| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 28 Nov 2022 15:42:19 -0800
From: Jacob Keller <jacob.e.keller@...el.com>
To: Saeed Mahameed <saeed@...nel.org>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>,
Eric Dumazet <edumazet@...gle.com>
CC: Saeed Mahameed <saeedm@...dia.com>, <netdev@...r.kernel.org>,
Tariq Toukan <tariqt@...dia.com>,
Emeel Hakim <ehakim@...dia.com>, Raed Salem <raeds@...dia.com>
Subject: Re: [net 13/15] net/mlx5e: MACsec, remove replay window size
limitation in offload path
On 11/24/2022 12:10 AM, Saeed Mahameed wrote:
> From: Emeel Hakim <ehakim@...dia.com>
>
> Currently offload path limits replay window size to 32/64/128/256 bits,
> such a limitation should not exist since software allows it.
> Remove such limitation.
>
> Fixes: eb43846b43c3 ("net/mlx5e: Support MACsec offload replay window")
> Signed-off-by: Emeel Hakim <ehakim@...dia.com>
> Reviewed-by: Raed Salem <raeds@...dia.com>
> Signed-off-by: Saeed Mahameed <saeedm@...dia.com>
> ---
> .../mellanox/mlx5/core/en_accel/macsec.c | 16 ----------------
> include/linux/mlx5/mlx5_ifc.h | 7 -------
> 2 files changed, 23 deletions(-)
>
> diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/macsec.c b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/macsec.c
> index c19581f1f733..72f8be65fa90 100644
> --- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/macsec.c
> +++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/macsec.c
> @@ -229,22 +229,6 @@ static int macsec_set_replay_protection(struct mlx5_macsec_obj_attrs *attrs, voi
> if (!attrs->replay_protect)
> return 0;
>
> - switch (attrs->replay_window) {
> - case 256:
> - window_sz = MLX5_MACSEC_ASO_REPLAY_WIN_256BIT;
> - break;
> - case 128:
> - window_sz = MLX5_MACSEC_ASO_REPLAY_WIN_128BIT;
> - break;
> - case 64:
> - window_sz = MLX5_MACSEC_ASO_REPLAY_WIN_64BIT;
> - break;
> - case 32:
> - window_sz = MLX5_MACSEC_ASO_REPLAY_WIN_32BIT;
> - break;
> - default:
> - return -EINVAL;
> - }
What sets window_sz now? Looking at the current code wouldn't this leave
window_sz uninitialized and this undefined behavior of MLX5_SET? Either
you should just forward in attrs->replay_window and remove window_sz
local or drop the MLX5_SET call for setting window size?
> MLX5_SET(macsec_aso, aso_ctx, window_size, window_sz);
> MLX5_SET(macsec_aso, aso_ctx, mode, MLX5_MACSEC_ASO_REPLAY_PROTECTION);
> > diff --git a/include/linux/mlx5/mlx5_ifc.h
b/include/linux/mlx5/mlx5_ifc.h
> index 5a4e914e2a6f..981fc7dfa408 100644
> --- a/include/linux/mlx5/mlx5_ifc.h
> +++ b/include/linux/mlx5/mlx5_ifc.h
> @@ -11611,13 +11611,6 @@ enum {
> MLX5_MACSEC_ASO_REPLAY_PROTECTION = 0x1,
> };
>
> -enum {
> - MLX5_MACSEC_ASO_REPLAY_WIN_32BIT = 0x0,
> - MLX5_MACSEC_ASO_REPLAY_WIN_64BIT = 0x1,
> - MLX5_MACSEC_ASO_REPLAY_WIN_128BIT = 0x2,
> - MLX5_MACSEC_ASO_REPLAY_WIN_256BIT = 0x3,
> -};
> -
> #define MLX5_MACSEC_ASO_INC_SN 0x2
> #define MLX5_MACSEC_ASO_REG_C_4_5 0x2
>
Powered by blists - more mailing lists