Re: [PATCH net-next] macsec: Add support for IFLA_MACSEC_OFFLOAD in the netlink layer
From: Antoine Tenart
Date: Mon Dec 05 2022 - 04:54:44 EST
Hello,
Quoting ehakim@xxxxxxxxxx (2022-12-04 11:06:53)
>
> +static int macsec_changelink_upd_offload(struct net_device *dev, struct nlattr *data[])
> +{
> + enum macsec_offload offload, prev_offload;
> + const struct macsec_ops *ops;
> + struct macsec_context ctx;
> + struct macsec_dev *macsec;
> + int ret = 0;
> +
> + macsec = macsec_priv(dev);
> + offload = nla_get_u8(data[IFLA_MACSEC_OFFLOAD]);
> +
> + /* Check if the offloading mode is supported by the underlying layers */
> + if (offload != MACSEC_OFFLOAD_OFF &&
> + !macsec_check_offload(offload, macsec))
> + return -EOPNOTSUPP;
> +
> + /* Check if the net device is busy. */
> + if (netif_running(dev))
> + return -EBUSY;
> +
> + if (macsec->offload == offload)
> + return 0;
> +
> + prev_offload = macsec->offload;
> +
> + /* Check if the device already has rules configured: we do not support
> + * rules migration.
> + */
> + if (macsec_is_configured(macsec))
> + return -EBUSY;
> +
> + ops = __macsec_get_ops(offload == MACSEC_OFFLOAD_OFF ? prev_offload : offload,
> + macsec, &ctx);
> + if (!ops)
> + return -EOPNOTSUPP;
> +
> + macsec->offload = offload;
> +
> + ctx.secy = &macsec->secy;
> + ret = (offload == MACSEC_OFFLOAD_OFF) ? macsec_offload(ops->mdo_del_secy, &ctx) :
> + macsec_offload(ops->mdo_add_secy, &ctx);
> +
> + if (ret)
> + macsec->offload = prev_offload;
> +
> + return ret;
> +}
The logic above is very close to what is done in macsec_upd_offload,
except for the use of the rtnl lock. You can merge the two in a common
helper and use that to avoid duplication.
Thanks,
Antoine