diff options
author | Herbert Xu <herbert@gondor.apana.org.au> | 2015-05-13 09:26:10 +0200 |
---|---|---|
committer | Steffen Klassert <steffen.klassert@secunet.com> | 2015-05-13 09:34:53 +0200 |
commit | 64aa42338e9a88c139b89797163714f0f95f3c6b (patch) | |
tree | 512567243de7083143af3fa1d4511c790d0e43a6 /net | |
parent | xfrm: fix a race in xfrm_state_lookup_byspi (diff) | |
download | linux-64aa42338e9a88c139b89797163714f0f95f3c6b.tar.xz linux-64aa42338e9a88c139b89797163714f0f95f3c6b.zip |
esp4: Use high-order sequence number bits for IV generation
I noticed we were only using the low-order bits for IV generation
when ESN is enabled. This is very bad because it means that the
IV can repeat. We must use the full 64 bits.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net')
-rw-r--r-- | net/ipv4/esp4.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c index 421a80b09b62..30b544f025ac 100644 --- a/net/ipv4/esp4.c +++ b/net/ipv4/esp4.c @@ -256,7 +256,8 @@ static int esp_output(struct xfrm_state *x, struct sk_buff *skb) aead_givcrypt_set_crypt(req, sg, sg, clen, iv); aead_givcrypt_set_assoc(req, asg, assoclen); aead_givcrypt_set_giv(req, esph->enc_data, - XFRM_SKB_CB(skb)->seq.output.low); + XFRM_SKB_CB(skb)->seq.output.low + + ((u64)XFRM_SKB_CB(skb)->seq.output.hi << 32)); ESP_SKB_CB(skb)->tmp = tmp; err = crypto_aead_givencrypt(req); |