summaryrefslogtreecommitdiff
path: root/Documentation
diff options
context:
space:
mode:
authorSabrina Dubroca <sd@queasysnail.net>2018-01-18 19:48:18 +0300
committerDavid S. Miller <davem@davemloft.net>2018-01-22 23:40:16 +0300
commite8660ded7f5a9889395d33ce3d5e8c729a462bf5 (patch)
treef6d573becc6cffd5a53465827018a1b93452913e /Documentation
parent5e89cfac2e1e74df075047ca5162a4df1aa11f63 (diff)
downloadlinux-e8660ded7f5a9889395d33ce3d5e8c729a462bf5.tar.xz
macsec: restore uAPI after addition of GCM-AES-256
Commit ccfdec908922 ("macsec: Add support for GCM-AES-256 cipher suite") changed a few values in the uapi headers for MACsec. Because of existing userspace implementations, we need to preserve the value of MACSEC_DEFAULT_CIPHER_ID. Not doing that resulted in wpa_supplicant segfaults when a secure channel was created using the default cipher. Thus, swap MACSEC_DEFAULT_CIPHER_{ID,ALT} back to their original values. Changing the maximum length of the MACSEC_SA_ATTR_KEY attribute is unnecessary, as the previous value (MACSEC_MAX_KEY_LEN, which was 128B) is large enough to carry 32-bytes keys. This patch reverts MACSEC_MAX_KEY_LEN to 128B and restores the old length check on MACSEC_SA_ATTR_KEY. Fixes: ccfdec908922 ("macsec: Add support for GCM-AES-256 cipher suite") Signed-off-by: Davide Caratti <dcaratti@redhat.com> Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'Documentation')
0 files changed, 0 insertions, 0 deletions