www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Davide Caratti <dcaratti@redhat.com>
	Fri, 22 Jul 2016 13:07:56 +0000 (15:07 +0200)
committer	Dhaval Giani <dhaval.giani@oracle.com>
	Mon, 16 Jan 2017 19:49:09 +0000 (14:49 -0500)
commit	c58938ce159ea50457d83093b962f779f8a1c1ab
tree	1c1fff3fa2bf101cd2aca38cdff0842d51c1801d	tree
parent	dceb7aa7d65f25b46d5d1ed11fb45bf2c769a86c	commit \| diff

macsec: limit ICV length to 16 octets

IEEE 802.1AE-2006 standard recommends that the ICV element in a MACsec
frame should not exceed 16 octets: add MACSEC_STD_ICV_LEN in uapi
definitions accordingly, and avoid accepting configurations where the ICV
length exceeds the standard value. Leave definition of MACSEC_MAX_ICV_LEN
unchanged for backwards compatibility with userspace programs.

Fixes: dece8d2b78d1 ("uapi: add MACsec bits")
Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry picked from commit 2ccbe2cb79f2f74ab739252299b6f9ff27586f2c)

Orabug: 24614549

Signed-off-by: Ethan Zhao <ethan.zhao@oracle.com>
Signed-off-by: Dhaval Giani <dhaval.giani@oracle.com>

drivers/net/macsec.c		diff \| blob \| history
include/uapi/linux/if_macsec.h		diff \| blob \| history