esp6: Fix integrity verification when ESN are used

commit a55e23864d381c5a4ef110df94b00b2fe121a70d upstream. When handling inbound packets, the two halves of the sequence number stored on the skb are already in network order. Fixes: 000ae7b2690e ("esp6: Switch to new AEAD interface") Signed-off-by: Tobias Brunner <tobias@strongswan.org> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Tobias Brunner <tobias@strongswan.org> 2016-11-29 17:05:25 +0100
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2016-12-10 19:09:44 +0100
commit: 1670d1584701d691db9a8bbabc5c54e0428eb56c (patch)
tree: ba6b08b39ade8362c24600d1b984bced996d004e
parent: b3e9d498293926d96446d04696e044a900b1fa1f (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c
index 060a60b2f8a6..111ba55fd512 100644
--- a/net/ipv6/esp6.c
+++ b/net/ipv6/esp6.c
@@ -418,7 +418,7 @@ static int esp6_input(struct xfrm_state *x, struct sk_buff *skb)
 		esph = (void *)skb_push(skb, 4);
 		*seqhi = esph->spi;
 		esph->spi = esph->seq_no;
-		esph->seq_no = htonl(XFRM_SKB_CB(skb)->seq.input.hi);
+		esph->seq_no = XFRM_SKB_CB(skb)->seq.input.hi;
 		aead_request_set_callback(req, 0, esp_input_done_esn, skb);
 	}
author	Tobias Brunner <tobias@strongswan.org>	2016-11-29 17:05:25 +0100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2016-12-10 19:09:44 +0100
commit	1670d1584701d691db9a8bbabc5c54e0428eb56c (patch)
tree	ba6b08b39ade8362c24600d1b984bced996d004e
parent	b3e9d498293926d96446d04696e044a900b1fa1f (diff)