diff mbox series

[5.4,69/70] net/tls: Fix authentication failure in CCM mode

Message ID	20211206145554.338303123@linuxfoundation.org
State	New
Headers	show Return-Path: <stable-owner@kernel.org> From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>, stable@vger.kernel.org, Tianjia Zhang <tianjia.zhang@linux.alibaba.com>, Vakul Garg <vakul.garg@nxp.com>, "David S. Miller" <davem@davemloft.net> Subject: [PATCH 5.4 69/70] net/tls: Fix authentication failure in CCM mode Date: Mon, 6 Dec 2021 15:57:13 +0100 Message-Id: <20211206145554.338303123@linuxfoundation.org> In-Reply-To: <20211206145551.909846023@linuxfoundation.org> References: <20211206145551.909846023@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	None \| expand [5.4,02/70] of: clk: Make <linux/of_clk.h> self-contained [5.4,03/70] arm64: dts: mcbin: support 2W SFP modules [5.4,04/70] can: j1939: j1939_tp_cmd_recv(): check the dst address of TP.CM_BAM [5.4,05/70] gfs2: Fix length of holes reported at end-of-file [5.4,06/70] drm/sun4i: fix unmet dependency on RESET_CONTROLLER for PHY_SUN6I_MIPI_DPHY [5.4,07/70] mac80211: do not access the IV when it was stripped [5.4,08/70] net/smc: Transfer remaining wait queue entries during fallback [5.4,09/70] atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait [5.4,10/70] net: return correct error code [5.4,11/70] platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep [5.4,12/70] s390/setup: avoid using memblock_enforce_memory_limit [5.4,13/70] btrfs: check-integrity: fix a warning on write caching disabled disk [5.4,14/70] thermal: core: Reset previous low and high trip during thermal zone init [5.4,15/70] scsi: iscsi: Unblock session then wake up error handler [5.4,16/70] ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile [5.4,17/70] ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge... [5.4,18/70] net: tulip: de4x5: fix the problem that the array lp->phy[8] may be out of bound [5.4,19/70] net: ethernet: dec: tulip: de4x5: fix possible array overflows in type3_infoblock() [5.4,20/70] perf hist: Fix memory leak of a perf_hpp_fmt [5.4,21/70] perf report: Fix memory leaks around perf_tip() [5.4,22/70] net/smc: Avoid warning of possible recursive locking [5.4,23/70] vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit [5.4,24/70] kprobes: Limit max data_size of the kretprobe instances [5.4,25/70] rt2x00: do not mark device gone on EPROTO errors during start [5.4,26/70] ipmi: Move remove_work to dedicated workqueue [5.4,27/70] cpufreq: Fix get_cpu_device() failure in add_cpu_dev_symlink() [5.4,28/70] s390/pci: move pseudo-MMIO to prevent MIO overlap [5.4,29/70] fget: check that the fd still exists after getting a ref to it [5.4,30/70] sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl [5.4,31/70] sata_fsl: fix warning in remove_proc_entry when rmmod sata_fsl [5.4,32/70] i2c: stm32f7: flush TX FIFO upon transfer errors [5.4,33/70] i2c: stm32f7: recover the bus on access timeout [5.4,34/70] i2c: stm32f7: stop dma transfer in case of NACK [5.4,35/70] i2c: cbus-gpio: set atomic transfer callback [5.4,36/70] natsemi: xtensa: fix section mismatch warnings [5.4,37/70] net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() [5.4,38/70] net: mpls: Fix notifications when deleting a device [5.4,39/70] siphash: use _unaligned version by default [5.4,40/70] net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() [5.4,41/70] selftests: net: Correct case name [5.4,42/70] rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() [5.4,43/70] net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no IRQ is avail... [5.4,44/70] net: marvell: mvpp2: Fix the computation of shared CPUs [5.4,45/70] net: annotate data-races on txq->xmit_lock_owner [5.4,46/70] ipv4: convert fib_num_tclassid_users to atomic_t [5.4,47/70] net/rds: correct socket tunable error in rds_tcp_tune() [5.4,48/70] net/smc: Keep smc_close_final rc during active close [5.4,49/70] drm/msm: Do hw_init() before capturing GPU state [5.4,50/70] ipv6: fix memory leak in fib6_rule_suppress [5.4,51/70] KVM: x86/pmu: Fix reserved bits for AMD PerfEvtSeln register [5.4,52/70] sched/uclamp: Fix rq->uclamp_max not set on first enqueue [5.4,53/70] parisc: Fix KBUILD_IMAGE for self-extracting kernel [5.4,54/70] parisc: Fix "make install" on newer debian releases [5.4,55/70] vgacon: Propagate console boot parameters before calling `vc_resize [5.4,56/70] xhci: Fix commad ring abort, write all 64 bits to CRCR register. [5.4,57/70] USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub [5.4,58/70] usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect [5.4,59/70] x86/tsc: Add a timer to make sure TSC_adjust is always checked [5.4,60/70] x86/tsc: Disable clocksource watchdog for TSC on qualified platorms [5.4,61/70] x86/64/mm: Map all kernel memory into trampoline_pgd [5.4,62/70] tty: serial: msm_serial: Deactivate RX DMA for polling support [5.4,63/70] serial: pl011: Add ACPI SBSA UART match id [5.4,64/70] serial: core: fix transmit-buffer reset and memleak [5.4,65/70] serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array [5.4,66/70] serial: 8250_pci: rewrite pericom_do_set_divisor() [5.4,67/70] iwlwifi: mvm: retry init flow if failed [5.4,68/70] parisc: Mark cr16 CPU clocksource unstable on all SMP machines [5.4,69/70] net/tls: Fix authentication failure in CCM mode [5.4,70/70] ipmi: msghandler: Make symbol remove_work_wq static

Commit Message

Greg Kroah-Hartman Dec. 6, 2021, 2:57 p.m. UTC

From: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>

commit 5961060692f8b17cd2080620a3d27b95d2ae05ca upstream.

When the TLS cipher suite uses CCM mode, including AES CCM and
SM4 CCM, the first byte of the B0 block is flags, and the real
IV starts from the second byte. The XOR operation of the IV and
rec_seq should be skip this byte, that is, add the iv_offset.

Fixes: f295b3ae9f59 ("net/tls: Add support of AES128-CCM based ciphers")
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Cc: Vakul Garg <vakul.garg@nxp.com>
Cc: stable@vger.kernel.org # v5.2+
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 net/tls/tls_sw.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff mbox series

Patch

--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -512,7 +512,7 @@  static int tls_do_encryption(struct sock
 	memcpy(&rec->iv_data[iv_offset], tls_ctx->tx.iv,
 	       prot->iv_size + prot->salt_size);
 
-	xor_iv_with_seq(prot->version, rec->iv_data, tls_ctx->tx.rec_seq);
+	xor_iv_with_seq(prot->version, rec->iv_data + iv_offset, tls_ctx->tx.rec_seq);
 
 	sge->offset += prot->prepend_size;
 	sge->length -= prot->prepend_size;
@@ -1483,7 +1483,7 @@  static int decrypt_internal(struct sock
 	else
 		memcpy(iv + iv_offset, tls_ctx->rx.iv, prot->salt_size);
 
-	xor_iv_with_seq(prot->version, iv, tls_ctx->rx.rec_seq);
+	xor_iv_with_seq(prot->version, iv + iv_offset, tls_ctx->rx.rec_seq);
 
 	/* Prepare AAD */
 	tls_make_aad(aad, rxm->full_len - prot->overhead_size +