay_state_esn *replay_esn = x->replay_esn; in xfrm_replay_overflow_esn()
402 if (x->type->flags & XFRM_TYPE_REPLAY_PROT) { in xfrm_replay_overflow_esn()
403 XFRM_SKB_CB(skb)->seq.output.low = ++replay_esn->oseq; in xfrm_replay_overflow_esn()
404 XFRM_SKB_CB(skb)->seq.output.hi = replay_esn->oseq_hi; in xfrm_replay_overflow_esn()
406 if (unlikely(replay_esn->oseq == 0)) { in xfrm_replay_overflow_esn()
407 XFRM_SKB_CB(skb)->seq.output.hi = ++replay_esn->oseq_hi; in xfrm_replay_overflow_esn()
409 if (replay_esn->oseq_hi == 0) { in xfrm_replay_overflow_esn()
410 replay_esn->oseq--; in xfrm_replay_overflow_esn()
411 replay_esn->oseq_hi--; in xfrm_replay_overflow_esn()
413 err = -EOVERFLOW; in xfrm_replay_overflow_esn()
419 x->repl->notify(x, XFRM_REPLAY_UPDATE); in xfrm_replay_overflow_esn()
430 struct xfrm_replay_state_esn *replay_esn = x->replay_esn; in xfrm_replay_check_esn()
433 u32 wsize = replay_esn->replay_window; in xfrm_replay_check_esn()
434 u32 top = replay_esn->seq; in xfrm_replay_check_esn()
435 u32 bottom = top - wsize + 1; in xfrm_replay_check_esn()
440 if (unlikely(seq == 0 && replay_esn->seq_hi == 0 && in xfrm_replay_check_esn()
441 (replay_esn->seq < replay_esn->replay_window - 1))) in xfrm_replay_check_esn()
444 diff = top - seq; in xfrm_replay_check_esn()
446 if (likely(top >= wsize - 1)) { in xfrm_replay_check_esn()
458 if (diff >= replay_esn->replay_window) { in xfrm_replay_check_esn()
459 x->stats.replay_window++; in xfrm_replay_check_esn()
463 pos = (replay_esn->seq - 1) % replay_esn->replay_window; in xfrm_replay_check_esn()
466 bitnr = (pos - diff) % replay_esn->replay_window; in xfrm_replay_check_esn()
468 bitnr = replay_esn->replay_window - (diff - pos); in xfrm_replay_check_esn()
472 if (replay_esn->bmp[nr] & (1U << bitnr)) in xfrm_replay_check_esn()
478 x->stats.replay++; in xfrm_replay_check_esn()
481 return -EINVAL; in xfrm_replay_check_esn()
487 if (unlikely(XFRM_SKB_CB(skb)->seq.input.hi != in xfrm_replay_recheck_esn()
489 x->stats.replay_window++; in xfrm_replay_recheck_esn()
490 return -EINVAL; in xfrm_replay_recheck_esn()
501 struct xfrm_replay_state_esn *replay_esn = x->replay_esn; in xfrm_replay_advance_esn()
503 if (!replay_esn->replay_window) in xfrm_replay_advance_esn()
507 pos = (replay_esn->seq - 1) % replay_esn->replay_window; in xfrm_replay_advance_esn()
509 wrap = seq_hi - replay_esn->seq_hi; in xfrm_replay_advance_esn()
511 if ((!wrap && seq > replay_esn->seq) || wrap > 0) { in xfrm_replay_advance_esn()
513 diff = seq - replay_esn->seq; in xfrm_replay_advance_esn()
515 diff = ~replay_esn->seq + seq + 1; in xfrm_replay_advance_esn()
517 if (diff < replay_esn->replay_window) { in xfrm_replay_advance_esn()
519 bitnr = (pos + i) % replay_esn->replay_window; in xfrm_replay_advance_esn()
522 replay_esn->bmp[nr] &= ~(1U << bitnr); in xfrm_replay_advance_esn()
525 nr = (replay_esn->replay_window - 1) >> 5; in xfrm_replay_advance_esn()
527 replay_esn->bmp[i] = 0; in xfrm_replay_advance_esn()
530 bitnr = (pos + diff) % replay_esn->replay_window; in xfrm_replay_advance_esn()
531 replay_esn->seq = seq; in xfrm_replay_advance_esn()
534 replay_esn->seq_hi++; in xfrm_replay_advance_esn()
536 diff = replay_esn->seq - seq; in xfrm_replay_advance_esn()
539 bitnr = (pos - diff) % replay_esn->replay_window; in xfrm_replay_advance_esn()
541 bitnr = replay_esn->replay_window - (diff - pos); in xfrm_replay_advance_esn()
548 replay_esn->bmp[nr] |= (1U << bitnr); in xfrm_replay_advance_esn()
551 x->repl->notify(x, XFRM_REPLAY_UPDATE); in xfrm_replay_advance_esn()
560 __u32 oseq = x->replay.oseq; in xfrm_replay_overflow_offload()
565 if (x->type->flags & XFRM_TYPE_REPLAY_PROT) { in xfrm_replay_overflow_offload()
567 XFRM_SKB_CB(skb)->seq.output.low = ++oseq; in xfrm_replay_overflow_offload()
568 xo->seq.low = oseq; in xfrm_replay_overflow_offload()
570 XFRM_SKB_CB(skb)->seq.output.low = oseq + 1; in xfrm_replay_overflow_offload()
571 xo->seq.low = oseq + 1; in xfrm_replay_overflow_offload()
572 oseq += skb_shinfo(skb)->gso_segs; in xfrm_replay_overflow_offload()
575 XFRM_SKB_CB(skb)->seq.output.hi = 0; in xfrm_replay_overflow_offload()
576 xo->seq.hi = 0; in xfrm_replay_overflow_offload()
577 if (unlikely(oseq < x->replay.oseq) && in xfrm_replay_overflow_offload()
578 !(x->props.extra_flags & XFRM_SA_XFLAG_OSEQ_MAY_WRAP)) { in xfrm_replay_overflow_offload()
580 err = -EOVERFLOW; in xfrm_replay_overflow_offload()
585 x->replay.oseq = oseq; in xfrm_replay_overflow_offload()
588 x->repl->notify(x, XFRM_REPLAY_UPDATE); in xfrm_replay_overflow_offload()
598 struct xfrm_replay_state_esn *replay_esn = x->replay_esn; in xfrm_replay_overflow_offload_bmp()
600 __u32 oseq = replay_esn->oseq; in xfrm_replay_overflow_offload_bmp()
605 if (x->type->flags & XFRM_TYPE_REPLAY_PROT) { in xfrm_replay_overflow_offload_bmp()
607 XFRM_SKB_CB(skb)->seq.output.low = ++oseq; in xfrm_replay_overflow_offload_bmp()
608 xo->seq.low = oseq; in xfrm_replay_overflow_offload_bmp()
610 XFRM_SKB_CB(skb)->seq.output.low = oseq + 1; in xfrm_replay_overflow_offload_bmp()
611 xo->seq.low = oseq + 1; in xfrm_replay_overflow_offload_bmp()
612 oseq += skb_shinfo(skb)->gso_segs; in xfrm_replay_overflow_offload_bmp()
615 XFRM_SKB_CB(skb)->seq.output.hi = 0; in xfrm_replay_overflow_offload_bmp()
616 xo->seq.hi = 0; in xfrm_replay_overflow_offload_bmp()
617 if (unlikely(oseq < replay_esn->oseq) && in xfrm_replay_overflow_offload_bmp()
618 !(x->props.extra_flags & XFRM_SA_XFLAG_OSEQ_MAY_WRAP)) { in xfrm_replay_overflow_offload_bmp()
620 err = -EOVERFLOW; in xfrm_replay_overflow_offload_bmp()
624 replay_esn->oseq = oseq; in xfrm_replay_overflow_offload_bmp()
628 x->repl->notify(x, XFRM_REPLAY_UPDATE); in xfrm_replay_overflow_offload_bmp()
638 struct xfrm_replay_state_esn *replay_esn = x->replay_esn; in xfrm_replay_overflow_offload_esn()
640 __u32 oseq = replay_esn->oseq; in xfrm_replay_overflow_offload_esn()
641 __u32 oseq_hi = replay_esn->oseq_hi; in xfrm_replay_overflow_offload_esn()
646 if (x->type->flags & XFRM_TYPE_REPLAY_PROT) { in xfrm_replay_overflow_offload_esn()
648 XFRM_SKB_CB(skb)->seq.output.low = ++oseq; in xfrm_replay_overflow_offload_esn()
649 XFRM_SKB_CB(skb)->seq.output.hi = oseq_hi; in xfrm_replay_overflow_offload_esn()
650 xo->seq.low = oseq; in xfrm_replay_overflow_offload_esn()
651 xo->seq.hi = oseq_hi; in xfrm_replay_overflow_offload_esn()
653 XFRM_SKB_CB(skb)->seq.output.low = oseq + 1; in xfrm_replay_overflow_offload_esn()
654 XFRM_SKB_CB(skb)->seq.output.hi = oseq_hi; in xfrm_replay_overflow_offload_esn()
655 xo->seq.low = oseq + 1; in xfrm_replay_overflow_offload_esn()
656 xo->seq.hi = oseq_hi; in xfrm_replay_overflow_offload_esn()
657 oseq += skb_shinfo(skb)->gso_segs; in xfrm_replay_overflow_offload_esn()
660 if (unlikely(xo->seq.low < replay_esn->oseq)) { in xfrm_replay_overflow_offload_esn()
661 XFRM_SKB_CB(skb)->seq.output.hi = ++oseq_hi; in xfrm_replay_overflow_offload_esn()
662 xo->seq.hi = oseq_hi; in xfrm_replay_overflow_offload_esn()
663 replay_esn->oseq_hi = oseq_hi; in xfrm_replay_overflow_offload_esn()
664 if (replay_esn->oseq_hi == 0) { in xfrm_replay_overflow_offload_esn()
665 replay_esn->oseq--; in xfrm_replay_overflow_offload_esn()
666 replay_esn->oseq_hi--; in xfrm_replay_overflow_offload_esn()
668 err = -EOVERFLOW; in xfrm_replay_overflow_offload_esn()
674 replay_esn->oseq = oseq; in xfrm_replay_overflow_offload_esn()
677 x->repl->notify(x, XFRM_REPLAY_UPDATE); in xfrm_replay_overflow_offload_esn()
734 struct xfrm_replay_state_esn *replay_esn = x->replay_esn; in xfrm_init_replay()
737 if (replay_esn->replay_window > in xfrm_init_replay()
738 replay_esn->bmp_len * sizeof(__u32) * 8) in xfrm_init_replay()
739 return -EINVAL; in xfrm_init_replay()
741 if (x->props.flags & XFRM_STATE_ESN) { in xfrm_init_replay()
742 if (replay_esn->replay_window == 0) in xfrm_init_replay()
743 return -EINVAL; in xfrm_init_replay()
744 x->repl = &xfrm_replay_esn; in xfrm_init_replay()
746 x->repl = &xfrm_replay_bmp; in xfrm_init_replay()
749 x->repl = &xfrm_replay_legacy; in xfrm_init_replay()