diff options
author | Antony Antony <antony@phenome.org> | 2017-12-07 21:54:27 +0100 |
---|---|---|
committer | Steffen Klassert <steffen.klassert@secunet.com> | 2017-12-08 07:39:30 +0100 |
commit | 75bf50f4aaa1c78d769d854ab3d975884909e4fb (patch) | |
tree | 70ac8bc601abebba2d004cf27e91830fbaf7401f /net/xfrm | |
parent | xfrm: Fix stack-out-of-bounds read on socket policy lookup. (diff) | |
download | linux-75bf50f4aaa1c78d769d854ab3d975884909e4fb.tar.xz linux-75bf50f4aaa1c78d769d854ab3d975884909e4fb.zip |
xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM)
copy geniv when cloning the xfrm state.
x->geniv was not copied to the new state and migration would fail.
xfrm_do_migrate
..
xfrm_state_clone()
..
..
esp_init_aead()
crypto_alloc_aead()
crypto_alloc_tfm()
crypto_find_alg() return EAGAIN and failed
Signed-off-by: Antony Antony <antony@phenome.org>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net/xfrm')
-rw-r--r-- | net/xfrm/xfrm_state.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index 1f5cee2269af..88d0a563e141 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c @@ -1344,6 +1344,7 @@ static struct xfrm_state *xfrm_state_clone(struct xfrm_state *orig, if (orig->aead) { x->aead = xfrm_algo_aead_clone(orig->aead); + x->geniv = orig->geniv; if (!x->aead) goto error; } |