From: Sabrina Dubroca <s...@queasysnail.net>
Date: Thu, 18 Jan 2018 17:48:18 +0100
> Commit ccfdec908922 ("macsec: Add support for GCM-AES-256 cipher suite")
> changed a few values in the uapi headers for MACsec.
>
> Because of existing userspace implementations, we need to preserve the
> value of MACSEC_DEFAULT_CIPHER_ID. Not doing that resulted in
> wpa_supplicant segfaults when a secure channel was created using the
> default cipher. Thus, swap MACSEC_DEFAULT_CIPHER_{ID,ALT} back to their
> original values.
>
> Changing the maximum length of the MACSEC_SA_ATTR_KEY attribute is
> unnecessary, as the previous value (MACSEC_MAX_KEY_LEN, which was 128B)
> is large enough to carry 32-bytes keys. This patch reverts
> MACSEC_MAX_KEY_LEN to 128B and restores the old length check on
> MACSEC_SA_ATTR_KEY.
>
> Fixes: ccfdec908922 ("macsec: Add support for GCM-AES-256 cipher suite")
> Signed-off-by: Davide Caratti <dcara...@redhat.com>
> Signed-off-by: Sabrina Dubroca <s...@queasysnail.net>
Good catch, applied, thanks Sabrina.
