git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Sabrina Dubroca <sd@queasysnail.net>
	Fri, 29 Aug 2025 18:55:40 +0000 (20:55 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 9 Sep 2025 16:58:08 +0000 (18:58 +0200)
commit	0925c3c0c6d05b99fee1b8641fde5fcba5257ebb
tree	5fc4d0c7d1a55579883b4b7e917cf57e51dd980a	tree \| snapshot
parent	7db8aa3fc4ed0a2928246747b2514b0741a8187e	commit \| diff

macsec: read MACSEC_SA_ATTR_PN with nla_get_uint

[ Upstream commit 030e1c45666629f72d0fc1d040f9d2915680de8e ]

The code currently reads both U32 attributes and U64 attributes as
U64, so when a U32 attribute is provided by userspace (ie, when not
using XPN), on big endian systems, we'll load that value into the
upper 32bits of the next_pn field instead of the lower 32bits. This
means that the value that userspace provided is ignored (we only care
about the lower 32bits for non-XPN), and we'll start using PNs from 0.

Switch to nla_get_uint, which will read the value correctly on all
arches, whether it's 32b or 64b.

Fixes: 48ef50fa866a ("macsec: Netlink support of XPN cipher suites (IEEE 802.1AEbw)")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Reviewed-by: Simon Horman <horms@kernel.org>
Link: https://patch.msgid.link/1c1df1661b89238caf5beefb84a10ebfd56c66ea.1756459839.git.sd@queasysnail.net
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>