[ipsec-next,v3,0/2] IPsec: do not ignore crypto err in ah input

Message ID 1484565476-19371-1-git-send-email-gilad@benyossef.com
Headers show
Series
  • IPsec: do not ignore crypto err in ah input
Related show

Message

Gilad Ben-Yossef Jan. 16, 2017, 11:17 a.m.
ah input processing uses the asynchronous hash crypto API which
supplies an error code as part of the operation completion but
the error code was being ignored.

Treat a crypto API error indication as a verification failure.

While a crypto API reported error would almost certainly result
in a memcpy of the digest failing anyway and thus the security
risk seems minor, performing a memory compare on what might be
uninitialized memory is wrong.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>

CC: Alexander Alemayhu <alexander@alemayhu.com>
---

The change was boot tested on Arm64 but I did not exercise
the specific error code path in question.

Changes from v2:
- Added fix for same problem in IPv6 pointed out by Steffen Klassert

Changes from v1:
- Fixed typo in patch description pointed out by Alexander

Gilad Ben-Yossef (2):
  IPsec: do not ignore crypto err in ah4 input
  IPsec: do not ignore crypto err in ah6 input

 net/ipv4/ah4.c | 3 +++
 net/ipv6/ah6.c | 3 +++
 2 files changed, 6 insertions(+)

-- 
2.1.4

Comments

Steffen Klassert Jan. 16, 2017, 1:27 p.m. | #1
On Mon, Jan 16, 2017 at 01:17:54PM +0200, Gilad Ben-Yossef wrote:
> ah input processing uses the asynchronous hash crypto API which

> supplies an error code as part of the operation completion but

> the error code was being ignored.

> 

> Treat a crypto API error indication as a verification failure.

> 

> While a crypto API reported error would almost certainly result

> in a memcpy of the digest failing anyway and thus the security

> risk seems minor, performing a memory compare on what might be

> uninitialized memory is wrong.

> 

> Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>

> CC: Alexander Alemayhu <alexander@alemayhu.com>


Both applied to ipsec-next, thanks a lot!