[net,3/5] macsec: fix secy->n_rx_sc accounting

Message ID	1879f6c8a7fcb5d7bb58ffb3d9fed26c8d7ec5cb.1665416630.git.sd@queasysnail.net (mailing list archive)
State	Superseded
Delegated to:	Netdev Maintainers
Headers	show Return-Path: <netdev-owner@kernel.org> From: Sabrina Dubroca <sd@queasysnail.net> To: netdev@vger.kernel.org Cc: Antoine Tenart <atenart@kernel.org>, Sabrina Dubroca <sd@queasysnail.net> Subject: [PATCH net 3/5] macsec: fix secy->n_rx_sc accounting Date: Thu, 13 Oct 2022 16:15:41 +0200 Message-Id: <1879f6c8a7fcb5d7bb58ffb3d9fed26c8d7ec5cb.1665416630.git.sd@queasysnail.net> In-Reply-To: <cover.1665416630.git.sd@queasysnail.net> References: <cover.1665416630.git.sd@queasysnail.net> MIME-Version: 1.0 Content-Transfer-Encoding: 8BIT Content-Type: text/plain; charset=WINDOWS-1252; x-default=true Precedence: bulk
Series	macsec: offload-related fixes \| expand [net,0/5] macsec: offload-related fixes [net,1/5] Revert "net: macsec: report real_dev features when HW offloading is enabled" [net,2/5] macsec: delete new rxsc when offload fails [net,3/5] macsec: fix secy->n_rx_sc accounting [net,4/5] macsec: fix detection of RXSCs when toggling offloading [net,5/5] macsec: clear encryption keys from the stack after setting up offload

Message ID

1879f6c8a7fcb5d7bb58ffb3d9fed26c8d7ec5cb.1665416630.git.sd@queasysnail.net (mailing list archive)

State

Superseded

Delegated to:

Netdev Maintainers

Headers

From: Sabrina Dubroca <sd@queasysnail.net>
To: netdev@vger.kernel.org
Cc: Antoine Tenart <atenart@kernel.org>,
        Sabrina Dubroca <sd@queasysnail.net>
Subject: [PATCH net 3/5] macsec: fix secy->n_rx_sc accounting
Date: Thu, 13 Oct 2022 16:15:41 +0200
Message-Id: 
 <1879f6c8a7fcb5d7bb58ffb3d9fed26c8d7ec5cb.1665416630.git.sd@queasysnail.net>
In-Reply-To: <cover.1665416630.git.sd@queasysnail.net>
References: <cover.1665416630.git.sd@queasysnail.net>
MIME-Version: 1.0
Content-Transfer-Encoding: 8BIT
Content-Type: text/plain; charset=WINDOWS-1252; x-default=true
Precedence: bulk

Series

macsec: offload-related fixes | expand

Context	Check	Description
netdev/tree_selection	success	Clearly marked for net
netdev/fixes_present	success	Fixes tag present in non-next series
netdev/subject_prefix	success	Link
netdev/cover_letter	success	Series has a cover letter
netdev/patch_count	success	Link
netdev/header_inline	success	No static functions without inline keyword in header files
netdev/build_32bit	success	Errors and warnings before: 4 this patch: 4
netdev/cc_maintainers	fail	2 blamed authors not CCed: hannes@stressinduktion.org davem@davemloft.net; 5 maintainers not CCed: kuba@kernel.org hannes@stressinduktion.org davem@davemloft.net edumazet@google.com pabeni@redhat.com
netdev/build_clang	success	Errors and warnings before: 0 this patch: 0
netdev/module_param	success	Was 0 now: 0
netdev/verify_signedoff	success	Signed-off-by tag matches author and committer
netdev/check_selftest	success	No net selftest shell script
netdev/verify_fixes	success	Fixes tag looks correct
netdev/build_allmodconfig_warn	success	Errors and warnings before: 4 this patch: 4
netdev/checkpatch	warning	CHECK: Please don't use multiple blank lines
netdev/kdoc	success	Errors and warnings before: 0 this patch: 0
netdev/source_inline	success	Was 0 now: 0

Context

Check

Description

netdev/tree_selection

success

Clearly marked for net

netdev/fixes_present

success

Fixes tag present in non-next series

netdev/subject_prefix

success

Link

netdev/cover_letter

success

Series has a cover letter

netdev/patch_count

success

Link

netdev/header_inline

success

No static functions without inline keyword in header files

netdev/build_32bit

success

Errors and warnings before: 4 this patch: 4

netdev/cc_maintainers

fail

2 blamed authors not CCed: hannes@stressinduktion.org davem@davemloft.net; 5 maintainers not CCed: kuba@kernel.org hannes@stressinduktion.org davem@davemloft.net edumazet@google.com pabeni@redhat.com

netdev/build_clang

success

Errors and warnings before: 0 this patch: 0

netdev/module_param

success

Was 0 now: 0

netdev/verify_signedoff

success

Signed-off-by tag matches author and committer

netdev/check_selftest

success

No net selftest shell script

netdev/verify_fixes

success

Fixes tag looks correct

netdev/build_allmodconfig_warn

success

Errors and warnings before: 4 this patch: 4

netdev/checkpatch

warning

CHECK: Please don't use multiple blank lines

netdev/kdoc

success

Errors and warnings before: 0 this patch: 0

netdev/source_inline

success

Was 0 now: 0

Commit Message

Sabrina Dubroca Oct. 13, 2022, 2:15 p.m. UTC

secy->n_rx_sc is supposed to be the number of _active_ rxsc's within a
secy. This is then used by macsec_send_sci to help decide if we should
add the SCI to the header or not.

