diff options
| author | Janne Peltonen <janne.peltonen@nokia.com> | 2023-03-06 15:20:46 +0200 |
|---|---|---|
| committer | Matias Elo <matias.elo@nokia.com> | 2023-03-07 09:53:24 +0200 |
| commit | a2f8e2e25a0c3cdf1c2f26333865b2c114d85852 (patch) | |
| tree | 5590888c8497d3cdde0d4e5c2aa93ddeec836718 /platform/linux-generic/pktio/loop.c | |
| parent | 4d30b84d7bd94aa1f2972e91f092b9e936fa3e7b (diff) | |
linux-gen: loop: fix use of stale pkt_hdr after inline ipsec
Inline IPsec processing in _odp_ipsec_try_inline() may change the packet
handle, but the calling code in the loop pktio is not prepared for it
and may end up accessing packet header through a stale pointer. Currently
this can happen when odp_packet_trunc_head is used to strip IPsec headers
from a suitably segmented packet, but other cases (such as use of the basic
crypto op type in IPsec) may arise later.
Fix the problem by reinitializing the packet header pointer after inline
IPsec processing.
Signed-off-by: Janne Peltonen <janne.peltonen@nokia.com>
Reviewed-by: Matias Elo <matias.elo@nokia.com>
Diffstat (limited to 'platform/linux-generic/pktio/loop.c')
| -rw-r--r-- | platform/linux-generic/pktio/loop.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/platform/linux-generic/pktio/loop.c b/platform/linux-generic/pktio/loop.c index a69daf56b..849a63c55 100644 --- a/platform/linux-generic/pktio/loop.c +++ b/platform/linux-generic/pktio/loop.c @@ -336,8 +336,10 @@ static int loopback_recv(pktio_entry_t *pktio_entry, int index, odp_packet_t pkt /* Try IPsec inline processing */ if (pktio_entry->config.inbound_ipsec && !pkt_hdr->p.flags.ip_err && - odp_packet_has_ipsec(pkt)) + odp_packet_has_ipsec(pkt)) { _odp_ipsec_try_inline(&pkt); + pkt_hdr = packet_hdr(pkt); + } if (!pkt_hdr->p.flags.all.error) { octets += pkt_len; |