Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp2829383pxv; Mon, 12 Jul 2021 02:59:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwkn01GL9/g34tbfCQCz80rCw5P8z9Wk62EVjaVVWq5Pgap2fFRXnTgqpSdXiJEpaNeVuqP X-Received: by 2002:a5e:9703:: with SMTP id w3mr38693746ioj.118.1626083983825; Mon, 12 Jul 2021 02:59:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1626083983; cv=none; d=google.com; s=arc-20160816; b=kJtSS9DoULfp8Kj+S/+tOt29znn7fcC1Qp37Tm6Fv2Rmhy5Gl77mLABZbbP1iZBTcZ XTmZeUDtMguTqNKWQtvnd70RFuqxeml/LqeBF2lai9XkslkA5K5hQ/Ktqdh/xLRa+0fx L/v7ODE4VDcmn0LUVE7cMYmH6QccNjfTXrn36SjWJf8vWXWjpZlC1QFD63XPhm1H0yc9 obPnwuX1HvrABWdw07/U3JyHUE/taZz21O3yCKE2955srnlz8VG84aqdRNBdPLMoik+m YLk2gc1FrDct3h25vYO7tj30V7e5biI/LROQ83gcyvLYr6qPlYTRV4K+jiqj5VujCRYh T/Qw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=JOTl6V8yZw8rvGp6cBUXFsTcHw/6xPba/6gUea4E7bs=; b=NanfkLi1FT9/1pP/fp6JUxSEYGws86ApgKz9mxhBBgoWROvgbiC25K5hQxcj7p5ZBe nP0L6rA0V2EX/jI/sRNmTzSgSvyl585jXWOOr5iqARwdhAct054eNByMnMVOEBtcFtpq rpN9SGl8AVXSRI0rbVc1nCicMB6cE0NYiUIfd03DHDLSEFx2rnw96khmKEKA9+ISNI1o 3S7lxwdh0ZwkIz9oYnZMlD49O3KBJ0usE/2bfBpHiC9nbj4UcOP4VGv409ncUu2ufID4 0arubsAoApTBo6yYNuKGZj44giI7+EYg2G9fggNN2Gaj4NSZkPonqEK6FwOed3TR7T6f gqfg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=HwtmcFWt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w10si17860285jad.45.2021.07.12.02.59.32; Mon, 12 Jul 2021 02:59:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=HwtmcFWt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242092AbhGLHGP (ORCPT + 99 others); Mon, 12 Jul 2021 03:06:15 -0400 Received: from mail.kernel.org ([198.145.29.99]:41756 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236581AbhGLGrj (ORCPT ); Mon, 12 Jul 2021 02:47:39 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id B925E611CD; Mon, 12 Jul 2021 06:43:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1626072215; bh=0XxLR067xjdj3N3B0PBqMxIOrZIeoZWBRiaOTylEpz4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=HwtmcFWtEy/y+zPa5rXct1OtDDLIRtHMaHX1yMLt4meYPLNnSDhUrLRkKOUJp5ndl HN1eA9EdHqKrIe8d2oYKZhDs4S3/OTUYCTpQTRAgcejMoaKqq0veZDUHrBkOBVWQVH T1arXoD/RyTBdxG3Qs900rriMzlsA375Q6Tfevy4= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Lior Nahmanson , Antoine Tenart , "David S. Miller" , Sasha Levin Subject: [PATCH 5.10 403/593] net: macsec: fix the length used to copy the key for offloading Date: Mon, 12 Jul 2021 08:09:23 +0200 Message-Id: <20210712060932.012759405@linuxfoundation.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210712060843.180606720@linuxfoundation.org> References: <20210712060843.180606720@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Antoine Tenart [ Upstream commit 1f7fe5121127e037b86592ba42ce36515ea0e3f7 ] The key length used when offloading macsec to Ethernet or PHY drivers was set to MACSEC_KEYID_LEN (16), which is an issue as: - This was never meant to be the key length. - The key length can be > 16. Fix this by using MACSEC_MAX_KEY_LEN to store the key (the max length accepted in uAPI) and secy->key_len to copy it. Fixes: 3cf3227a21d1 ("net: macsec: hardware offloading infrastructure") Reported-by: Lior Nahmanson Signed-off-by: Antoine Tenart Signed-off-by: David S. Miller Signed-off-by: Sasha Levin --- drivers/net/macsec.c | 4 ++-- include/net/macsec.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index 11ca5fa902a1..c601d3df2722 100644 --- a/drivers/net/macsec.c +++ b/drivers/net/macsec.c @@ -1818,7 +1818,7 @@ static int macsec_add_rxsa(struct sk_buff *skb, struct genl_info *info) ctx.sa.rx_sa = rx_sa; ctx.secy = secy; memcpy(ctx.sa.key, nla_data(tb_sa[MACSEC_SA_ATTR_KEY]), - MACSEC_KEYID_LEN); + secy->key_len); err = macsec_offload(ops->mdo_add_rxsa, &ctx); if (err) @@ -2060,7 +2060,7 @@ static int macsec_add_txsa(struct sk_buff *skb, struct genl_info *info) ctx.sa.tx_sa = tx_sa; ctx.secy = secy; memcpy(ctx.sa.key, nla_data(tb_sa[MACSEC_SA_ATTR_KEY]), - MACSEC_KEYID_LEN); + secy->key_len); err = macsec_offload(ops->mdo_add_txsa, &ctx); if (err) diff --git a/include/net/macsec.h b/include/net/macsec.h index 52874cdfe226..d6fa6b97f6ef 100644 --- a/include/net/macsec.h +++ b/include/net/macsec.h @@ -241,7 +241,7 @@ struct macsec_context { struct macsec_rx_sc *rx_sc; struct { unsigned char assoc_num; - u8 key[MACSEC_KEYID_LEN]; + u8 key[MACSEC_MAX_KEY_LEN]; union { struct macsec_rx_sa *rx_sa; struct macsec_tx_sa *tx_sa; -- 2.30.2