From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: stable@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
patches@lists.linux.dev,
"Radu Pirea (NXP OSS)" <radu-nicolae.pirea@oss.nxp.com>,
Sabrina Dubroca <sd@queasysnail.net>,
Paolo Abeni <pabeni@redhat.com>, Sasha Levin <sashal@kernel.org>
Subject: [PATCH 5.15 032/102] net: macsec: indicate next pn update when offloading
Date: Mon, 16 Oct 2023 10:40:31 +0200 [thread overview]
Message-ID: <20231016083954.556834789@linuxfoundation.org> (raw)
In-Reply-To: <20231016083953.689300946@linuxfoundation.org>
5.15-stable review patch. If anyone has any objections, please let me know.
------------------
From: Radu Pirea (NXP OSS) <radu-nicolae.pirea@oss.nxp.com>
[ Upstream commit 0412cc846a1ef38697c3f321f9b174da91ecd3b5 ]
Indicate next PN update using update_pn flag in macsec_context.
Offloaded MACsec implementations does not know whether or not the
MACSEC_SA_ATTR_PN attribute was passed for an SA update and assume
that next PN should always updated, but this is not always true.
The PN can be reset to its initial value using the following command:
$ ip macsec set macsec0 tx sa 0 off #octeontx2-pf case
Or, the update PN command will succeed even if the driver does not support
PN updates.
$ ip macsec set macsec0 tx sa 0 pn 1 on #mscc phy driver case
Comparing the initial PN with the new PN value is not a solution. When
the user updates the PN using its initial value the command will
succeed, even if the driver does not support it. Like this:
$ ip macsec add macsec0 tx sa 0 pn 1 on key 00 \
ead3664f508eb06c40ac7104cdae4ce5
$ ip macsec set macsec0 tx sa 0 pn 1 on #mlx5 case
Signed-off-by: Radu Pirea (NXP OSS) <radu-nicolae.pirea@oss.nxp.com>
Reviewed-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Stable-dep-of: e0a8c918daa5 ("net: phy: mscc: macsec: reject PN update requests")
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/net/macsec.c | 2 ++
include/net/macsec.h | 1 +
2 files changed, 3 insertions(+)
diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c
index 21f41f25a8abe..07c822c301185 100644
--- a/drivers/net/macsec.c
+++ b/drivers/net/macsec.c
@@ -2410,6 +2410,7 @@ static int macsec_upd_txsa(struct sk_buff *skb, struct genl_info *info)
ctx.sa.assoc_num = assoc_num;
ctx.sa.tx_sa = tx_sa;
+ ctx.sa.update_pn = !!prev_pn.full64;
ctx.secy = secy;
ret = macsec_offload(ops->mdo_upd_txsa, &ctx);
@@ -2503,6 +2504,7 @@ static int macsec_upd_rxsa(struct sk_buff *skb, struct genl_info *info)
ctx.sa.assoc_num = assoc_num;
ctx.sa.rx_sa = rx_sa;
+ ctx.sa.update_pn = !!prev_pn.full64;
ctx.secy = secy;
ret = macsec_offload(ops->mdo_upd_rxsa, &ctx);
diff --git a/include/net/macsec.h b/include/net/macsec.h
index d6fa6b97f6efa..0dc4303329391 100644
--- a/include/net/macsec.h
+++ b/include/net/macsec.h
@@ -240,6 +240,7 @@ struct macsec_context {
struct macsec_secy *secy;
struct macsec_rx_sc *rx_sc;
struct {
+ bool update_pn;
unsigned char assoc_num;
u8 key[MACSEC_MAX_KEY_LEN];
union {
--
2.40.1
next prev parent reply other threads:[~2023-10-16 8:44 UTC|newest]
Thread overview: 123+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-16 8:39 [PATCH 5.15 000/102] 5.15.136-rc1 review Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 001/102] iommu/vt-d: Avoid memory allocation in iommu_suspend() Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 002/102] scsi: core: Use a structure member to track the SCSI command submitter Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 003/102] scsi: core: Rename scsi_mq_done() into scsi_done() and export it Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 004/102] scsi: ib_srp: Call scsi_done() directly Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 005/102] RDMA/srp: Do not call scsi_done() from srp_abort() Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 006/102] RDMA/cxgb4: Check skb value for failure to allocate Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 007/102] perf/arm-cmn: Fix the unhandled overflow status of counter 4 to 7 Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 008/102] of: overlay: Reorder struct fragment fields kerneldoc Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 009/102] platform/x86: think-lmi: Fix reference leak Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 010/102] platform/x86: hp-wmi:: Mark driver struct with __refdata to prevent section mismatch warning Greg Kroah-Hartman
2023-10-16 21:36 ` Uwe Kleine-König
