esp4: Use high-order sequence number bits for IV generation

I noticed we were only using the low-order bits for IV generation when ESN is enabled. This is very bad because it means that the IV can repeat. We must use the full 64 bits. Signed-off-by: N Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: N Steffen Klassert <steffen.klassert@secunet.com>

esp4: Use high-order sequence number bits for IV generation
I noticed we were only using the low-order bits for IV generation when ESN is enabled. This is very bad because it means that the IV can repeat. We must use the full 64 bits. Signed-off-by: N Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: N Steffen Klassert <steffen.klassert@secunet.com>
64aa4233 · Herbert Xu · Steffen Klassert · bdddbf69 · 64aa4233
隐藏空白更改
内联并排

Showing with 2 addition and 1 deletion

net/ipv4/esp4.c net/ipv4/esp4.c +2 -1

未找到文件。
--- a/net/ipv4/esp4.c
+++ b/net/ipv4/esp4.c
@@ -256,7 +256,8 @@ static int esp_output(struct xfrm_state *x, struct sk_buff *skb)
 	aead_givcrypt_set_crypt(req, sg, sg, clen, iv);
 	aead_givcrypt_set_assoc(req, asg, assoclen);
 	aead_givcrypt_set_giv(req, esph->enc_data,
-			      XFRM_SKB_CB(skb)->seq.output.low);
+			      XFRM_SKB_CB(skb)->seq.output.low +
+			      ((u64)XFRM_SKB_CB(skb)->seq.output.hi << 32));

 	ESP_SKB_CB(skb)->tmp = tmp;
 	err = crypto_aead_givencrypt(req);