From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Cc: "David S. Miller" <davem@davemloft.net>,
Vakul Garg <vakul.garg@nxp.com>,
stable@vger.kernel.org
Subject: Re: [PATCH stable 5.10] net/tls: Fix authentication failure in CCM mode
Date: Mon, 6 Dec 2021 13:58:21 +0100 [thread overview]
Message-ID: <Ya4I7XTQyqiqwoVZ@kroah.com> (raw)
In-Reply-To: <20211206093536.129211-1-tianjia.zhang@linux.alibaba.com>
On Mon, Dec 06, 2021 at 05:35:36PM +0800, Tianjia Zhang wrote:
> commit 5961060692f8b17cd2080620a3d27b95d2ae05ca upstream.
>
> When the TLS cipher suite uses CCM mode, including AES CCM and
> SM4 CCM, the first byte of the B0 block is flags, and the real
> IV starts from the second byte. The XOR operation of the IV and
> rec_seq should be skip this byte, that is, add the iv_offset.
>
> Fixes: f295b3ae9f59 ("net/tls: Add support of AES128-CCM based ciphers")
> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
> Cc: Vakul Garg <vakul.garg@nxp.com>
> Cc: stable@vger.kernel.org # v5.2+
> Signed-off-by: David S. Miller <davem@davemloft.net>
> ---
> net/tls/tls_sw.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
> index 122d5daed8b6..8cd011ea9fbb 100644
> --- a/net/tls/tls_sw.c
> +++ b/net/tls/tls_sw.c
> @@ -515,7 +515,7 @@ static int tls_do_encryption(struct sock *sk,
> memcpy(&rec->iv_data[iv_offset], tls_ctx->tx.iv,
> prot->iv_size + prot->salt_size);
>
> - xor_iv_with_seq(prot->version, rec->iv_data, tls_ctx->tx.rec_seq);
> + xor_iv_with_seq(prot->version, rec->iv_data + iv_offset, tls_ctx->tx.rec_seq);
>
> sge->offset += prot->prepend_size;
> sge->length -= prot->prepend_size;
> @@ -1487,7 +1487,7 @@ static int decrypt_internal(struct sock *sk, struct sk_buff *skb,
> else
> memcpy(iv + iv_offset, tls_ctx->rx.iv, prot->salt_size);
>
> - xor_iv_with_seq(prot->version, iv, tls_ctx->rx.rec_seq);
> + xor_iv_with_seq(prot->version, iv + iv_offset, tls_ctx->rx.rec_seq);
>
> /* Prepare AAD */
> tls_make_aad(aad, rxm->full_len - prot->overhead_size +
> --
> 2.19.1.3.ge56e4f7
>
Both backports now queued up, thanks.
greg k-h
prev parent reply other threads:[~2021-12-06 12:58 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-04 10:27 FAILED: patch "[PATCH] net/tls: Fix authentication failure in CCM mode" failed to apply to 5.10-stable tree gregkh
2021-12-06 9:35 ` [PATCH stable 5.10] net/tls: Fix authentication failure in CCM mode Tianjia Zhang
2021-12-06 12:58 ` Greg Kroah-Hartman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Ya4I7XTQyqiqwoVZ@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=davem@davemloft.net \
--cc=stable@vger.kernel.org \
--cc=tianjia.zhang@linux.alibaba.com \
--cc=vakul.garg@nxp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox