lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 29 Mar 2023 16:43:59 +0200
From:   Sabrina Dubroca <sd@...asysnail.net>
To:     Emeel Hakim <ehakim@...dia.com>
Cc:     davem@...emloft.net, kuba@...nel.org, pabeni@...hat.com,
        edumazet@...gle.com, netdev@...r.kernel.org
Subject: Re: [PATCH net-next v2 1/4] vlan: Add MACsec offload operations for
 VLAN interface

2023-03-29, 15:21:04 +0300, Emeel Hakim wrote:
> Add support for MACsec offload operations for VLAN driver
> to allow offloading MACsec when VLAN's real device supports
> Macsec offload by forwarding the offload request to it.
> 
> Signed-off-by: Emeel Hakim <ehakim@...dia.com>
> ---
> V1 -> V2: - Consult vlan_features when adding NETIF_F_HW_MACSEC.

Uh? You're not actually doing that? You also dropped the
changes to vlan_dev_fix_features without explaining why.

[...]
> @@ -572,6 +573,9 @@ static int vlan_dev_init(struct net_device *dev)
>  			   NETIF_F_HIGHDMA | NETIF_F_SCTP_CRC |
>  			   NETIF_F_ALL_FCOE;
>  
> +	if (real_dev->features & NETIF_F_HW_MACSEC)
> +		dev->hw_features |= NETIF_F_HW_MACSEC;
> +
>  	dev->features |= dev->hw_features | NETIF_F_LLTX;
>  	netif_inherit_tso_max(dev, real_dev);
>  	if (dev->features & NETIF_F_VLAN_FEATURES)
> @@ -803,6 +807,100 @@ static int vlan_dev_fill_forward_path(struct net_device_path_ctx *ctx,
>  	return 0;
>  }
>  
> +#if IS_ENABLED(CONFIG_MACSEC)
> +
> +static const struct macsec_ops *vlan_get_macsec_ops(struct macsec_context *ctx)
                                                       ^ const?

> +{
> +	return vlan_dev_priv(ctx->netdev)->real_dev->macsec_ops;
> +}
> +
> +#define _BUILD_VLAN_MACSEC_MDO(mdo) \
> +	const struct macsec_ops *ops; \
> +	ops =  vlan_get_macsec_ops(ctx); \
> +	return ops ? ops->mdo_ ## mdo(ctx) : -EOPNOTSUPP
> +
> +static int vlan_macsec_add_txsa(struct macsec_context *ctx)
> +{
> +_BUILD_VLAN_MACSEC_MDO(add_txsa);

Shouldn't those be indented?

> +}
> +

[...]
> +
> +#define VLAN_MACSEC_DECLARE_MDO(mdo) .mdo_ ## mdo = vlan_macsec_ ## mdo
> +
> +static const struct macsec_ops macsec_offload_ops = {
> +	VLAN_MACSEC_DECLARE_MDO(add_txsa),

This completely breaks the ability to use cscope when looking for
implementations of mdo_add_txsa. I'm not very fond of the c/p, but I
don't think we should be using macros at all here. At least to me,
being able to navigate directly from mdo_add_txsa to its
implementation without expanding the macro manually is important.

So, IMHO, those should be:

	.mdo_add_txsa = vlan_macsec_add_txsa,

(etc)

-- 
Sabrina

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