[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <b33195b3-aa6d-defa-97c4-280da7e5e6d6@oss.nxp.com>
Date: Wed, 9 Aug 2023 09:37:40 +0300
From: "Radu Pirea (OSS)" <radu-nicolae.pirea@....nxp.com>
To: Sabrina Dubroca <sd@...asysnail.net>
Cc: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
pabeni@...hat.com, netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net: macsec: use TX SCI as MAC address
On 08.08.2023 18:22, Sabrina Dubroca wrote:
> 2023-08-08, 17:14:29 +0300, Radu Pirea (NXP OSS) wrote:
>> According to IEEE 802.1AE the SCI comprises the MAC address and the port
>> identifier.
>
> I don't think the SCI needs to be composed of the actual device's MAC
> address. 8.2.1 says that the MAC address *can* be used to compose the
> SCI, but doesn't mandate it.
I used IEEE 802.1AE-2018 as documentation and the text is slightly
different. However, the purpose of this patch is not to force this match
between the MAC address and the SCI, is just to have different MAC
addresses when the interfaces are created with an specific SCI.
For example, the following command will not set 00:01:be:be:ef:17 as MAC
address for the new interface. Would you expect that?
ip link add link enet_p2 macsec0 type macsec address 00:01:be:be:ef:17
port 1 encrypt on
>
> If you want the SCI to match the device's MAC address, why not use
> IFLA_MACSEC_PORT instead?
In this case, if no MAC address is specified, it makes sense to inherit
the MAC address from the real netdev.
>
>> If a new MACsec interface is created with a specific TX SCI, use that
>> SCI to set the MAC address of the new interface.
>>
>> Signed-off-by: Radu Pirea (NXP OSS) <radu-nicolae.pirea@....nxp.com>
>> ---
>> drivers/net/macsec.c | 8 +++++---
>> 1 file changed, 5 insertions(+), 3 deletions(-)
>>
>> diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c
>> index 984dfa5d6c11..6db69daf880d 100644
>> --- a/drivers/net/macsec.c
>> +++ b/drivers/net/macsec.c
>> @@ -4103,12 +4103,14 @@ static int macsec_newlink(struct net *net, struct net_device *dev,
>> /* need to be already registered so that ->init has run and
>> * the MAC addr is set
>> */
>> - if (data && data[IFLA_MACSEC_SCI])
>> + if (data && data[IFLA_MACSEC_SCI]) {
>> sci = nla_get_sci(data[IFLA_MACSEC_SCI]);
>> - else if (data && data[IFLA_MACSEC_PORT])
>> + eth_hw_addr_set(dev, (u8 *)&sci);
>> + } else if (data && data[IFLA_MACSEC_PORT]) {
>> sci = dev_to_sci(dev, nla_get_be16(data[IFLA_MACSEC_PORT]));
>> - else
>> + } else {
>> sci = dev_to_sci(dev, MACSEC_PORT_ES);
>> + }
>>
>> if (rx_handler && sci_exists(real_dev, sci)) {
>> err = -EBUSY;
>> --
>> 2.34.1
>>
>
--
Radu P.
Powered by blists - more mailing lists