macsec: ensure rx_sa is set when validation is disabled

Message ID	1469528693-6578-1-git-send-email-bgalvani@redhat.com
State	Accepted, archived
Delegated to:	David Miller
Headers	show Return-Path: <netdev-owner@vger.kernel.org> From: Beniamino Galvani <bgalvani@redhat.com> To: netdev@vger.kernel.org, "David S. Miller" <davem@davemloft.net> Cc: Sabrina Dubroca <sd@queasysnail.net>, Hannes Frederic Sowa <hannes@stressinduktion.org> Subject: [PATCH] macsec: ensure rx_sa is set when validation is disabled Date: Tue, 26 Jul 2016 12:24:53 +0200 Message-Id: <1469528693-6578-1-git-send-email-bgalvani@redhat.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk

Message ID

1469528693-6578-1-git-send-email-bgalvani@redhat.com

State

Accepted, archived

Delegated to:

David Miller

Headers

From: Beniamino Galvani <bgalvani@redhat.com>
To: netdev@vger.kernel.org, "David S. Miller" <davem@davemloft.net>
Cc: Sabrina Dubroca <sd@queasysnail.net>,
	Hannes Frederic Sowa <hannes@stressinduktion.org>
Subject: [PATCH] macsec: ensure rx_sa is set when validation is disabled
Date: Tue, 26 Jul 2016 12:24:53 +0200
Message-Id: <1469528693-6578-1-git-send-email-bgalvani@redhat.com>
Sender: netdev-owner@vger.kernel.org
Precedence: bulk

Commit Message

Beniamino Galvani July 26, 2016, 10:24 a.m. UTC

macsec_decrypt() is not called when validation is disabled and so
macsec_skb_cb(skb)->rx_sa is not set; but it is used later in
macsec_post_decrypt(), ensure that it's always initialized.

Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
---
 drivers/net/macsec.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comments

Sabrina Dubroca July 26, 2016, 11:26 a.m. UTC | #1

2016-07-26, 12:24:53 +0200, Beniamino Galvani wrote:
> macsec_decrypt() is not called when validation is disabled and so
> macsec_skb_cb(skb)->rx_sa is not set; but it is used later in
> macsec_post_decrypt(), ensure that it's always initialized.
> 
> Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
> ---
>  drivers/net/macsec.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)

This patch should go in the 'net' tree.

Fixes: c09440f7dcb3 ("macsec: introduce IEEE 802.1AE driver")
Acked-by: Sabrina Dubroca <sd@queasysnail.net>

David Miller July 26, 2016, 9:28 p.m. UTC | #2

From: Beniamino Galvani <bgalvani@redhat.com>
Date: Tue, 26 Jul 2016 12:24:53 +0200

> macsec_decrypt() is not called when validation is disabled and so
> macsec_skb_cb(skb)->rx_sa is not set; but it is used later in
> macsec_post_decrypt(), ensure that it's always initialized.
> 
> Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>

Applied and queued up for -stable.

diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c
index 8bcd78f..a70b6c4 100644
--- a/drivers/net/macsec.c
+++ b/drivers/net/macsec.c
@@ -942,7 +942,6 @@  static struct sk_buff *macsec_decrypt(struct sk_buff *skb,
 	}
 
 	macsec_skb_cb(skb)->req = req;
-	macsec_skb_cb(skb)->rx_sa = rx_sa;
 	skb->dev = dev;
 	aead_request_set_callback(req, 0, macsec_decrypt_done, skb);
 
@@ -1169,6 +1168,8 @@  static rx_handler_result_t macsec_handle_frame(struct sk_buff **pskb)
 		}
 	}
 
+	macsec_skb_cb(skb)->rx_sa = rx_sa;
+
 	/* Disabled && !changed text => skip validation */
 	if (hdr->tci_an & MACSEC_TCI_C ||
 	    secy->validate_frames != MACSEC_VALIDATE_DISABLED)

macsec: ensure rx_sa is set when validation is disabled

Commit Message

Comments

Patch