[PATCH net 1/1] net: macsec: Fix XPN properties passing to macsec offload

From: Emeel Hakim
Date: Tue Aug 09 2022 - 06:29:58 EST

Next message: Guenter Roeck: "Re: [PATCH v6] amba: Remove deferred device addition"
Previous message: Michael Walle: "Re: [PATCH] Revert "reset: microchip-sparx5: allow building as a module""
Next in thread: Jakub Kicinski: "Re: [PATCH net 1/1] net: macsec: Fix XPN properties passing to macsec offload"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Currently macsec invokes HW offload path before reading extended
packet number (XPN) related user properties i.e. salt and short
secure channel identifier (ssci), hence preventing macsec XPN HW
offload.

Fix by moving macsec XPN properties reading prior to HW offload path.

Fixes: 48ef50fa866a ("macsec: Netlink support of XPN cipher suites")
Reviewed-by: Raed Salem <raeds@xxxxxxxxxx>
Signed-off-by: Emeel Hakim <ehakim@xxxxxxxxxx>
---
drivers/net/macsec.c | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c
index f1683ce6b561..e0da161d94c8 100644
--- a/drivers/net/macsec.c
+++ b/drivers/net/macsec.c
@@ -1808,6 +1808,12 @@ static int macsec_add_rxsa(struct sk_buff *skb, struct genl_info *info)

rx_sa->sc = rx_sc;

+ if (secy->xpn) {
+ rx_sa->ssci = nla_get_ssci(tb_sa[MACSEC_SA_ATTR_SSCI]);
+ nla_memcpy(rx_sa->key.salt.bytes, tb_sa[MACSEC_SA_ATTR_SALT],
+ MACSEC_SALT_LEN);
+ }
+
/* If h/w offloading is available, propagate to the device */
if (macsec_is_offloaded(netdev_priv(dev))) {
const struct macsec_ops *ops;
@@ -1830,12 +1836,6 @@ static int macsec_add_rxsa(struct sk_buff *skb, struct genl_info *info)
goto cleanup;
}

- if (secy->xpn) {
- rx_sa->ssci = nla_get_ssci(tb_sa[MACSEC_SA_ATTR_SSCI]);
- nla_memcpy(rx_sa->key.salt.bytes, tb_sa[MACSEC_SA_ATTR_SALT],
- MACSEC_SALT_LEN);
- }
-
nla_memcpy(rx_sa->key.id, tb_sa[MACSEC_SA_ATTR_KEYID], MACSEC_KEYID_LEN);
rcu_assign_pointer(rx_sc->sa[assoc_num], rx_sa);

@@ -2050,6 +2050,12 @@ static int macsec_add_txsa(struct sk_buff *skb, struct genl_info *info)
if (assoc_num == tx_sc->encoding_sa && tx_sa->active)
secy->operational = true;

+ if (secy->xpn) {
+ tx_sa->ssci = nla_get_ssci(tb_sa[MACSEC_SA_ATTR_SSCI]);
+ nla_memcpy(tx_sa->key.salt.bytes, tb_sa[MACSEC_SA_ATTR_SALT],
+ MACSEC_SALT_LEN);
+ }
+
/* If h/w offloading is available, propagate to the device */
if (macsec_is_offloaded(netdev_priv(dev))) {
const struct macsec_ops *ops;
@@ -2072,12 +2078,6 @@ static int macsec_add_txsa(struct sk_buff *skb, struct genl_info *info)
goto cleanup;
}

- if (secy->xpn) {
- tx_sa->ssci = nla_get_ssci(tb_sa[MACSEC_SA_ATTR_SSCI]);
- nla_memcpy(tx_sa->key.salt.bytes, tb_sa[MACSEC_SA_ATTR_SALT],
- MACSEC_SALT_LEN);
- }
-
nla_memcpy(tx_sa->key.id, tb_sa[MACSEC_SA_ATTR_KEYID], MACSEC_KEYID_LEN);
rcu_assign_pointer(tx_sc->sa[assoc_num], tx_sa);

--
2.21.3

Next message: Guenter Roeck: "Re: [PATCH v6] amba: Remove deferred device addition"
Previous message: Michael Walle: "Re: [PATCH] Revert "reset: microchip-sparx5: allow building as a module""
Next in thread: Jakub Kicinski: "Re: [PATCH net 1/1] net: macsec: Fix XPN properties passing to macsec offload"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]