nv-tegra-mirror/linux-nv-oot
1
0
Fork 0
mirror of git://nv-tegra.nvidia.com/linux-nv-oot.git synced 2025-12-22 17:25:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

nvethernet: Changes to enable AN after key program

Browse Source 
Issue: In longer stress tests we see unint_key_slot errors
if the key programing is done after AN is enabled.

Fix: Fix is to program the key and then enable AN.

Bug 3422356

Change-Id: I05ec54e5a47f642b5663edffd1b24e1e2ac50777
Signed-off-by: Sanath Kumar Gampa <sgampa@nvidia.com>
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nvidia/+/2626061
Tested-by: mobile promotions <svcmobile_promotions@nvidia.com>
Reviewed-by: svc_kernel_abi <svc_kernel_abi@nvidia.com>
Reviewed-by: Mahesh Patil <maheshp@nvidia.com>
Reviewed-by: Bhadram Varka <vbhadram@nvidia.com>
Reviewed-by: Srinivas Ramachandran <srinivasra@nvidia.com>
Reviewed-by: mobile promotions <svcmobile_promotions@nvidia.com>
GVS: Gerrit_Virtual_Submit
This commit is contained in:
Sanath Kumar Gampa
2021-11-15 17:18:38 +05:30
committed by Revanth Kumar Uppala
parent 644d8c5f24
commit 538c60bba4
2 changed files with 145 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

