mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-11-24 01:10:54 +07:00
net: macsec: fix the length used to copy the key for offloading
[ Upstream commit 1f7fe5121127e037b86592ba42ce36515ea0e3f7 ]
The key length used when offloading macsec to Ethernet or PHY drivers
was set to MACSEC_KEYID_LEN (16), which is an issue as:
- This was never meant to be the key length.
- The key length can be > 16.
Fix this by using MACSEC_MAX_KEY_LEN to store the key (the max length
accepted in uAPI) and secy->key_len to copy it.
Fixes: 3cf3227a21
("net: macsec: hardware offloading infrastructure")
Reported-by: Lior Nahmanson <liorna@nvidia.com>
Signed-off-by: Antoine Tenart <atenart@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
parent
c764f2d899
commit
711a28d24d
@ -1818,7 +1818,7 @@ static int macsec_add_rxsa(struct sk_buff *skb, struct genl_info *info)
|
||||
ctx.sa.rx_sa = rx_sa;
|
||||
ctx.secy = secy;
|
||||
memcpy(ctx.sa.key, nla_data(tb_sa[MACSEC_SA_ATTR_KEY]),
|
||||
MACSEC_KEYID_LEN);
|
||||
secy->key_len);
|
||||
|
||||
err = macsec_offload(ops->mdo_add_rxsa, &ctx);
|
||||
if (err)
|
||||
@ -2060,7 +2060,7 @@ static int macsec_add_txsa(struct sk_buff *skb, struct genl_info *info)
|
||||
ctx.sa.tx_sa = tx_sa;
|
||||
ctx.secy = secy;
|
||||
memcpy(ctx.sa.key, nla_data(tb_sa[MACSEC_SA_ATTR_KEY]),
|
||||
MACSEC_KEYID_LEN);
|
||||
secy->key_len);
|
||||
|
||||
err = macsec_offload(ops->mdo_add_txsa, &ctx);
|
||||
if (err)
|
||||
|
@ -241,7 +241,7 @@ struct macsec_context {
|
||||
struct macsec_rx_sc *rx_sc;
|
||||
struct {
|
||||
unsigned char assoc_num;
|
||||
u8 key[MACSEC_KEYID_LEN];
|
||||
u8 key[MACSEC_MAX_KEY_LEN];
|
||||
union {
|
||||
struct macsec_rx_sa *rx_sa;
|
||||
struct macsec_tx_sa *tx_sa;
|
||||
|
Loading…
Reference in New Issue
Block a user