[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1484565476-19371-1-git-send-email-gilad@benyossef.com>
Date: Mon, 16 Jan 2017 13:17:54 +0200
From: Gilad Ben-Yossef <gilad@...yossef.com>
To: steffen.klassert@...unet.com, herbert@...dor.apana.org.au,
davem@...emloft.net, netdev@...r.kernel.org
Cc: ofir.drang@....com, gilad.benyossef@....com,
Alexander Alemayhu <alexander@...mayhu.com>
Subject: [PATCH ipsec-next v3 0/2] IPsec: do not ignore crypto err in ah input
ah input processing uses the asynchronous hash crypto API which
supplies an error code as part of the operation completion but
the error code was being ignored.
Treat a crypto API error indication as a verification failure.
While a crypto API reported error would almost certainly result
in a memcpy of the digest failing anyway and thus the security
risk seems minor, performing a memory compare on what might be
uninitialized memory is wrong.
Signed-off-by: Gilad Ben-Yossef <gilad@...yossef.com>
CC: Alexander Alemayhu <alexander@...mayhu.com>
---
The change was boot tested on Arm64 but I did not exercise
the specific error code path in question.
Changes from v2:
- Added fix for same problem in IPv6 pointed out by Steffen Klassert
Changes from v1:
- Fixed typo in patch description pointed out by Alexander
Gilad Ben-Yossef (2):
IPsec: do not ignore crypto err in ah4 input
IPsec: do not ignore crypto err in ah6 input
net/ipv4/ah4.c | 3 +++
net/ipv6/ah6.c | 3 +++
2 files changed, 6 insertions(+)
--
2.1.4
Powered by blists - more mailing lists