From patchwork Tue Nov 29 16:05:25 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tobias Brunner <tobias@strongswan.org>
X-Patchwork-Id: 700625
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 3tSpTx2C00z9t1B
	for <patchwork-incoming@ozlabs.org>;
	Wed, 30 Nov 2016 03:12:21 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751015AbcK2QMQ (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Tue, 29 Nov 2016 11:12:16 -0500
Received: from sitav-80046.hsr.ch ([152.96.80.46]:42401 "EHLO
	mail.strongswan.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751223AbcK2QMJ (ORCPT
	<rfc822;netdev@vger.kernel.org>); Tue, 29 Nov 2016 11:12:09 -0500
Received: from [192.168.2.100] (pub082136097193.dh-hfc.datazug.ch
	[82.136.97.193])
	by mail.strongswan.org (Postfix) with ESMTPSA id AC74540222;
	Tue, 29 Nov 2016 17:05:39 +0100 (CET)
To: "David S. Miller" <davem@davemloft.net>,
	Herbert Xu <herbert@gondor.apana.org.au>
From: Tobias Brunner <tobias@strongswan.org>
Subject: [PATCH net 2/2] esp6: Fix integrity verification when ESN are used
Cc: Steffen Klassert <steffen.klassert@secunet.com>, netdev@vger.kernel.org
Message-ID: <f3c5eaa5-d1a3-cc7a-1bd8-20fa2c961770@strongswan.org>
Date: Tue, 29 Nov 2016 17:05:25 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
	Thunderbird/45.4.0
MIME-Version: 1.0
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

When handling inbound packets, the two halves of the sequence number
stored on the skb are already in network order.

Fixes: 000ae7b2690e ("esp6: Switch to new AEAD interface")
Signed-off-by: Tobias Brunner <tobias@strongswan.org>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
---
 net/ipv6/esp6.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c
index 060a60b2f8a6..111ba55fd512 100644
--- a/net/ipv6/esp6.c
+++ b/net/ipv6/esp6.c
@@ -418,7 +418,7 @@ static int esp6_input(struct xfrm_state *x, struct sk_buff *skb)
 		esph = (void *)skb_push(skb, 4);
 		*seqhi = esph->spi;
 		esph->spi = esph->seq_no;
-		esph->seq_no = htonl(XFRM_SKB_CB(skb)->seq.input.hi);
+		esph->seq_no = XFRM_SKB_CB(skb)->seq.input.hi;
 		aead_request_set_callback(req, 0, esp_input_done_esn, skb);
 	}