This logic is currently broken when we create a new RXSC and turn it
off at creation, as create_rx_sc always sets ->active to true (and
immediately uses that to increment n_rx_sc), and only later
macsec_add_rxsc sets rx_sc->active.

Fixes: c09440f7dcb3 ("macsec: introduce IEEE 802.1AE driver")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
---
 drivers/net/macsec.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

Comments

Leon Romanovsky Oct. 14, 2022, 6:16 a.m. UTC | #1

On Thu, Oct 13, 2022 at 04:15:41PM +0200, Sabrina Dubroca wrote:
> secy->n_rx_sc is supposed to be the number of _active_ rxsc's within a
> secy. This is then used by macsec_send_sci to help decide if we should
> add the SCI to the header or not.
> 
> This logic is currently broken when we create a new RXSC and turn it
> off at creation, as create_rx_sc always sets ->active to true (and
> immediately uses that to increment n_rx_sc), and only later
> macsec_add_rxsc sets rx_sc->active.
> 
> Fixes: c09440f7dcb3 ("macsec: introduce IEEE 802.1AE driver")
> Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
> ---
>  drivers/net/macsec.c | 15 +++++++++------
>  1 file changed, 9 insertions(+), 6 deletions(-)
> 
> diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c
> index 0d6fe34b91ae..cdee342e42cd 100644
> --- a/drivers/net/macsec.c
> +++ b/drivers/net/macsec.c
> @@ -1413,7 +1413,8 @@ static struct macsec_rx_sc *del_rx_sc(struct macsec_secy *secy, sci_t sci)
>  	return NULL;
>  }
>  
> -static struct macsec_rx_sc *create_rx_sc(struct net_device *dev, sci_t sci)
> +static struct macsec_rx_sc *create_rx_sc(struct net_device *dev, sci_t sci,
> +					 bool active)
>  {
>  	struct macsec_rx_sc *rx_sc;
>  	struct macsec_dev *macsec;
> @@ -1437,7 +1438,7 @@ static struct macsec_rx_sc *create_rx_sc(struct net_device *dev, sci_t sci)
>  	}
>  
>  	rx_sc->sci = sci;
> -	rx_sc->active = true;
> +	rx_sc->active = active;
>  	refcount_set(&rx_sc->refcnt, 1);
>  
>  	secy = &macsec_priv(dev)->secy;
> @@ -1876,6 +1877,7 @@ static int macsec_add_rxsc(struct sk_buff *skb, struct genl_info *info)
>  	struct macsec_rx_sc *rx_sc;
>  	struct nlattr *tb_rxsc[MACSEC_RXSC_ATTR_MAX + 1];
>  	struct macsec_secy *secy;
> +	bool active = true;
>  	int ret;
>  
>  	if (!attrs[MACSEC_ATTR_IFINDEX])
> @@ -1897,15 +1899,16 @@ static int macsec_add_rxsc(struct sk_buff *skb, struct genl_info *info)
>  	secy = &macsec_priv(dev)->secy;
>  	sci = nla_get_sci(tb_rxsc[MACSEC_RXSC_ATTR_SCI]);
>  
> -	rx_sc = create_rx_sc(dev, sci);
> +
> +	if (tb_rxsc[MACSEC_RXSC_ATTR_ACTIVE])
> +		active = !!nla_get_u8(tb_rxsc[MACSEC_RXSC_ATTR_ACTIVE]);

You don't need !! to assign to bool variables and can safely omit them.

thanks

> +
> +	rx_sc = create_rx_sc(dev, sci, active);
>  	if (IS_ERR(rx_sc)) {
>  		rtnl_unlock();
>  		return PTR_ERR(rx_sc);
>  	}
>  
> -	if (tb_rxsc[MACSEC_RXSC_ATTR_ACTIVE])
> -		rx_sc->active = !!nla_get_u8(tb_rxsc[MACSEC_RXSC_ATTR_ACTIVE]);
> -
>  	if (macsec_is_offloaded(netdev_priv(dev))) {
>  		const struct macsec_ops *ops;
>  		struct macsec_context ctx;
> -- 
> 2.38.0
>

Sabrina Dubroca Oct. 14, 2022, 7:43 a.m. UTC | #2

2022-10-14, 09:16:56 +0300, Leon Romanovsky wrote:
[...]
> > @@ -1897,15 +1899,16 @@ static int macsec_add_rxsc(struct sk_buff *skb, struct genl_info *info)
> >  	secy = &macsec_priv(dev)->secy;
> >  	sci = nla_get_sci(tb_rxsc[MACSEC_RXSC_ATTR_SCI]);
> >  
> > -	rx_sc = create_rx_sc(dev, sci);
> > +
> > +	if (tb_rxsc[MACSEC_RXSC_ATTR_ACTIVE])
> > +		active = !!nla_get_u8(tb_rxsc[MACSEC_RXSC_ATTR_ACTIVE]);
> 
> You don't need !! to assign to bool variables and can safely omit them.