2023-10-16 8:40 ` [PATCH 5.15 011/102] lib/test_meminit: fix off-by-one error in test_pages() Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 012/102] HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 013/102] quota: Fix slow quotaoff Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 014/102] net: prevent address rewrite in kernel_bind() Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 015/102] ALSA: usb-audio: Fix microphone sound on Opencomm2 Headset Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 016/102] KEYS: trusted: allow use of kernel RNG for key material Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 017/102] KEYS: trusted: Remove redundant static calls usage Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 018/102] drm/msm/dp: do not reinitialize phy unless retry during link training Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 019/102] drm/msm/dsi: skip the wait for video mode done if not applicable Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 020/102] drm/msm/dsi: fix irq_of_parse_and_map() error checking Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 021/102] drm/msm/dpu: change _dpu_plane_calc_bw() to use u64 to avoid overflow Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 022/102] ravb: Fix up dma_free_coherent() call in ravb_remove() Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 023/102] ravb: Fix use-after-free issue in ravb_tx_timeout_work() Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 024/102] ieee802154: ca8210: Fix a potential UAF in ca8210_probe Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 025/102] mlxsw: fix mlxsw_sp2_nve_vxlan_learning_set() return type Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 026/102] eth: remove copies of the NAPI_POLL_WEIGHT define Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 027/102] xen-netback: use default TX queue size for vifs Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 028/102] riscv, bpf: Factor out emit_call for kernel and bpf context Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 029/102] riscv, bpf: Sign-extend return values Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 030/102] drm/vmwgfx: fix typo of sizeof argument Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 031/102] bpf: Fix verifier log for async callback return values Greg Kroah-Hartman
2023-10-16 8:40 ` Greg Kroah-Hartman [this message]
2023-10-16 8:40 ` [PATCH 5.15 033/102] net: phy: mscc: macsec: reject PN update requests Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 034/102] ixgbe: fix crash with empty VF macvlan list Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 035/102] net/mlx5e: Again mutually exclude RX-FCS and RX-port-timestamp Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 036/102] net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 037/102] ethtool: Fix mod state of verbose no_mask bitset Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 038/102] net/smc: Fix pos miscalculation in statistics Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 039/102] pinctrl: renesas: rzn1: Enable missing PINMUX Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 040/102] nfc: nci: assert requested protocol is valid Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 041/102] workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask() Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 042/102] perf inject: Fix GEN_ELF_TEXT_OFFSET for jit Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 043/102] net: add sysctl accept_ra_min_rtr_lft Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 044/102] net: change accept_ra_min_rtr_lft to affect all RA lifetimes Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 045/102] net: release reference to inet6_dev pointer Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 046/102] media: mtk-jpeg: Fix use after free bug due to uncanceled work Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 047/102] dmaengine: stm32-mdma: abort resume if no ongoing transfer Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 048/102] xhci: Keep interrupt disabled in initialization until host is running Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 049/102] usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 050/102] net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 051/102] usb: dwc3: Soft reset phy on probe for host Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 052/102] usb: cdns3: Modify the return value of cdns_set_active () to void when CONFIG_PM_SLEEP is disabled Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 053/102] usb: musb: Get the musb_qh poniter after musb_giveback Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 054/102] usb: musb: Modify the "HWVers" register address Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 055/102] iio: pressure: bmp280: Fix NULL pointer exception Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 056/102] iio: pressure: dps310: Adjust Timeout Settings Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 057/102] iio: pressure: ms5611: ms5611_prom_is_valid false negative bug Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 058/102] drm/amdgpu: add missing NULL check Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 059/102] drm/amd/display: Dont set dpms_off for seamless boot Greg Kroah-Hartman
