Skip to content

Commit ef03c7a

Browse files
author
CKI Backport Bot
committed
macsec: read MACSEC_SA_ATTR_PN with nla_get_uint
JIRA: https://issues.redhat.com/browse/RHEL-115574 commit 030e1c4 Author: Sabrina Dubroca <sd@queasysnail.net> Date: Fri Aug 29 20:55:40 2025 +0200 macsec: read MACSEC_SA_ATTR_PN with nla_get_uint The code currently reads both U32 attributes and U64 attributes as U64, so when a U32 attribute is provided by userspace (ie, when not using XPN), on big endian systems, we'll load that value into the upper 32bits of the next_pn field instead of the lower 32bits. This means that the value that userspace provided is ignored (we only care about the lower 32bits for non-XPN), and we'll start using PNs from 0. Switch to nla_get_uint, which will read the value correctly on all arches, whether it's 32b or 64b. Fixes: 48ef50f ("macsec: Netlink support of XPN cipher suites (IEEE 802.1AEbw)") Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Reviewed-by: Simon Horman <horms@kernel.org> Link: https://patch.msgid.link/1c1df1661b89238caf5beefb84a10ebfd56c66ea.1756459839.git.sd@queasysnail.net Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: CKI Backport Bot <cki-ci-bot+cki-gitlab-backport-bot@redhat.com>
1 parent 80f154c commit ef03c7a

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

drivers/net/macsec.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1843,7 +1843,7 @@ static int macsec_add_rxsa(struct sk_buff *skb, struct genl_info *info)
18431843

18441844
if (tb_sa[MACSEC_SA_ATTR_PN]) {
18451845
spin_lock_bh(&rx_sa->lock);
1846-
rx_sa->next_pn = nla_get_u64(tb_sa[MACSEC_SA_ATTR_PN]);
1846+
rx_sa->next_pn = nla_get_uint(tb_sa[MACSEC_SA_ATTR_PN]);
18471847
spin_unlock_bh(&rx_sa->lock);
18481848
}
18491849

@@ -2085,7 +2085,7 @@ static int macsec_add_txsa(struct sk_buff *skb, struct genl_info *info)
20852085
}
20862086

20872087
spin_lock_bh(&tx_sa->lock);
2088-
tx_sa->next_pn = nla_get_u64(tb_sa[MACSEC_SA_ATTR_PN]);
2088+
tx_sa->next_pn = nla_get_uint(tb_sa[MACSEC_SA_ATTR_PN]);
20892089
spin_unlock_bh(&tx_sa->lock);
20902090

20912091
if (tb_sa[MACSEC_SA_ATTR_ACTIVE])
@@ -2397,7 +2397,7 @@ static int macsec_upd_txsa(struct sk_buff *skb, struct genl_info *info)
23972397

23982398
spin_lock_bh(&tx_sa->lock);
23992399
prev_pn = tx_sa->next_pn_halves;
2400-
tx_sa->next_pn = nla_get_u64(tb_sa[MACSEC_SA_ATTR_PN]);
2400+
tx_sa->next_pn = nla_get_uint(tb_sa[MACSEC_SA_ATTR_PN]);
24012401
spin_unlock_bh(&tx_sa->lock);
24022402
}
24032403

@@ -2495,7 +2495,7 @@ static int macsec_upd_rxsa(struct sk_buff *skb, struct genl_info *info)
24952495

24962496
spin_lock_bh(&rx_sa->lock);
24972497
prev_pn = rx_sa->next_pn_halves;
2498-
rx_sa->next_pn = nla_get_u64(tb_sa[MACSEC_SA_ATTR_PN]);
2498+
rx_sa->next_pn = nla_get_uint(tb_sa[MACSEC_SA_ATTR_PN]);
24992499
spin_unlock_bh(&rx_sa->lock);
25002500
}
25012501

0 commit comments

Comments
 (0)