esp4: Fix integrity verification when ESN are used

commit 7c7fedd51c02f4418e8b2eed64bdab601f882aa4 upstream. When handling inbound packets, the two halves of the sequence number stored on the skb are already in network order. Fixes: 7021b2e1cddd ("esp4: Switch to new AEAD interface") Signed-off-by: Tobias Brunner <tobias@strongswan.org> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Tobias Brunner <tobias@strongswan.org> 2016-11-29 17:05:20 +0100
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2016-12-10 19:07:26 +0100
commit: 3bf28ce9c7499477aff4e6ecf07071978c2cabcf (patch)
tree: 488f9d8659201a4ecb37f8caa4677de40b5f4f65
parent: 2176ec1c82eae70a9d43a974455d9bfe3dcd7bd2 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c
index d95631d09248..20fb25e3027b 100644
--- a/net/ipv4/esp4.c
+++ b/net/ipv4/esp4.c
@@ -476,7 +476,7 @@ static int esp_input(struct xfrm_state *x, struct sk_buff *skb)
 		esph = (void *)skb_push(skb, 4);
 		*seqhi = esph->spi;
 		esph->spi = esph->seq_no;
-		esph->seq_no = htonl(XFRM_SKB_CB(skb)->seq.input.hi);
+		esph->seq_no = XFRM_SKB_CB(skb)->seq.input.hi;
 		aead_request_set_callback(req, 0, esp_input_done_esn, skb);
 	}
author	Tobias Brunner <tobias@strongswan.org>	2016-11-29 17:05:20 +0100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2016-12-10 19:07:26 +0100
commit	3bf28ce9c7499477aff4e6ecf07071978c2cabcf (patch)
tree	488f9d8659201a4ecb37f8caa4677de40b5f4f65
parent	2176ec1c82eae70a9d43a974455d9bfe3dcd7bd2 (diff)