[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20191215.134452.1354053731963113491.davem@davemloft.net>
Date:   Sun, 15 Dec 2019 13:44:52 -0800 (PST)
From:   David Miller <davem@...emloft.net>
To:     antoine.tenart@...tlin.com
Cc:     sd@...asysnail.net, andrew@...n.ch, f.fainelli@...il.com,
        hkallweit1@...il.com, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, thomas.petazzoni@...tlin.com,
        alexandre.belloni@...tlin.com, allan.nielsen@...rochip.com,
        camelia.groza@....com, Simon.Edelhaus@...antia.com,
        Igor.Russkikh@...antia.com, jakub.kicinski@...ronome.com
Subject: Re: [PATCH net-next v3 06/15] net: macsec: add nla support for
 changing the offloading selection
From: Antoine Tenart <antoine.tenart@...tlin.com>
Date: Fri, 13 Dec 2019 16:48:35 +0100
> +static int macsec_upd_offload(struct sk_buff *skb, struct genl_info *info)
> +{
This function is over the top and in fact confusing.
Really, if you want to make semantics sane, you have to require that no
rules are installed when enabling offloading.  The required sequence of
events if "enable offloading, add initial rules".
> +	/* Check the physical interface isn't offloading another interface
> +	 * first.
> +	 */
> +	for_each_net(loop_net) {
> +		for_each_netdev(loop_net, loop_dev) {
> +			struct macsec_dev *priv;
> +
> +			if (!netif_is_macsec(loop_dev))
> +				continue;
> +
> +			priv = macsec_priv(loop_dev);
> +
> +			if (!macsec_check_offload(MACSEC_OFFLOAD_PHY, priv))
> +				continue;
> +
> +			if (priv->offload != MACSEC_OFFLOAD_OFF)
> +				return -EBUSY;
> +		}
> +	}
You are rejecting the enabling of offloading on one interface if any
interface in the entire system is doing macsec offload?  That doesn't
make any sense at all.
Really, just require that a macsec interface is "clean" (no rules installed
yet) in order to enable offloading.
Then you don't have to check anything else at all.
Powered by blists - more mailing lists
 
