git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Sabrina Dubroca <sd@queasysnail.net>
	Fri, 29 Aug 2025 18:55:40 +0000 (20:55 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 9 Sep 2025 16:56:22 +0000 (18:56 +0200)
commit	668f4f6382c3644d22a1168f62294aaaba60deec
tree	092b57a222f146f1d2986cafc91ba72d468a9001	tree \| snapshot
parent	1cf0b558cbb7a79223868680e7c312d9269d6b75	commit \| diff

macsec: read MACSEC_SA_ATTR_PN with nla_get_uint

[ Upstream commit 030e1c45666629f72d0fc1d040f9d2915680de8e ]

The code currently reads both U32 attributes and U64 attributes as
U64, so when a U32 attribute is provided by userspace (ie, when not
using XPN), on big endian systems, we'll load that value into the
upper 32bits of the next_pn field instead of the lower 32bits. This
means that the value that userspace provided is ignored (we only care
about the lower 32bits for non-XPN), and we'll start using PNs from 0.

Switch to nla_get_uint, which will read the value correctly on all
arches, whether it's 32b or 64b.

Fixes: 48ef50fa866a ("macsec: Netlink support of XPN cipher suites (IEEE 802.1AEbw)")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Reviewed-by: Simon Horman <horms@kernel.org>
Link: https://patch.msgid.link/1c1df1661b89238caf5beefb84a10ebfd56c66ea.1756459839.git.sd@queasysnail.net
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>