Received: by 2002:a05:7412:37c9:b0:e2:908c:2ebd with SMTP id jz9csp2363617rdb;
        Thu, 21 Sep 2023 17:08:14 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IGUJPmQAjjSw6wSp8zsuK9dhdFSJd+j7dhI8XSyYojovdFKPYOTjes9g32xsgMZmgZKPOQ0
X-Received: by 2002:a05:6a20:dda2:b0:14c:512c:c138 with SMTP id kw34-20020a056a20dda200b0014c512cc138mr5490544pzb.60.1695341293715;
        Thu, 21 Sep 2023 17:08:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1695341293; cv=none;
        d=google.com; s=arc-20160816;
        b=f+rq8CtYeMlQVu2YegjOXesR/XE8vzGfNGzHh9Ki4fS2df9b3chEKP7UrvtT5jKjOX
         gpbhGqTDMNUFEUgq4QmIHa9eqFqx/KD/VDX9BLusy2Ue0eOhdQoB8edswmcvH7iYQtUM
         NG9hBcS/MTPD7AEEfJdOBVLXcqrAhBv9k1aYQf3fIlR4SNYhEGp0qv40UqNc+VLh/US0
         BYZe5Tx8LVWgTylHUGY9LJeV7oOl5bKFGUe3cDjwq1XPU5y4jQh6R9DFamE/kiZVir80
         MxO7zziGcUyBpoXE65vBTiI6KZBN0jKksmftHnx6OMVpN2mWVq7A0vq2Kh6D0l3b9yxi
         cI/g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date;
        bh=zvNaQ/6AUwS3HA2xXjlSHZRwu9Jqdm0GoausyO4ib1M=;
        fh=sllz97FNcu4km1oriVASWeLLPWlfMp1wHh+096mOgEs=;
        b=CJppCd69yyt7r6e3QWhIgPBUStyOKoP4c3RFWY63pMFrrzakP6FSJoN+Oq2RQ8Iabn
         2t4/wAboTLebJf1Wh/TvkubtJK2bifPzDllSMQ15V8Nq55IruCCzG7QjfPjsEaxE+Fgd
         OzE/kR5FbK0U0gX520LiG58OK/7JE/b2W0D2AGfFChk4xanoycRw7mBHBU4HLQQHjH7i
         lY4AQWZQRVxEn980Lk7CjOVrTC0RIHWqJYKXVKz3pN2mk7ISAaKmFSqHi/2sAH64gXaq
         3iHbzTKBqnL//O5D2Y5D/2N742wXtKgnWW16/0XE54GeYho+fcGK9jY+EFHz/0yhBNrV
         Y5hQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7])
        by mx.google.com with ESMTPS id kw16-20020a170902f91000b001b8039317cesi2368623plb.301.2023.09.21.17.08.13
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 21 Sep 2023 17:08:13 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by snail.vger.email (Postfix) with ESMTP id 560E182D7C73;
	Thu, 21 Sep 2023 13:00:28 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231520AbjIUUA2 (ORCPT <rfc822;bh1scw@gmail.com> + 99 others);
        Thu, 21 Sep 2023 16:00:28 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46902 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231640AbjIUT7z (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 21 Sep 2023 15:59:55 -0400
Received: from us-smtp-delivery-44.mimecast.com (unknown [207.211.30.44])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 35A4937BE0
        for <linux-kernel@vger.kernel.org>; Thu, 21 Sep 2023 10:24:58 -0700 (PDT)
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-314-OaVbmCMZP7yeyxSGinlawg-1; Thu, 21 Sep 2023 11:11:45 -0400
X-MC-Unique: OaVbmCMZP7yeyxSGinlawg-1
Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 4978018172CA;
        Thu, 21 Sep 2023 15:11:44 +0000 (UTC)
Received: from hog (unknown [10.39.192.47])
        by smtp.corp.redhat.com (Postfix) with ESMTPS id 935BF492C37;
        Thu, 21 Sep 2023 15:11:42 +0000 (UTC)
Date:   Thu, 21 Sep 2023 17:11:41 +0200
From:   Sabrina Dubroca <sd@queasysnail.net>
To:     "Radu Pirea (NXP OSS)" <radu-nicolae.pirea@oss.nxp.com>
Cc:     andrew@lunn.ch, hkallweit1@gmail.com, linux@armlinux.org.uk,
        davem@davemloft.net, edumazet@google.com, kuba@kernel.org,
        pabeni@redhat.com, richardcochran@gmail.com,
        sebastian.tobuschat@oss.nxp.com, netdev@vger.kernel.org,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH net-next v5 3/7] net: macsec: indicate next pn update
 when offloading
Message-ID: <ZQxdLZJa0EpnxpCl@hog>
References: <20230920092237.121033-1-radu-nicolae.pirea@oss.nxp.com>
 <20230920092237.121033-4-radu-nicolae.pirea@oss.nxp.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20230920092237.121033-4-radu-nicolae.pirea@oss.nxp.com>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.10
X-Spam-Status: No, score=0.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_BLOCKED,
        RCVD_IN_VALIDITY_RPBL,RDNS_NONE,SPF_HELO_NONE,SPF_NONE autolearn=no
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Thu, 21 Sep 2023 13:00:28 -0700 (PDT)

2023-09-20, 12:22:33 +0300, Radu Pirea (NXP OSS) wrote:
> Indicate next PN update using update_pn flag in macsec_context.
> Offloaded MACsec implementations does not know whether or not the
> MACSEC_SA_ATTR_PN attribute was passed for an SA update and assume
> that next PN should always updated, but this is not always true.

This should probably go through net so that we can fix some drivers
that are currently doing the wrong thing. octeontx2 should be
fixable. atlantic looks like it would reset the PN to whatever was
read during the last dump, and it's unclear if that can be fixed
(AFAIU set_egress_sa_record writes the whole config at once).  mscc
doesn't seem to modify the PN (even if requested -- should it should
reject the update), and mlx5 doesn't allow PN update (by storing the
initial value of next_pn on SA creation).

> diff --git a/include/net/macsec.h b/include/net/macsec.h
> index ecae5eeb021a..42072fdcc183 100644
> --- a/include/net/macsec.h
> +++ b/include/net/macsec.h
> @@ -254,6 +254,7 @@ struct macsec_secy {
>   * @offload: MACsec offload status
>   * @secy: pointer to a MACsec SecY
>   * @rx_sc: pointer to a RX SC
> + * @update_pn: this flag indicates updating the next PN when updating the SA

nit: "this flag indicates" is not very useful, thus:

@update_pn: when updating the SA, update the next PN

>   * @assoc_num: association number of the target SA
>   * @key: key of the target SA
>   * @rx_sa: pointer to an RX SA if a RX SA is added/updated/removed
> @@ -274,6 +275,7 @@ struct macsec_context {
>  	struct macsec_secy *secy;
>  	struct macsec_rx_sc *rx_sc;
>  	struct {
> +		bool update_pn;
>  		unsigned char assoc_num;
>  		u8 key[MACSEC_MAX_KEY_LEN];
>  		union {
> -- 
> 2.34.1
> 

-- 
Sabrina