On Tue, Nov 28, 2017 at 11:49:28AM +0200, [email protected] wrote:
> From: Yossef Efraim <[email protected]>
>
> In case of wrap around, replay_esn->oseq_hi is not updated
> before it is tested for it's actual value, leading function
> to fail with overflow indication and packets being dropped.
>
> This patch updates replay_esn->oseq_hi in the right place.
>
> Fixes: d7dbefc45cf5 ("xfrm: Add xfrm_replay_overflow functions for offloading")
> Signed-off-by: Yossef Efraim <[email protected]>
Applied to ipsec-next, thanks!