diff options
| author | Herbert Xu <herbert@gondor.apana.org.au> | 2015-05-13 03:27:18 -0400 |
|---|---|---|
| committer | Steffen Klassert <steffen.klassert@secunet.com> | 2015-05-13 03:34:54 -0400 |
| commit | 6d7258ca937027ae86d6d5938d7ae10b6d68f4a4 (patch) | |
| tree | 2e7d96cc6907f5e7468910f33f98377b2afbe55e /net | |
| parent | 64aa42338e9a88c139b89797163714f0f95f3c6b (diff) | |
esp6: Use high-order sequence number bits for IV generation
I noticed we were only using the low-order bits for IV generation
when ESN is enabled. This is very bad because it means that the
IV can repeat. We must use the full 64 bits.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net')
| -rw-r--r-- | net/ipv6/esp6.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c index 31f1b5d5e2ef..7c07ce36aae2 100644 --- a/net/ipv6/esp6.c +++ b/net/ipv6/esp6.c | |||
| @@ -248,7 +248,8 @@ static int esp6_output(struct xfrm_state *x, struct sk_buff *skb) | |||
| 248 | aead_givcrypt_set_crypt(req, sg, sg, clen, iv); | 248 | aead_givcrypt_set_crypt(req, sg, sg, clen, iv); |
| 249 | aead_givcrypt_set_assoc(req, asg, assoclen); | 249 | aead_givcrypt_set_assoc(req, asg, assoclen); |
| 250 | aead_givcrypt_set_giv(req, esph->enc_data, | 250 | aead_givcrypt_set_giv(req, esph->enc_data, |
| 251 | XFRM_SKB_CB(skb)->seq.output.low); | 251 | XFRM_SKB_CB(skb)->seq.output.low + |
| 252 | ((u64)XFRM_SKB_CB(skb)->seq.output.hi << 32)); | ||
| 252 | 253 | ||
| 253 | ESP_SKB_CB(skb)->tmp = tmp; | 254 | ESP_SKB_CB(skb)->tmp = tmp; |
| 254 | err = crypto_aead_givencrypt(req); | 255 | err = crypto_aead_givencrypt(req); |