| From foo@baz Thu Nov 9 09:48:01 CET 2017 |
| From: Gilad Ben-Yossef <gilad@benyossef.com> |
| Date: Mon, 16 Jan 2017 13:17:55 +0200 |
| Subject: IPsec: do not ignore crypto err in ah4 input |
| |
| From: Gilad Ben-Yossef <gilad@benyossef.com> |
| |
| |
| [ Upstream commit ebd89a2d0675f1325c2be5b7576fd8cb7e8defd0 ] |
| |
| ah4 input processing uses the asynchronous hash crypto API which |
| supplies an error code as part of the operation completion but |
| the error code was being ignored. |
| |
| Treat a crypto API error indication as a verification failure. |
| |
| While a crypto API reported error would almost certainly result |
| in a memcpy of the digest failing anyway and thus the security |
| risk seems minor, performing a memory compare on what might be |
| uninitialized memory is wrong. |
| |
| Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> |
| Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> |
| Signed-off-by: Sasha Levin <alexander.levin@verizon.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| net/ipv4/ah4.c | 3 +++ |
| 1 file changed, 3 insertions(+) |
| |
| --- a/net/ipv4/ah4.c |
| +++ b/net/ipv4/ah4.c |
| @@ -270,6 +270,9 @@ static void ah_input_done(struct crypto_ |
| int ihl = ip_hdrlen(skb); |
| int ah_hlen = (ah->hdrlen + 2) << 2; |
| |
| + if (err) |
| + goto out; |
| + |
| work_iph = AH_SKB_CB(skb)->tmp; |
| auth_data = ah_tmp_auth(work_iph, ihl); |
| icv = ah_tmp_icv(ahp->ahash, auth_data, ahp->icv_trunc_len); |
