| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YzqJEESxhwkcayjs@DEN-LT-70577>
Date: Mon, 3 Oct 2022 06:52:40 +0000
From: <Daniel.Machon@...rochip.com>
To: <petrm@...dia.com>
CC: <netdev@...r.kernel.org>, <davem@...emloft.net>,
<maxime.chevallier@...tlin.com>, <thomas.petazzoni@...tlin.com>,
<edumazet@...gle.com>, <kuba@...nel.org>, <pabeni@...hat.com>,
<Lars.Povlsen@...rochip.com>, <Steen.Hegelund@...rochip.com>,
<UNGLinuxDriver@...rochip.com>, <joe@...ches.com>,
<linux@...linux.org.uk>, <Horatiu.Vultur@...rochip.com>,
<Julia.Lawall@...ia.fr>, <vladimir.oltean@....com>,
<linux-kernel@...r.kernel.org>,
<linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH net-next v2 4/6] net: microchip: sparx5: add support for
apptrust
> > Make use of set/getapptrust() to implement per-selector trust and trust
> > order.
> >
> > Signed-off-by: Daniel Machon <daniel.machon@...rochip.com>
> > ---
> > .../ethernet/microchip/sparx5/sparx5_dcb.c | 116 ++++++++++++++++++
> > .../ethernet/microchip/sparx5/sparx5_main.h | 3 +
> > .../ethernet/microchip/sparx5/sparx5_port.c | 4 +-
> > .../ethernet/microchip/sparx5/sparx5_port.h | 2 +
> > .../ethernet/microchip/sparx5/sparx5_qos.c | 4 +
> > 5 files changed, 127 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/net/ethernet/microchip/sparx5/sparx5_dcb.c b/drivers/net/ethernet/microchip/sparx5/sparx5_dcb.c
> > index db17c124dac8..10aeb422b1ae 100644
> > --- a/drivers/net/ethernet/microchip/sparx5/sparx5_dcb.c
> > +++ b/drivers/net/ethernet/microchip/sparx5/sparx5_dcb.c
> > @@ -8,6 +8,22 @@
> >
> > #include "sparx5_port.h"
> >
> > +static const struct sparx5_dcb_apptrust {
> > + u8 selectors[256];
> > + int nselectors;
> > + char *names;
>
> I think this should be just "name".
I dont think so. This is a str representation of all the selector values.
"names" makes more sense to me.
>
> > +} *apptrust[SPX5_PORTS];
> > +
> > +/* Sparx5 supported apptrust configurations */
> > +static const struct sparx5_dcb_apptrust apptrust_conf[4] = {
> > + /* Empty *must* be first */
> > + { { 0 }, 0, "empty" },
> > + { { IEEE_8021QAZ_APP_SEL_DSCP }, 1, "dscp" },
> > + { { DCB_APP_SEL_PCP }, 1, "pcp" },
> > + { { IEEE_8021QAZ_APP_SEL_DSCP,
> > + DCB_APP_SEL_PCP }, 2, "dscp pcp" },
> > +};
> > +
> > /* Validate app entry.
> > *
> > * Check for valid selectors and valid protocol and priority ranges.
> > @@ -37,12 +53,59 @@ static int sparx5_dcb_app_validate(struct net_device *dev,
> > return err;
> > }
> >
> > +/* Validate apptrust configuration.
> > + *
> > + * Return index of supported apptrust configuration if valid, otherwise return
> > + * error.
> > + */
> > +static int sparx5_dcb_apptrust_validate(struct net_device *dev, u8 *selectors,
> > + int nselectors, int *err)
> > +{
> > + bool match;
> > + int i, ii;
> > +
> > + for (i = 0; i < ARRAY_SIZE(apptrust_conf); i++) {
>
> I would do this here:
>
> if (apptrust_conf[i].nselectors != nselectors) continue;
>
> to avoid having to think about the semantics of comparing to all those
> zeroes in apptrust_conf.selectors array.
Yes, that would be good.
>
> > + match = true;
> > + for (ii = 0; ii < nselectors; ii++) {
> > + if (apptrust_conf[i].selectors[ii] !=
> > + *(selectors + ii)) {
> > + match = false;
> > + break;
> > + }
> > + }
> > + if (match)
> > + break;
> > + }
> > +
> > + /* Requested trust configuration is not supported */
> > + if (!match) {
> > + netdev_err(dev, "Valid apptrust configurations are:\n");
> > + for (i = 0; i < ARRAY_SIZE(apptrust_conf); i++)
> > + pr_info("order: %s\n", apptrust_conf[i].names);
> > + *err = -EOPNOTSUPP;
> > + }
> > +
> > + return i;
> > +}
Powered by blists - more mailing lists