Received: by 2002:a05:7412:3210:b0:e2:908c:2ebd with SMTP id eu16csp819744rdb; Fri, 1 Sep 2023 05:21:45 -0700 (PDT) X-Google-Smtp-Source: AGHT+IG1Y6zb6peoL6aslqXSB0J7X6guPBaOR67XlauwktEkJZPdPxKbhcjyxvpRXWTM/3pHcYQC X-Received: by 2002:a17:902:e850:b0:1b8:9461:6729 with SMTP id t16-20020a170902e85000b001b894616729mr2858220plg.2.1693570905164; Fri, 01 Sep 2023 05:21:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1693570905; cv=none; d=google.com; s=arc-20160816; b=MfcrpqqlPH1+m8EEXHALBIe2lXnUxtq5VKJzYWSb5HsMIG5aFhklp73dyr5+gvEhgR ypT8vzRXWbsbF6w9e7kFkwJqRvh4uJjKka0AIZGe2hdVKTJ8ZlkmywPKwUV+HYnE3BmU IDJWq0D/3frnL8enj2EfsyDTAifE2XSc7Vc9jcMnhC/me0gW8Rsb/Gh0fSFJxLBS6QVA 9We54PqBCu9ghwaNu8gh3AgZzhquL64EtpvhXNZsNyNhK86biT50AWcJaHzBSYU+gotL VsD0sLOtWlJaTSyOOAHnn3agg1EfJgpg7D79UoN2oKBJwzjh9+pA9C+FV4ZrLPc5o1q0 y5Jg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=aw6At8Zh603+lBvo9lyv38G+maZQmM3WJGisRvfn/sA=; fh=ADkJ4J69r/AZjTAvgqNTObVTAoMcvgV41uhxTPemI6o=; b=FzO7G5F5pS3DMDUflcUBTdd9DCYFZs5iSGyi/gje5l5MhpamjDmYflS0L59Xgyb9UF /qsE09Zd0V/gCLfIzHljiXhPXvPQVySX9baHERFapfQQQYr4Dow24wA/Yf5bXPfdKDYO BvcXdPf1NowtpX1bS6Z1ZEUie48GjnvWEZTggJky7Ctw7hu3aPTFwCrsxqrH49gFZWIw JQN+a4WwR//UBJD+Dkw90WYXDFzQGfQ9uJWFEkowUJkboEawY5Q7laA69gu6lR2Rh7RO oRSrYoa+7Rv5fVmX81Etgpij0aqOdt7W6D8Hum+udbhSAS+fZVzYgEzeUfkRiT51rFK8 sw2w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o12-20020a170902d4cc00b001b9e82a6beesi2716712plg.548.2023.09.01.05.21.30; Fri, 01 Sep 2023 05:21:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345004AbjIAKIA (ORCPT + 99 others); Fri, 1 Sep 2023 06:08:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40268 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229868AbjIAKH7 (ORCPT ); Fri, 1 Sep 2023 06:07:59 -0400 Received: from us-smtp-delivery-44.mimecast.com (unknown [207.211.30.44]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E8BD3FC for ; Fri, 1 Sep 2023 03:07:55 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-693-NTN9am3zM7uWtBLtTrRPnA-1; Fri, 01 Sep 2023 06:07:36 -0400 X-MC-Unique: NTN9am3zM7uWtBLtTrRPnA-1 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id F2C873804514; Fri, 1 Sep 2023 10:07:35 +0000 (UTC) Received: from hog (unknown [10.45.224.12]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C6FAD493110; Fri, 1 Sep 2023 10:07:33 +0000 (UTC) Date: Fri, 1 Sep 2023 12:07:32 +0200 From: Sabrina Dubroca To: Radu Pirea Cc: "atenart@kernel.org" , "Radu-nicolae Pirea (OSS)" , "andrew@lunn.ch" , "linux@armlinux.org.uk" , "hkallweit1@gmail.com" , "davem@davemloft.net" , Sebastian Tobuschat , "linux-kernel@vger.kernel.org" , "pabeni@redhat.com" , "richardcochran@gmail.com" , "edumazet@google.com" , "kuba@kernel.org" , "netdev@vger.kernel.org" Subject: Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag Message-ID: References: <20230824091615.191379-1-radu-nicolae.pirea@oss.nxp.com> <20230824091615.191379-6-radu-nicolae.pirea@oss.nxp.com> <5d42d6c9-2f0c-8913-49ec-50a25860c49f@oss.nxp.com> <518c11e9000f895fddb5b3dc4d5b2bf445cf320f.camel@nxp.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <518c11e9000f895fddb5b3dc4d5b2bf445cf320f.camel@nxp.com> X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Spam-Status: No, score=0.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_BLOCKED, RCVD_IN_VALIDITY_RPBL,RDNS_NONE,SPF_HELO_NONE,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 2023-09-01, 09:09:06 +0000, Radu Pirea wrote: > On Wed, 2023-08-30 at 13:35 +0200, Sabrina Dubroca wrote: > ... > > > And it's not restored when the link goes back up? That's inconvenient > > :/ > > Do we end up with inconsistent state? ie driver and core believe > > everything is still offloaded, but HW lost all state? do we leak > > some resources allocated by the driver? > > Yes. We end up with inconsistent state. The HW will lost all state when > the phy is reseted. No resource is leaked, everything is there, but the > configuration needs to be reapplied. > > > > > We could add a flush/restore in macsec_notify when the lower device > > goes down/up, maybe limited to devices that request this (I don't > > know > > if all devices would need it, or maybe all devices offloading to the > > PHY but not to the MAC). > > Agreed. > We can do a flush very simple, but to restore the configuration maybe > we should to save the key in the macsec_key structure. I am not sure if > the key can be extracted from crypto_aead structure. Either that or in the driver. I have a small preference for driver, because then cases that don't need this restore won't have to keep the key in memory, reducing the likelihood of accidentally sharing it. OTOH, if we centralize that code, it's easier to make sure everything is cleared from kernel memory when we delete the SA. > > And what happens in this case? > >     ip link add link eth0 type macsec offload phy > >     ip link set eth0 down > >     ip macsec add macsec0 rx sci ... > >     ip macsec add macsec0 tx sa 0 ... > >     # etc > >     ip link set eth0 up > > > > Will offload work with the current code? > > (the interface was up before) > [root@alarm ~]# ip link add link end0 macsec0 type macsec encrypt on > offload phy > [root@alarm ~]# ip link set end0 down > [root@alarm ~]# ip macsec add macsec0 rx port 1 address > 00:01:be:be:ef:33 > RTNETLINK answers: Operation not supported Where does that EOPNOTSUPP come from? nxp_c45_mdo_add_rxsc from this version of the code can't return that, and macsec_add_rxsc also shouldn't at this point. Ideally all implementations (HW or SW) should behave the same, but at least that saves us from having to restore state in the HW, if we couldn't create it at all. > But let's consider the next case: > ip link add link eth0 type macsec offload phy > ip link set eth0 down > ip link set eth0 up > ip macsec add macsec0 rx sci ... > ip macsec add macsec0 tx sa 0 ... > # etc > > In this case, any HW configuration written by .mdo_add_secy will be > lost. So we need a way to restore the config in HW, whether that's done entirely in the driver or initiated by macsec itself. Antoine, is any of this relevant to the mscc driver? -- Sabrina