macsec: validate ICV length on link creation
authorDavide Caratti <dcaratti@redhat.com>
Fri, 22 Jul 2016 13:07:58 +0000 (15:07 +0200)
committerDavid S. Miller <davem@davemloft.net>
Mon, 25 Jul 2016 17:55:39 +0000 (10:55 -0700)
commitf04c392d2dd97a985878f4380a1b054791301acf
treecbf6e16e690b6486b9a642a2614846f08da2368e
parent34aedfee22967236adc3d9147c8b47b7f5bad26c
macsec: validate ICV length on link creation

Test the cipher suite initialization in case ICV length has a value
different than its default. If this test fails, creation of a new macsec
link will also fail. This avoids situations where further security
associations can't be added due to failures of crypto_aead_setauthsize(),
caused by unsupported user-provided values of the ICV length.

Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
drivers/net/macsec.c