esp4: Use high-order sequence number bits for IV generation

Message ID	20150513072610.GA27424@gondor.apana.org.au
State	Awaiting Upstream, archived
Delegated to:	David Miller
Headers	show Return-Path: <netdev-owner@vger.kernel.org> Date: Wed, 13 May 2015 15:26:10 +0800 From: Herbert Xu <herbert@gondor.apana.org.au> To: Steffen Klassert <steffen.klassert@secunet.com>, netdev@vger.kernel.org Subject: esp4: Use high-order sequence number bits for IV generation Message-ID: <20150513072610.GA27424@gondor.apana.org.au> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) Sender: netdev-owner@vger.kernel.org Precedence: bulk

Message ID

20150513072610.GA27424@gondor.apana.org.au

State

Awaiting Upstream, archived

Delegated to:

David Miller

Headers

Date: Wed, 13 May 2015 15:26:10 +0800
From: Herbert Xu <herbert@gondor.apana.org.au>
To: Steffen Klassert <steffen.klassert@secunet.com>, netdev@vger.kernel.org
Subject: esp4: Use high-order sequence number bits for IV generation
Message-ID: <20150513072610.GA27424@gondor.apana.org.au>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: netdev-owner@vger.kernel.org
Precedence: bulk

I noticed we were only using the low-order bits for IV generation when ESN is enabled. This is very bad because it means that the IV can repeat. We must use the full 64 bits. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Comments

Steffen Klassert May 13, 2015, 10:18 a.m. UTC | #1

On Wed, May 13, 2015 at 03:26:10PM +0800, Herbert Xu wrote:
> I noticed we were only using the low-order bits for IV generation
> when ESN is enabled.  This is very bad because it means that the
> IV can repeat.  We must use the full 64 bits.

Ugh. This is bad, indeed.

> 
> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Patch applied to the ipsec tree, thanks!
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c
index 421a80b..30b544f 100644
--- a/net/ipv4/esp4.c
+++ b/net/ipv4/esp4.c
@@ -256,7 +256,8 @@  static int esp_output(struct xfrm_state *x, struct sk_buff *skb)
 	aead_givcrypt_set_crypt(req, sg, sg, clen, iv);
 	aead_givcrypt_set_assoc(req, asg, assoclen);
 	aead_givcrypt_set_giv(req, esph->enc_data,
-			      XFRM_SKB_CB(skb)->seq.output.low);
+			      XFRM_SKB_CB(skb)->seq.output.low +
+			      ((u64)XFRM_SKB_CB(skb)->seq.output.hi << 32));
 
 	ESP_SKB_CB(skb)->tmp = tmp;
 	err = crypto_aead_givencrypt(req);

esp4: Use high-order sequence number bits for IV generation

Commit Message

Comments

Patch