Received: by 2002:a05:7412:37c9:b0:e2:908c:2ebd with SMTP id jz9csp2363617rdb; Thu, 21 Sep 2023 17:08:14 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGUJPmQAjjSw6wSp8zsuK9dhdFSJd+j7dhI8XSyYojovdFKPYOTjes9g32xsgMZmgZKPOQ0 X-Received: by 2002:a05:6a20:dda2:b0:14c:512c:c138 with SMTP id kw34-20020a056a20dda200b0014c512cc138mr5490544pzb.60.1695341293715; Thu, 21 Sep 2023 17:08:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695341293; cv=none; d=google.com; s=arc-20160816; b=f+rq8CtYeMlQVu2YegjOXesR/XE8vzGfNGzHh9Ki4fS2df9b3chEKP7UrvtT5jKjOX gpbhGqTDMNUFEUgq4QmIHa9eqFqx/KD/VDX9BLusy2Ue0eOhdQoB8edswmcvH7iYQtUM NG9hBcS/MTPD7AEEfJdOBVLXcqrAhBv9k1aYQf3fIlR4SNYhEGp0qv40UqNc+VLh/US0 BYZe5Tx8LVWgTylHUGY9LJeV7oOl5bKFGUe3cDjwq1XPU5y4jQh6R9DFamE/kiZVir80 MxO7zziGcUyBpoXE65vBTiI6KZBN0jKksmftHnx6OMVpN2mWVq7A0vq2Kh6D0l3b9yxi cI/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=zvNaQ/6AUwS3HA2xXjlSHZRwu9Jqdm0GoausyO4ib1M=; fh=sllz97FNcu4km1oriVASWeLLPWlfMp1wHh+096mOgEs=; b=CJppCd69yyt7r6e3QWhIgPBUStyOKoP4c3RFWY63pMFrrzakP6FSJoN+Oq2RQ8Iabn 2t4/wAboTLebJf1Wh/TvkubtJK2bifPzDllSMQ15V8Nq55IruCCzG7QjfPjsEaxE+Fgd OzE/kR5FbK0U0gX520LiG58OK/7JE/b2W0D2AGfFChk4xanoycRw7mBHBU4HLQQHjH7i lY4AQWZQRVxEn980Lk7CjOVrTC0RIHWqJYKXVKz3pN2mk7ISAaKmFSqHi/2sAH64gXaq 3iHbzTKBqnL//O5D2Y5D/2N742wXtKgnWW16/0XE54GeYho+fcGK9jY+EFHz/0yhBNrV Y5hQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id kw16-20020a170902f91000b001b8039317cesi2368623plb.301.2023.09.21.17.08.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Sep 2023 17:08:13 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 560E182D7C73; Thu, 21 Sep 2023 13:00:28 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231520AbjIUUA2 (ORCPT + 99 others); Thu, 21 Sep 2023 16:00:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46902 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231640AbjIUT7z (ORCPT ); Thu, 21 Sep 2023 15:59:55 -0400 Received: from us-smtp-delivery-44.mimecast.com (unknown [207.211.30.44]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 35A4937BE0 for ; Thu, 21 Sep 2023 10:24:58 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-314-OaVbmCMZP7yeyxSGinlawg-1; Thu, 21 Sep 2023 11:11:45 -0400 X-MC-Unique: OaVbmCMZP7yeyxSGinlawg-1 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 4978018172CA; Thu, 21 Sep 2023 15:11:44 +0000 (UTC) Received: from hog (unknown [10.39.192.47]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 935BF492C37; Thu, 21 Sep 2023 15:11:42 +0000 (UTC) Date: Thu, 21 Sep 2023 17:11:41 +0200 From: Sabrina Dubroca To: "Radu Pirea (NXP OSS)" Cc: andrew@lunn.ch, hkallweit1@gmail.com, linux@armlinux.org.uk, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, richardcochran@gmail.com, sebastian.tobuschat@oss.nxp.com, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH net-next v5 3/7] net: macsec: indicate next pn update when offloading Message-ID: References: <20230920092237.121033-1-radu-nicolae.pirea@oss.nxp.com> <20230920092237.121033-4-radu-nicolae.pirea@oss.nxp.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20230920092237.121033-4-radu-nicolae.pirea@oss.nxp.com> X-Scanned-By: MIMEDefang 3.1 on 10.11.54.10 X-Spam-Status: No, score=0.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_BLOCKED, RCVD_IN_VALIDITY_RPBL,RDNS_NONE,SPF_HELO_NONE,SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Thu, 21 Sep 2023 13:00:28 -0700 (PDT) 2023-09-20, 12:22:33 +0300, Radu Pirea (NXP OSS) wrote: > Indicate next PN update using update_pn flag in macsec_context. > Offloaded MACsec implementations does not know whether or not the > MACSEC_SA_ATTR_PN attribute was passed for an SA update and assume > that next PN should always updated, but this is not always true. This should probably go through net so that we can fix some drivers that are currently doing the wrong thing. octeontx2 should be fixable. atlantic looks like it would reset the PN to whatever was read during the last dump, and it's unclear if that can be fixed (AFAIU set_egress_sa_record writes the whole config at once). mscc doesn't seem to modify the PN (even if requested -- should it should reject the update), and mlx5 doesn't allow PN update (by storing the initial value of next_pn on SA creation). > diff --git a/include/net/macsec.h b/include/net/macsec.h > index ecae5eeb021a..42072fdcc183 100644 > --- a/include/net/macsec.h > +++ b/include/net/macsec.h > @@ -254,6 +254,7 @@ struct macsec_secy { > * @offload: MACsec offload status > * @secy: pointer to a MACsec SecY > * @rx_sc: pointer to a RX SC > + * @update_pn: this flag indicates updating the next PN when updating the SA nit: "this flag indicates" is not very useful, thus: @update_pn: when updating the SA, update the next PN > * @assoc_num: association number of the target SA > * @key: key of the target SA > * @rx_sa: pointer to an RX SA if a RX SA is added/updated/removed > @@ -274,6 +275,7 @@ struct macsec_context { > struct macsec_secy *secy; > struct macsec_rx_sc *rx_sc; > struct { > + bool update_pn; > unsigned char assoc_num; > u8 key[MACSEC_MAX_KEY_LEN]; > union { > -- > 2.34.1 > -- Sabrina