| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <cover.1665416630.git.sd@queasysnail.net>
Date: Thu, 13 Oct 2022 16:15:38 +0200
From: Sabrina Dubroca <sd@...asysnail.net>
To: netdev@...r.kernel.org
Cc: Antoine Tenart <atenart@...nel.org>,
Sabrina Dubroca <sd@...asysnail.net>,
Mark Starovoytov <mstarovoitov@...vell.com>,
Igor Russkikh <irusskikh@...vell.com>
Subject: [PATCH net 0/5] macsec: offload-related fixes
I'm working on a dummy offload for macsec on netdevsim. It just has a
small SecY and RXSC table so I can trigger failures easily on the
ndo_* side. It has exposed a couple of issues.
The first patch will cause some performance degradation, but in the
current state it's not possible to offload macsec to lower devices
that also support ipsec offload. I'm working on re-adding those
feature flags when offload is available, but I haven't fully solved
that yet. I think it would be safer to do that second part in net-next
considering how complex feature interactions tend to be.
Sabrina Dubroca (5):
Revert "net: macsec: report real_dev features when HW offloading is
enabled"
macsec: delete new rxsc when offload fails
macsec: fix secy->n_rx_sc accounting
macsec: fix detection of RXSCs when toggling offloading
macsec: clear encryption keys from the stack after setting up offload
drivers/net/macsec.c | 51 ++++++++++++++++----------------------------
1 file changed, 18 insertions(+), 33 deletions(-)
--
2.38.0
Powered by blists - more mailing lists