| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 May 2023 05:42:13 +0000
From: Subbaraya Sundeep Bhatta <sbhatta@...vell.com>
To: Simon Horman <simon.horman@...igine.com>
CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"davem@...emloft.net"
<davem@...emloft.net>,
"edumazet@...gle.com" <edumazet@...gle.com>,
"kuba@...nel.org" <kuba@...nel.org>,
"pabeni@...hat.com" <pabeni@...hat.com>,
Geethasowjanya Akula <gakula@...vell.com>,
Naveen Mamindlapalli
<naveenm@...vell.com>,
Hariprasad Kelam <hkelam@...vell.com>,
Linu Cherian
<lcherian@...vell.com>,
Sunil Kovvuri Goutham <sgoutham@...vell.com>
Subject: RE: [EXT] Re: [net-next PATCH] octeontx2-pf: mcs: Offload extended
packet number(XPN) feature
Hi Simon,
>-----Original Message-----
>From: Simon Horman <simon.horman@...igine.com>
>Sent: Wednesday, May 10, 2023 11:43 PM
>To: Subbaraya Sundeep Bhatta <sbhatta@...vell.com>
>Cc: netdev@...r.kernel.org; davem@...emloft.net; edumazet@...gle.com;
>kuba@...nel.org; pabeni@...hat.com; Geethasowjanya Akula
><gakula@...vell.com>; Naveen Mamindlapalli <naveenm@...vell.com>;
>Hariprasad Kelam <hkelam@...vell.com>; Linu Cherian
><lcherian@...vell.com>; Sunil Kovvuri Goutham <sgoutham@...vell.com>
>Subject: Re: [net-next PATCH] octeontx2-pf: mcs: Offload extended packet
>number(XPN) feature
>
>On Wed, May 10, 2023 at 08:21:23PM +0530, Subbaraya Sundeep wrote:
>> The macsec hardware block supports XPN cipher suites also.
>> Hence added changes to offload XPN feature. Changes include
>> configuring SecY policy to XPN cipher suite, Salt and SSCI values.
>> 64 bit packet number is passed instead of 32 bit packet number.
>>
>> Signed-off-by: Subbaraya Sundeep <sbhatta@...vell.com>
>> Signed-off-by: Sunil Kovvuri Goutham <sgoutham@...vell.com>
>
>...
>
>> @@ -349,6 +366,15 @@ static int cn10k_mcs_write_rx_sa_plcy(struct otx2_nic
>*pfvf,
>> reg++;
>> }
>>
>> + if (secy->xpn) {
>> + memcpy((u8 *)&salt_63_0, salt_p, 8);
>> + memcpy((u8 *)&ssci_salt_95_64, salt_p + 8, 4);
>> + ssci_salt_95_64 |= (u64)rxsc->ssci[assoc_num] << 32;
>
>Hi Subbaraya,
>
>Sparse says:
>
>drivers/net/ethernet/marvell/octeontx2/nic/cn10k_macsec.c:372:37: warning:
>cast from restricted ssci_t
>drivers/net/ethernet/marvell/octeontx2/nic/cn10k_macsec.c:611:37: warning:
>cast from restricted ssci_t
>
>I think if you really need a u64 here then you need (__force u64).
>But of course at that point any help types and annotations give you have been
>thrown out the window.
>
Yeah __force is required. I overlooked the warnings from sparse. I will submit v2.
Thanks,
Sundeep
>> +
>> + plcy_req->plcy[0][6] = salt_63_0;
>> + plcy_req->plcy[0][7] = ssci_salt_95_64;
>> + }
>> +
>> plcy_req->sa_index[0] = rxsc->hw_sa_id[assoc_num];
>> plcy_req->sa_cnt = 1;
>> plcy_req->dir = MCS_RX;
>
>...
>
>> @@ -561,6 +605,15 @@ static int cn10k_mcs_write_tx_sa_plcy(struct otx2_nic
>*pfvf,
>> reg++;
>> }
>>
>> + if (secy->xpn) {
>> + memcpy((u8 *)&salt_63_0, salt_p, 8);
>> + memcpy((u8 *)&ssci_salt_95_64, salt_p + 8, 4);
>> + ssci_salt_95_64 |= (u64)txsc->ssci[assoc_num] << 32;
>> +
>> + plcy_req->plcy[0][6] = salt_63_0;
>> + plcy_req->plcy[0][7] = ssci_salt_95_64;
>> + }
>> +
>> plcy_req->plcy[0][8] = assoc_num;
>> plcy_req->sa_index[0] = txsc->hw_sa_id[assoc_num];
>> plcy_req->sa_cnt = 1;
>
>...
Powered by blists - more mailing lists