Yeah, but I'm just moving existing code, see below.

(please trim your replies, nobody wants to scroll through endless
quoting just to find one comment hiding in the middle)

> 
> thanks
> 
> > +
> > +	rx_sc = create_rx_sc(dev, sci, active);
> >  	if (IS_ERR(rx_sc)) {
> >  		rtnl_unlock();
> >  		return PTR_ERR(rx_sc);
> >  	}
> >  
> > -	if (tb_rxsc[MACSEC_RXSC_ATTR_ACTIVE])
> > -		rx_sc->active = !!nla_get_u8(tb_rxsc[MACSEC_RXSC_ATTR_ACTIVE]);

Leon Romanovsky Oct. 14, 2022, 11:08 a.m. UTC | #3

On Fri, Oct 14, 2022 at 09:43:41AM +0200, Sabrina Dubroca wrote:
> 2022-10-14, 09:16:56 +0300, Leon Romanovsky wrote:
> [...]
> > > @@ -1897,15 +1899,16 @@ static int macsec_add_rxsc(struct sk_buff *skb, struct genl_info *info)
> > >  	secy = &macsec_priv(dev)->secy;
> > >  	sci = nla_get_sci(tb_rxsc[MACSEC_RXSC_ATTR_SCI]);
> > >  
> > > -	rx_sc = create_rx_sc(dev, sci);
> > > +
> > > +	if (tb_rxsc[MACSEC_RXSC_ATTR_ACTIVE])
> > > +		active = !!nla_get_u8(tb_rxsc[MACSEC_RXSC_ATTR_ACTIVE]);
> > 
> > You don't need !! to assign to bool variables and can safely omit them.
> 
> Yeah, but I'm just moving existing code, see below.

Not really, original code was "rx_sc->active = ...", but you changed to
use local value. So it is perfectly fine to fix the !! too.

Thanks

diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c
index 0d6fe34b91ae..cdee342e42cd 100644
--- a/drivers/net/macsec.c
+++ b/drivers/net/macsec.c
@@ -1413,7 +1413,8 @@  static struct macsec_rx_sc *del_rx_sc(struct macsec_secy *secy, sci_t sci)
 	return NULL;
 }
 
-static struct macsec_rx_sc *create_rx_sc(struct net_device *dev, sci_t sci)
+static struct macsec_rx_sc *create_rx_sc(struct net_device *dev, sci_t sci,
+					 bool active)
 {
 	struct macsec_rx_sc *rx_sc;
 	struct macsec_dev *macsec;
@@ -1437,7 +1438,7 @@  static struct macsec_rx_sc *create_rx_sc(struct net_device *dev, sci_t sci)
 	}
 
 	rx_sc->sci = sci;
-	rx_sc->active = true;
+	rx_sc->active = active;
 	refcount_set(&rx_sc->refcnt, 1);
 
 	secy = &macsec_priv(dev)->secy;
@@ -1876,6 +1877,7 @@  static int macsec_add_rxsc(struct sk_buff *skb, struct genl_info *info)
 	struct macsec_rx_sc *rx_sc;
 	struct nlattr *tb_rxsc[MACSEC_RXSC_ATTR_MAX + 1];
 	struct macsec_secy *secy;
+	bool active = true;
 	int ret;
 
 	if (!attrs[MACSEC_ATTR_IFINDEX])
@@ -1897,15 +1899,16 @@  static int macsec_add_rxsc(struct sk_buff *skb, struct genl_info *info)
 	secy = &macsec_priv(dev)->secy;
 	sci = nla_get_sci(tb_rxsc[MACSEC_RXSC_ATTR_SCI]);
 
-	rx_sc = create_rx_sc(dev, sci);
+
+	if (tb_rxsc[MACSEC_RXSC_ATTR_ACTIVE])
+		active = !!nla_get_u8(tb_rxsc[MACSEC_RXSC_ATTR_ACTIVE]);
+
+	rx_sc = create_rx_sc(dev, sci, active);
 	if (IS_ERR(rx_sc)) {
 		rtnl_unlock();
 		return PTR_ERR(rx_sc);
 	}
 
-	if (tb_rxsc[MACSEC_RXSC_ATTR_ACTIVE])
-		rx_sc->active = !!nla_get_u8(tb_rxsc[MACSEC_RXSC_ATTR_ACTIVE]);
-
 	if (macsec_is_offloaded(netdev_priv(dev))) {
 		const struct macsec_ops *ops;
 		struct macsec_context ctx;

[net,3/5] macsec: fix secy->n_rx_sc accounting

Checks

Commit Message

Comments

Patch