diff --git a/0001-macsec-sci-endianness.patch b/0001-macsec-sci-endianness.patch new file mode 100644 index 0000000..e1f71ad --- /dev/null +++ b/0001-macsec-sci-endianness.patch @@ -0,0 +1,245 @@ +From 02b273dec88710459719073ef79ac3fbb9975f24 Mon Sep 17 00:00:00 2001 +From: Beniamino Galvani +Date: Thu, 15 Dec 2016 14:41:54 +0100 +Subject: [PATCH 1/3] Revert "macsec: fix endianness of 'sci' parameter" + +The commit changed the API from libnl 3.2.28: restore the old +behavior. + +This reverts commit cd758fbfee07768ff200f46d7090fa8d0e6b300f. + +Signed-off-by: Beniamino Galvani +Signed-off-by: Thomas Haller +--- + lib/route/link/macsec.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/lib/route/link/macsec.c b/lib/route/link/macsec.c +index 186e8d1..eccfbfa 100644 +--- a/lib/route/link/macsec.c ++++ b/lib/route/link/macsec.c +@@ -104,7 +104,7 @@ static int macsec_parse(struct rtnl_link *link, struct nlattr *data, + info = link->l_info; + + if (tb[IFLA_MACSEC_SCI]) { +- info->sci = ntohll(nla_get_u64(tb[IFLA_MACSEC_SCI])); ++ info->sci = nla_get_u64(tb[IFLA_MACSEC_SCI]); + info->ce_mask |= MACSEC_ATTR_SCI; + } + +@@ -277,7 +277,7 @@ static int macsec_put_attrs(struct nl_msg *msg, struct rtnl_link *link) + return -NLE_MSGSIZE; + + if (info->ce_mask & MACSEC_ATTR_SCI) +- NLA_PUT_U64(msg, IFLA_MACSEC_SCI, htonll(info->sci)); ++ NLA_PUT_U64(msg, IFLA_MACSEC_SCI, info->sci); + else if (info->ce_mask & MACSEC_ATTR_PORT) + NLA_PUT_U16(msg, IFLA_MACSEC_PORT, htons(info->port)); + +-- +2.9.3 + + +From c1f41173ed112eca2bb8febc57f4bacf5f3e3287 Mon Sep 17 00:00:00 2001 +From: Beniamino Galvani +Date: Thu, 15 Dec 2016 14:41:55 +0100 +Subject: [PATCH 2/3] macsec: document byte order for the SCI and port + attributes + +Document that the SCI is in network order while the port is in host +order. + +Signed-off-by: Beniamino Galvani +Signed-off-by: Thomas Haller +--- + lib/route/link/macsec.c | 64 ++++++++++++++++++++++++++++++++++++++++++++++++- + 1 file changed, 63 insertions(+), 1 deletion(-) + +diff --git a/lib/route/link/macsec.c b/lib/route/link/macsec.c +index eccfbfa..d177236 100644 +--- a/lib/route/link/macsec.c ++++ b/lib/route/link/macsec.c +@@ -9,6 +9,18 @@ + * Copyright (c) 2016 Sabrina Dubroca + */ + ++/** ++ * @ingroup link ++ * @defgroup macsec MACsec ++ * MACsec link module ++ * ++ * @details ++ * \b Link Type Name: "macsec" ++ * ++ * @route_doc{link_macsec, MACsec Documentation} ++ * ++ * @{ ++ */ + #include + #include + #include +@@ -20,6 +32,7 @@ + + #include + ++/** @cond SKIP */ + #define MACSEC_ATTR_SCI (1 << 0) + #define MACSEC_ATTR_ICV_LEN (1 << 1) + #define MACSEC_ATTR_CIPHER_SUITE (1 << 2) +@@ -49,6 +62,10 @@ struct macsec_info { + uint32_t ce_mask; + }; + ++#define DEFAULT_ICV_LEN 16 ++ ++/** @endcond */ ++ + static struct nla_policy macsec_policy[IFLA_MACSEC_MAX+1] = { + [IFLA_MACSEC_SCI] = { .type = NLA_U64 }, + [IFLA_MACSEC_ICV_LEN] = { .type = NLA_U8 }, +@@ -64,8 +81,16 @@ static struct nla_policy macsec_policy[IFLA_MACSEC_MAX+1] = { + [IFLA_MACSEC_VALIDATION] = { .type = NLA_U8 }, + }; + +-#define DEFAULT_ICV_LEN 16 ++/** ++ * @name MACsec Object ++ * @{ ++ */ + ++/** ++ * Allocate link object of type MACsec ++ * ++ * @return Allocated link object or NULL. ++ */ + static int macsec_alloc(struct rtnl_link *link) + { + struct macsec_info *info; +@@ -195,7 +220,9 @@ static char *replay_protect_str(char *buf, uint8_t replay_protect, uint8_t windo + return buf; + } + ++/** @cond SKIP */ + #define PRINT_FLAG(buf, i, field, c) ({ if (i->field == 1) *buf++ = c; }) ++/** @endcond */ + static char *flags_str(char *buf, unsigned char len, struct macsec_info *info) + { + char *tmp = buf; +@@ -387,11 +414,13 @@ static void __exit macsec_exit(void) + rtnl_link_unregister_info(&macsec_info_ops); + } + ++/** @cond SKIP */ + #define IS_MACSEC_LINK_ASSERT(link) \ + if ((link)->l_info_ops != &macsec_info_ops) { \ + APPBUG("Link is not a MACsec link. set type \"macsec\" first."); \ + return -NLE_OPNOTSUPP; \ + } ++/** @endcond */ + + struct rtnl_link *rtnl_link_macsec_alloc(void) + { +@@ -408,6 +437,13 @@ struct rtnl_link *rtnl_link_macsec_alloc(void) + return link; + } + ++/** ++ * Set SCI ++ * @arg link Link object ++ * @arg sci Secure Channel Identifier in network byte order ++ * ++ * @return 0 on success or a negative error code. ++ */ + int rtnl_link_macsec_set_sci(struct rtnl_link *link, uint64_t sci) + { + struct macsec_info *info = link->l_info; +@@ -420,6 +456,14 @@ int rtnl_link_macsec_set_sci(struct rtnl_link *link, uint64_t sci) + return 0; + } + ++/** ++ * Get SCI ++ * @arg link Link object ++ * @arg sci On return points to the Secure Channel Identifier ++ * in network byte order ++ * ++ * @return 0 on success or a negative error code. ++ */ + int rtnl_link_macsec_get_sci(struct rtnl_link *link, uint64_t *sci) + { + struct macsec_info *info = link->l_info; +@@ -435,6 +479,13 @@ int rtnl_link_macsec_get_sci(struct rtnl_link *link, uint64_t *sci) + return 0; + } + ++/** ++ * Set port identifier ++ * @arg link Link object ++ * @arg port Port identifier in host byte order ++ * ++ * @return 0 on success or a negative error code. ++ */ + int rtnl_link_macsec_set_port(struct rtnl_link *link, uint16_t port) + { + struct macsec_info *info = link->l_info; +@@ -447,6 +498,13 @@ int rtnl_link_macsec_set_port(struct rtnl_link *link, uint16_t port) + return 0; + } + ++/** ++ * Get port identifier ++ * @arg link Link object ++ * @arg port On return points to the port identifier in host byte order ++ * ++ * @return 0 on success or a negative error code. ++ */ + int rtnl_link_macsec_get_port(struct rtnl_link *link, uint16_t *port) + { + struct macsec_info *info = link->l_info; +@@ -785,3 +843,7 @@ int rtnl_link_macsec_get_scb(struct rtnl_link *link, uint8_t *scb) + + return 0; + } ++ ++/** @} */ ++ ++/** @} */ +-- +2.9.3 + + +From 928d0cf709f4984b6e6ad37e0d3d44455796534f Mon Sep 17 00:00:00 2001 +From: Thomas Haller +Date: Thu, 15 Dec 2016 19:23:26 +0100 +Subject: [PATCH 3/3] macsec: fix endianness of sci during dump() + +Signed-off-by: Thomas Haller +--- + lib/route/link/macsec.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/lib/route/link/macsec.c b/lib/route/link/macsec.c +index d177236..2b7e58e 100644 +--- a/lib/route/link/macsec.c ++++ b/lib/route/link/macsec.c +@@ -261,7 +261,7 @@ static void macsec_dump_line(struct rtnl_link *link, struct nl_dump_params *p) + struct macsec_info *info = link->l_info; + char tmp[128]; + +- nl_dump(p, "sci %016llx <%s>", info->sci, flags_str(tmp, sizeof(tmp), info)); ++ nl_dump(p, "sci %016llx <%s>", ntohll(info->sci), flags_str(tmp, sizeof(tmp), info)); + } + + static void macsec_dump_details(struct rtnl_link *link, struct nl_dump_params *p) +@@ -270,7 +270,7 @@ static void macsec_dump_details(struct rtnl_link *link, struct nl_dump_params *p + char tmp[128]; + + nl_dump(p, " sci %016llx protect %s encoding_sa %d encrypt %s send_sci %s validate %s %s\n", +- info->sci, values_on_off[info->protect], info->encoding_sa, values_on_off[info->encrypt], values_on_off[info->send_sci], ++ ntohll(info->sci), values_on_off[info->protect], info->encoding_sa, values_on_off[info->encrypt], values_on_off[info->send_sci], + VALIDATE_STR[info->validate], + replay_protect_str(tmp, info->replay_protect, info->window)); + nl_dump(p, " cipher suite: %016llx, icv_len %d\n", +-- +2.9.3 + diff --git a/libnl3.spec b/libnl3.spec index 63017ee..277a786 100644 --- a/libnl3.spec +++ b/libnl3.spec @@ -1,6 +1,6 @@ Name: libnl3 Version: 3.2.29 -Release: 0.1%{?dist} +Release: 0.2%{?dist} Summary: Convenience library for kernel netlink sockets Group: Development/Libraries License: LGPLv2 @@ -11,6 +11,8 @@ URL: http://www.infradead.org/~tgr/libnl/ Source: http://www.infradead.org/~tgr/libnl/files/libnl-%{fullversion}.tar.gz Source1: http://www.infradead.org/~tgr/libnl/files/libnl-doc-%{fullversion}.tar.gz +Patch1: 0001-macsec-sci-endianness.patch + BuildRequires: flex bison BuildRequires: python BuildRequires: libtool autoconf automake @@ -68,6 +70,7 @@ Python 3 bindings for libnl3 %prep %setup -q -n libnl-%{fullversion} +%patch1 -p1 tar -xzf %SOURCE1 @@ -148,6 +151,9 @@ popd %{python3_sitearch}/netlink-*.egg-info %changelog +* Fri Dec 16 2016 Thomas Haller - 3.2.29-0.2 +- macsec: fix endianness for MACSec's 'sci' parameter + * Mon Dec 12 2016 Thomas Haller - 3.2.29-0.1 - Update to 3.2.29-rc1