git.baikalelectronics.ru Git - kernel.git/commit

author	Davide Caratti <dcaratti@redhat.com>
	Fri, 22 Jul 2016 13:07:56 +0000 (15:07 +0200)
committer	David S. Miller <davem@davemloft.net>
	Mon, 25 Jul 2016 17:55:39 +0000 (10:55 -0700)
commit	538f2195f0001c17958852b43cff763187a79d44
tree	b5001d976b145d30c2d90c1de8da6b8b59275594	tree \| snapshot
parent	9131f231272de16687099f1db7b21d59ef3d4119	commit \| diff

macsec: limit ICV length to 16 octets

IEEE 802.1AE-2006 standard recommends that the ICV element in a MACsec
frame should not exceed 16 octets: add MACSEC_STD_ICV_LEN in uapi
definitions accordingly, and avoid accepting configurations where the ICV
length exceeds the standard value. Leave definition of MACSEC_MAX_ICV_LEN
unchanged for backwards compatibility with userspace programs.

Fixes: 5a9f0273fc5f ("uapi: add MACsec bits")
Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

drivers/net/macsec.c		diff \| blob \| history
include/uapi/linux/if_macsec.h		diff \| blob \| history