Re: [PATCH] net: macsec: use TX SCI as MAC address

[Radu Pirea (OSS)]

On 09.08.2023 15:10, Sabrina Dubroca wrote:
> 2023-08-09, 09:37:40 +0300, Radu Pirea (OSS) wrote:
> > On 08.08.2023 18:22, Sabrina Dubroca wrote:
> > > 2023-08-08, 17:14:29 +0300, Radu Pirea (NXP OSS) wrote:
> > > > According to IEEE 802.1AE the SCI comprises the MAC address and the port
> > > > identifier.
> > >
> > > I don't think the SCI needs to be composed of the actual device's MAC
> > > address. 8.2.1 says that the MAC address *can* be used to compose the
> > > SCI, but doesn't mandate it.
> > I used IEEE 802.1AE-2018 as documentation and the text is slightly
> > different. However, the purpose of this patch is not to force this match
> > between the MAC address and the SCI, is just to have different MAC addresses
> > when the interfaces are created with an specific SCI.
> >
> > For example, the following command will not set 00:01:be:be:ef:17 as MAC
> > address for the new interface. Would you expect that?
> > ip link add link enet_p2 macsec0 type macsec address 00:01:be:be:ef:17 port
> > 1 encrypt on
>
> Yes, because "address XXX" comes after "type macsec", so it's an
> argument of "type macsec", not of "ip link". IMO the manpage is pretty
> clear about this.
>
> The command you want is:
>
> ip link add link enet_p2 macsec0 addr 00:01:be:be:ef:17 type macsec port 1 encrypt on
Now I see...

> And with this, I don't think your patch is needed at all. It would
> even introduce an undesireable behavior, in case an explicit address
> is provided (as in my command example) alongside a full SCI (instead
> of just the port).
> I agree. Thank you.

--
Radu P.