| developer | 7e32f7e | 2022-05-18 21:10:08 +0800 | [diff] [blame] | 1 | From 1f7fe5121127e037b86592ba42ce36515ea0e3f7 Mon Sep 17 00:00:00 2001 |
| 2 | From: Antoine Tenart <atenart@kernel.org> |
| 3 | Date: Thu, 24 Jun 2021 11:38:28 +0200 |
| 4 | Subject: net: macsec: fix the length used to copy the key for offloading |
| 5 | |
| 6 | The key length used when offloading macsec to Ethernet or PHY drivers |
| 7 | was set to MACSEC_KEYID_LEN (16), which is an issue as: |
| 8 | - This was never meant to be the key length. |
| 9 | - The key length can be > 16. |
| 10 | |
| 11 | Fix this by using MACSEC_MAX_KEY_LEN to store the key (the max length |
| 12 | accepted in uAPI) and secy->key_len to copy it. |
| 13 | |
| 14 | Fixes: 3cf3227a21d1 ("net: macsec: hardware offloading infrastructure") |
| 15 | Reported-by: Lior Nahmanson <liorna@nvidia.com> |
| 16 | Signed-off-by: Antoine Tenart <atenart@kernel.org> |
| 17 | Signed-off-by: David S. Miller <davem@davemloft.net> |
| 18 | --- |
| 19 | drivers/net/macsec.c | 4 ++-- |
| 20 | include/net/macsec.h | 2 +- |
| 21 | 2 files changed, 3 insertions(+), 3 deletions(-) |
| 22 | |
| 23 | diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c |
| 24 | index 92425e1fd70c0..93dc48b9b4f24 100644 |
| 25 | --- a/drivers/net/macsec.c |
| 26 | +++ b/drivers/net/macsec.c |
| 27 | @@ -1819,7 +1819,7 @@ static int macsec_add_rxsa(struct sk_buff *skb, struct genl_info *info) |
| 28 | ctx.sa.rx_sa = rx_sa; |
| 29 | ctx.secy = secy; |
| 30 | memcpy(ctx.sa.key, nla_data(tb_sa[MACSEC_SA_ATTR_KEY]), |
| 31 | - MACSEC_KEYID_LEN); |
| 32 | + secy->key_len); |
| 33 | |
| 34 | err = macsec_offload(ops->mdo_add_rxsa, &ctx); |
| 35 | if (err) |
| 36 | @@ -2061,7 +2061,7 @@ static int macsec_add_txsa(struct sk_buff *skb, struct genl_info *info) |
| 37 | ctx.sa.tx_sa = tx_sa; |
| 38 | ctx.secy = secy; |
| 39 | memcpy(ctx.sa.key, nla_data(tb_sa[MACSEC_SA_ATTR_KEY]), |
| 40 | - MACSEC_KEYID_LEN); |
| 41 | + secy->key_len); |
| 42 | |
| 43 | err = macsec_offload(ops->mdo_add_txsa, &ctx); |
| 44 | if (err) |
| 45 | diff --git a/include/net/macsec.h b/include/net/macsec.h |
| 46 | index 52874cdfe2260..d6fa6b97f6efa 100644 |
| 47 | --- a/include/net/macsec.h |
| 48 | +++ b/include/net/macsec.h |
| 49 | @@ -241,7 +241,7 @@ struct macsec_context { |
| 50 | struct macsec_rx_sc *rx_sc; |
| 51 | struct { |
| 52 | unsigned char assoc_num; |
| 53 | - u8 key[MACSEC_KEYID_LEN]; |
| 54 | + u8 key[MACSEC_MAX_KEY_LEN]; |
| 55 | union { |
| 56 | struct macsec_rx_sa *rx_sa; |
| 57 | struct macsec_tx_sa *tx_sa; |
| 58 | -- |
| 59 | cgit 1.2.3-1.el7 |
| 60 | |