review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Sabrina Dubroca <sd@queasysnail.net>
	Fri, 22 Jul 2022 09:16:27 +0000 (11:16 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 3 Aug 2022 10:03:50 +0000 (12:03 +0200)
commit	8991687d3bcf6b031b5679d7bc6dfaad68e6dcc4
tree	b9ae57a90f0158a7e43b84458c16e69aacfef677	tree \| snapshot
parent	830582c16be1ce0c8fa489d8973871587da617c9	commit \| diff

macsec: fix NULL deref in macsec_add_rxsa

[ Upstream commit f46040eeaf2e523a4096199fd93a11e794818009 ]

Commit 48ef50fa866a added a test on tb_sa[MACSEC_SA_ATTR_PN], but
nothing guarantees that it's not NULL at this point. The same code was
added to macsec_add_txsa, but there it's not a problem because
validate_add_txsa checks that the MACSEC_SA_ATTR_PN attribute is
present.

Note: it's not possible to reproduce with iproute, because iproute
doesn't allow creating an SA without specifying the PN.

Fixes: 48ef50fa866a ("macsec: Netlink support of XPN cipher suites (IEEE 802.1AEbw)")
Link: https://bugzilla.kernel.org/show_bug.cgi?id=208315
Reported-by: Frantisek Sumsal <fsumsal@redhat.com>
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>