]> err.no Git - linux-2.6/commitdiff
[IPSEC]: Return EOVERFLOW when output sequence number overflows
authorHerbert Xu <herbert@gondor.apana.org.au>
Wed, 2 Jan 2008 07:52:59 +0000 (23:52 -0800)
committerDavid S. Miller <davem@davemloft.net>
Mon, 28 Jan 2008 23:00:32 +0000 (15:00 -0800)
Previously we made it an error on the output path if the sequence number
overflowed.  However we did not set the err variable accordingly.  This
patch sets err to -EOVERFLOW in that case.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/xfrm/xfrm_output.c

index 81ad8eb2b283d1e8006af5cb435dc9726a94182c..f4a1047a55737929efd37f989c53fc18adea6b53 100644 (file)
@@ -66,6 +66,7 @@ static int xfrm_output_one(struct sk_buff *skb, int err)
                        if (unlikely(x->replay.oseq == 0)) {
                                x->replay.oseq--;
                                xfrm_audit_state_replay_overflow(x, skb);
+                               err = -EOVERFLOW;
                                goto error;
                        }
                        if (xfrm_aevent_is_on())