esp6: Fix integrity verification when ESN are used

commit a55e23864d381c5a4ef110df94b00b2fe121a70d upstream. When handling inbound packets, the two halves of the sequence number stored on the skb are already in network order. Fixes: 000ae7b2690e ("esp6: Switch to new AEAD interface") Signed-off-by: Tobias Brunner <tobias@strongswan.org> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Tobias Brunner <tobias@strongswan.org> 2016-11-29 17:05:25 +0100
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2016-12-10 19:07:26 +0100
commit: 52783ada69b4741cf0122bd593493cc6c3217b9b (patch)
tree: 88b41e037a4fccd5c00b4402cbfbdd2e5575bd29
parent: 3bf28ce9c7499477aff4e6ecf07071978c2cabcf (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c
index 060a60b2f8a6..111ba55fd512 100644
--- a/net/ipv6/esp6.c
+++ b/net/ipv6/esp6.c
@@ -418,7 +418,7 @@ static int esp6_input(struct xfrm_state *x, struct sk_buff *skb)
 		esph = (void *)skb_push(skb, 4);
 		*seqhi = esph->spi;
 		esph->spi = esph->seq_no;
-		esph->seq_no = htonl(XFRM_SKB_CB(skb)->seq.input.hi);
+		esph->seq_no = XFRM_SKB_CB(skb)->seq.input.hi;
 		aead_request_set_callback(req, 0, esp_input_done_esn, skb);
 	}
author	Tobias Brunner <tobias@strongswan.org>	2016-11-29 17:05:25 +0100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2016-12-10 19:07:26 +0100
commit	52783ada69b4741cf0122bd593493cc6c3217b9b (patch)
tree	88b41e037a4fccd5c00b4402cbfbdd2e5575bd29
parent	3bf28ce9c7499477aff4e6ecf07071978c2cabcf (diff)