2023-10-16 8:40 ` [PATCH 5.15 060/102] ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CBA Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 061/102] x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 062/102] mcb: remove is_added flag from mcb_device struct Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 063/102] thunderbolt: Workaround an IOMMU fault on certain systems with Intel Maple Ridge Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 064/102] thunderbolt: Check that lane 1 is in CL0 before enabling lane bonding Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 065/102] libceph: use kernel_connect() Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 066/102] ceph: fix incorrect revoked caps assert in ceph_fill_file_size() Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 067/102] ceph: fix type promotion bug on 32bit systems Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 068/102] Input: powermate - fix use-after-free in powermate_config_complete Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 069/102] Input: psmouse - fix fast_reconnect function for PS/2 mode Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 070/102] Input: xpad - add PXN V900 support Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 071/102] Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 072/102] Input: goodix - ensure int GPIO is in input for gpio_count == 1 && gpio_int_idx == 0 case Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 073/102] tee: amdtee: fix use-after-free vulnerability in amdtee_close_session Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 074/102] cgroup: Remove duplicates in cgroup v1 tasks file Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 075/102] pinctrl: avoid unsafe code pattern in find_pinctrl() Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 076/102] counter: microchip-tcb-capture: Fix the use of internal GCLK logic Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 077/102] usb: gadget: udc-xilinx: replace memcpy with memcpy_toio Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 078/102] usb: gadget: ncm: Handle decoding of multiple NTBs in unwrap call Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 079/102] usb: cdnsp: Fixes issue with dequeuing not queued requests Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 080/102] x86/alternatives: Disable KASAN in apply_alternatives() Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 081/102] dmaengine: idxd: use spin_lock_irqsave before wait_event_lock_irq Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 082/102] dmaengine: mediatek: Fix deadlock caused by synchronize_irq() Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 083/102] powerpc/8xx: Fix pte_access_permitted() for PAGE_NONE Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 084/102] powerpc/64e: Fix wrong test in __ptep_test_and_clear_young() Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 085/102] arm64: report EL1 UNDEFs better Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 086/102] arm64: die(): pass err as long Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 087/102] arm64: consistently pass ESR_ELx to die() Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 088/102] arm64: rework FPAC exception handling Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 089/102] arm64: rework BTI " Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 090/102] arm64: allow kprobes on EL0 handlers Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 091/102] arm64: split EL0/EL1 UNDEF handlers Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 092/102] arm64: factor out EL1 SSBS emulation hook Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 093/102] arm64: factor insn read out of call_undef_hook() Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 094/102] arm64: rework EL0 MRS emulation Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 095/102] arm64: armv8_deprecated: fold ops into insn_emulation Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 096/102] arm64: armv8_deprecated move emulation functions Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 097/102] arm64: armv8_deprecated: move aarch32 helper earlier Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 098/102] arm64: armv8_deprecated: rework deprected instruction handling Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 099/102] arm64: armv8_deprecated: fix unused-function error Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 100/102] Revert "kernel/sched: Modify initial boot task idle setup" Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 101/102] usb: hub: Guard against accesses to uninitialized BOS descriptors Greg Kroah-Hartman
2023-10-16 8:41 ` [PATCH 5.15 102/102] eth: remove remaining copies of the NAPI_POLL_WEIGHT define Greg Kroah-Hartman
2023-10-16 11:45 ` [PATCH 5.15 000/102] 5.15.136-rc1 review Ricardo B. Marliere
2023-10-16 12:54 ` Jon Hunter
2023-10-16 13:36 ` Harshit Mogalapalli
2023-10-16 15:14 ` Greg Kroah-Hartman
2023-10-16 15:53 ` Harshit Mogalapalli
2023-10-16 16:58 ` Greg Kroah-Hartman
2023-10-17 8:58 ` Vegard Nossum
2023-10-17 13:57 ` Greg Kroah-Hartman
2023-10-17 14:08 ` Greg Kroah-Hartman
2023-10-17 15:09 ` Vegard Nossum
2023-10-17 16:29 ` Greg Kroah-Hartman
2023-10-17 17:01 ` Daniel Díaz
2023-10-19 5:53 ` Harshit Mogalapalli
2023-10-16 17:57 ` Florian Fainelli
2023-10-16 18:35 ` SeongJae Park
2023-10-16 21:33 ` Shuah Khan
2023-10-17 7:43 ` Ron Economos
2023-10-17 9:37 ` Naresh Kamboju
2023-10-25 19:09 ` Jon Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231016083954.556834789@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=pabeni@redhat.com \
--cc=patches@lists.linux.dev \
--cc=radu-nicolae.pirea@oss.nxp.com \
--cc=sashal@kernel.org \
--cc=sd@queasysnail.net \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox