macsec: ensure rx_sa is set when validation is disabled

[ Upstream commit e3a3b626010a14fe067f163c2c43409d5afcd2a9 ]

macsec_decrypt() is not called when validation is disabled and so
macsec_skb_cb(skb)->rx_sa is not set; but it is used later in
macsec_post_decrypt(), ensure that it's always initialized.

Fixes: c09440f7dcb3 ("macsec: introduce IEEE 802.1AE driver")
Signed-off-by: Beniamino Galvani <bgalvani@redhat.com>
Acked-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c
index 8f3c55d03d5d3cdef5a0653cd84c2f384ba47c42..f58858b7972c6e1ca8ebc1ac2179155ab8bb5134 100644 (file)
--- a/drivers/net/macsec.c
+++ b/drivers/net/macsec.c
@@ -914,7 +914,6 @@ static struct sk_buff *macsec_decrypt(struct sk_buff *skb,
        }
 
        macsec_skb_cb(skb)->req = req;
-       macsec_skb_cb(skb)->rx_sa = rx_sa;
        skb->dev = dev;
        aead_request_set_callback(req, 0, macsec_decrypt_done, skb);
 
@@ -1141,6 +1140,8 @@ static rx_handler_result_t macsec_handle_frame(struct sk_buff **pskb)
                }
        }
 
+       macsec_skb_cb(skb)->rx_sa = rx_sa;
+
        /* Disabled && !changed text => skip validation */
        if (hdr->tci_an & MACSEC_TCI_C ||
            secy->validate_frames != MACSEC_VALIDATE_DISABLED)