From: Sabrina Dubroca <sd@queasysnail.net>
To: Eric Dumazet <edumazet@google.com>
Cc: "David S . Miller" <davem@davemloft.net>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
Simon Horman <horms@kernel.org>,
Kuniyuki Iwashima <kuniyu@google.com>,
netdev@vger.kernel.org, eric.dumazet@gmail.com,
Andrew Lunn <andrew+netdev@lunn.ch>
Subject: Re: [PATCH net-next] macsec: no longer rely on RTNL in macsec_fill_info()
Date: Fri, 3 Jul 2026 00:30:47 +0200 [thread overview]
Message-ID: <akbml3DkpQJuVYZd@krikkit> (raw)
In-Reply-To: <20260701094341.3218199-1-edumazet@google.com>
2026-07-01, 09:43:41 +0000, Eric Dumazet wrote:
> Add READ_ONCE()/WRITE_ONCE() annotations on fields that can be
> changed concurrently in macsec_changelink() and macsec_update_offload():
>
> - secy->key_len
> - secy->xpn
Those can't be changed, macsec_changelink() rejects
IFLA_MACSEC_CIPHER_SUITE (as well as IFLA_MACSEC_ICV_LEN and
IFLA_MACSEC_SCI) and key_len/xpn are fully linked to the cipher suite.
But I don't mind the extra READ/WRITE_ONCE if you don't want to
resend.
Reviewed-by: Sabrina Dubroca <sd@queasysnail.net>
> - tx_sc->encoding_sa
> - tx_sc->encrypt
> - secy->protect_frames
> - tx_sc->send_sci
> - tx_sc->end_station
> - tx_sc->scb
> - secy->replay_protect
> - secy->validate_frames
> - secy->replay_window
> - macsec->offload
>
> This allows macsec_fill_info() to run locklessly without RTNL.
And at some point, the whole datapath probably needs some READ_ONCE()
sprinkled for those fields, too.
> @@ -3928,13 +3929,14 @@ static int macsec_changelink_common(struct net_device *dev,
> }
>
> if (data[IFLA_MACSEC_WINDOW]) {
> - secy->replay_window = nla_get_u32(data[IFLA_MACSEC_WINDOW]);
> + u32 replay_window = nla_get_u32(data[IFLA_MACSEC_WINDOW]);
>
> /* IEEE 802.1AEbw-2013 10.7.8 - maximum replay window
> * for XPN cipher suites */
> if (secy->xpn &&
> - secy->replay_window > MACSEC_XPN_MAX_REPLAY_WINDOW)
> + replay_window > MACSEC_XPN_MAX_REPLAY_WINDOW)
nit: no longer > 80 chars
--
Sabrina
next prev parent reply other threads:[~2026-07-02 22:30 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-07-01 9:43 [PATCH net-next] macsec: no longer rely on RTNL in macsec_fill_info() Eric Dumazet
2026-07-01 22:27 ` Kuniyuki Iwashima
2026-07-02 22:30 ` Sabrina Dubroca [this message]
2026-07-03 16:50 ` patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=akbml3DkpQJuVYZd@krikkit \
--to=sd@queasysnail.net \
--cc=andrew+netdev@lunn.ch \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=eric.dumazet@gmail.com \
--cc=horms@kernel.org \
--cc=kuba@kernel.org \
--cc=kuniyu@google.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox