diff options
author | Sabrina Dubroca <sd@queasysnail.net> | 2016-04-22 12:28:09 +0300 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2016-04-24 21:31:59 +0300 |
commit | 4b1fb9352f351faa067a914907d58a6fe38ac048 (patch) | |
tree | 5f64306347f47ef4b657f43a661a71bb907c0b4d | |
parent | 748164802c1bd2c52937d20782b07d8c68dd9a4f (diff) | |
download | linux-4b1fb9352f351faa067a914907d58a6fe38ac048.tar.xz |
macsec: fix netlink attribute validation
macsec_validate_attr should check IFLA_MACSEC_REPLAY_PROTECT (not
IFLA_MACSEC_PROTECT) to verify that the replay protection and replay
window arguments are correct.
Fixes: c09440f7dcb3 ("macsec: introduce IEEE 802.1AE driver")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | drivers/net/macsec.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index 9f63cc7b0a73..c6385617bfb2 100644 --- a/drivers/net/macsec.c +++ b/drivers/net/macsec.c @@ -3147,8 +3147,8 @@ static int macsec_validate_attr(struct nlattr *tb[], struct nlattr *data[]) nla_get_u8(data[IFLA_MACSEC_VALIDATION]) > MACSEC_VALIDATE_MAX) return -EINVAL; - if ((data[IFLA_MACSEC_PROTECT] && - nla_get_u8(data[IFLA_MACSEC_PROTECT])) && + if ((data[IFLA_MACSEC_REPLAY_PROTECT] && + nla_get_u8(data[IFLA_MACSEC_REPLAY_PROTECT])) && !data[IFLA_MACSEC_WINDOW]) return -EINVAL; |