165
drivers/net/ethernet/nvidia/nvethernet/macsec.c
View File

@@ -617,7 +617,7 @@ static int macsec_dis_rx_sa(struct sk_buff *skb, struct genl_info *info)
struct ether_priv_data *pdata; struct ether_priv_data *pdata;
struct osi_macsec_sc_info rx_sa; struct osi_macsec_sc_info rx_sa;
struct nlattr *tb_sa[NUM_NV_MACSEC_SA_ATTR]; struct nlattr *tb_sa[NUM_NV_MACSEC_SA_ATTR];
int ret = 0, i = 0; int ret = 0;
unsigned short kt_idx; unsigned short kt_idx;
struct device *dev = NULL; struct device *dev = NULL;
#ifndef MACSEC_KEY_PROGRAM #ifndef MACSEC_KEY_PROGRAM
@@ -649,7 +649,7 @@ static int macsec_dis_rx_sa(struct sk_buff *skb, struct genl_info *info)
goto exit; goto exit;
} }
pr_err("%s:\n" dev_info(dev, "%s:\n"
"\tsci: %02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\n" "\tsci: %02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\n"
"\tan: %u\n" "\tan: %u\n"
"\tpn: %u", "\tpn: %u",
@@ -657,11 +657,9 @@ static int macsec_dis_rx_sa(struct sk_buff *skb, struct genl_info *info)
rx_sa.sci[0], rx_sa.sci[1], rx_sa.sci[2], rx_sa.sci[3], rx_sa.sci[0], rx_sa.sci[1], rx_sa.sci[2], rx_sa.sci[3],
rx_sa.sci[4], rx_sa.sci[5], rx_sa.sci[6], rx_sa.sci[7], rx_sa.sci[4], rx_sa.sci[5], rx_sa.sci[6], rx_sa.sci[7],
rx_sa.curr_an, rx_sa.next_pn); rx_sa.curr_an, rx_sa.next_pn);
pr_err("\tkey: "); dev_info(dev, "\tkey: " KEYSTR, KEY2STR(rx_sa.sak));
for (i = 0; i < 16; i++) {
pr_cont(" %02x", rx_sa.sak[i]); rx_sa.flags = OSI_DISABLE_SA;
}
pr_err("");
mutex_lock(&macsec_pdata->lock); mutex_lock(&macsec_pdata->lock);
ret = osi_macsec_config(pdata->osi_core, &rx_sa, OSI_DISABLE, ret = osi_macsec_config(pdata->osi_core, &rx_sa, OSI_DISABLE,
@@ -691,7 +689,7 @@ exit:
return ret; return ret;
} }
static int macsec_en_rx_sa(struct sk_buff *skb, struct genl_info *info) static int macsec_create_rx_sa(struct sk_buff *skb, struct genl_info *info)
{ {
struct nlattr **attrs = info->attrs; struct nlattr **attrs = info->attrs;
struct macsec_priv_data *macsec_pdata; struct macsec_priv_data *macsec_pdata;
@@ -730,7 +728,7 @@ static int macsec_en_rx_sa(struct sk_buff *skb, struct genl_info *info)
} }
rx_sa.pn_window = macsec_pdata->pn_window; rx_sa.pn_window = macsec_pdata->pn_window;
pr_err("%s:\n" dev_info(dev, "%s:\n"
"\tsci: %02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\n" "\tsci: %02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\n"
"\tan: %u\n" "\tan: %u\n"
"\tpn: %u\n" "\tpn: %u\n"
@@ -740,11 +738,9 @@ static int macsec_en_rx_sa(struct sk_buff *skb, struct genl_info *info)
rx_sa.sci[0], rx_sa.sci[1], rx_sa.sci[2], rx_sa.sci[3], rx_sa.sci[0], rx_sa.sci[1], rx_sa.sci[2], rx_sa.sci[3],
rx_sa.sci[4], rx_sa.sci[5], rx_sa.sci[6], rx_sa.sci[7], rx_sa.sci[4], rx_sa.sci[5], rx_sa.sci[6], rx_sa.sci[7],
rx_sa.curr_an, rx_sa.next_pn, rx_sa.lowest_pn, rx_sa.pn_window); rx_sa.curr_an, rx_sa.next_pn, rx_sa.lowest_pn, rx_sa.pn_window);
pr_err("\tkey: "); dev_info(dev, "\tkey: " KEYSTR, KEY2STR(rx_sa.sak));
for (i = 0; i < 16; i++) {
pr_cont(" %02x", rx_sa.sak[i]); rx_sa.flags = OSI_CREATE_SA;
}
pr_err("");
mutex_lock(&macsec_pdata->lock); mutex_lock(&macsec_pdata->lock);
ret = osi_macsec_config(pdata->osi_core, &rx_sa, OSI_ENABLE, ret = osi_macsec_config(pdata->osi_core, &rx_sa, OSI_ENABLE,
@@ -781,6 +777,60 @@ exit:
return ret; return ret;
} }
static int macsec_en_rx_sa(struct sk_buff *skb, struct genl_info *info)
{
struct nlattr **attrs = info->attrs;
struct macsec_priv_data *macsec_pdata;
struct ether_priv_data *pdata;
struct osi_macsec_sc_info rx_sa;
struct nlattr *tb_sa[NUM_NV_MACSEC_SA_ATTR];
int ret = 0;
unsigned short kt_idx;
struct device *dev = NULL;
PRINT_ENTRY();
macsec_pdata = genl_to_macsec_pdata(info);
if (macsec_pdata) {
pdata = macsec_pdata->ether_pdata;
} else {
ret = -EPROTO;
goto exit;
}
dev = pdata->dev;
if (!netif_running(pdata->ndev)) {
ret = -ENETDOWN;
dev_err(dev, "%s: MAC interface down!!\n", __func__);
goto exit;
}
if (!attrs[NV_MACSEC_ATTR_IFNAME] ||
parse_sa_config(attrs, tb_sa, &rx_sa)) {
dev_err(dev, "%s: failed to parse nlattrs", __func__);
ret = -EINVAL;
goto exit;
}
dev_err(dev, "%s: Enable receive SA", __func__);
rx_sa.pn_window = macsec_pdata->pn_window;
rx_sa.flags = OSI_ENABLE_SA;
mutex_lock(&macsec_pdata->lock);
ret = osi_macsec_config(pdata->osi_core, &rx_sa, OSI_ENABLE,
OSI_CTLR_SEL_RX, &kt_idx);
if (ret < 0) {
dev_err(dev, "%s: failed to enable Rx SA", __func__);
mutex_unlock(&macsec_pdata->lock);
goto exit;
}
mutex_unlock(&macsec_pdata->lock);
exit:
PRINT_EXIT();
return ret;
}
static int macsec_dis_tx_sa(struct sk_buff *skb, struct genl_info *info) static int macsec_dis_tx_sa(struct sk_buff *skb, struct genl_info *info)
{ {
struct nlattr **attrs = info->attrs; struct nlattr **attrs = info->attrs;
@@ -788,7 +838,7 @@ static int macsec_dis_tx_sa(struct sk_buff *skb, struct genl_info *info)
struct ether_priv_data *pdata; struct ether_priv_data *pdata;
struct osi_macsec_sc_info tx_sa; struct osi_macsec_sc_info tx_sa;
struct nlattr *tb_sa[NUM_NV_MACSEC_SA_ATTR]; struct nlattr *tb_sa[NUM_NV_MACSEC_SA_ATTR];
int ret = 0, i = 0; int ret = 0;
unsigned short kt_idx; unsigned short kt_idx;
struct device *dev = NULL; struct device *dev = NULL;
#ifndef MACSEC_KEY_PROGRAM #ifndef MACSEC_KEY_PROGRAM
@@ -819,7 +869,7 @@ static int macsec_dis_tx_sa(struct sk_buff *skb, struct genl_info *info)
goto exit; goto exit;
} }
pr_err("%s:\n" dev_info(dev, "%s:\n"
"\tsci: %02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\n" "\tsci: %02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\n"
"\tan: %u\n" "\tan: %u\n"
"\tpn: %u", "\tpn: %u",
@@ -827,11 +877,9 @@ static int macsec_dis_tx_sa(struct sk_buff *skb, struct genl_info *info)
tx_sa.sci[0], tx_sa.sci[1], tx_sa.sci[2], tx_sa.sci[3], tx_sa.sci[0], tx_sa.sci[1], tx_sa.sci[2], tx_sa.sci[3],
tx_sa.sci[4], tx_sa.sci[5], tx_sa.sci[6], tx_sa.sci[7], tx_sa.sci[4], tx_sa.sci[5], tx_sa.sci[6], tx_sa.sci[7],
tx_sa.curr_an, tx_sa.next_pn); tx_sa.curr_an, tx_sa.next_pn);
pr_err("\tkey: "); dev_info(dev, "\tkey: " KEYSTR, KEY2STR(tx_sa.sak));
for (i = 0; i < 16; i++) {
pr_cont(" %02x", tx_sa.sak[i]); tx_sa.flags = OSI_DISABLE_SA;
}
pr_err("");
mutex_lock(&macsec_pdata->lock); mutex_lock(&macsec_pdata->lock);
ret = osi_macsec_config(pdata->osi_core, &tx_sa, OSI_DISABLE, ret = osi_macsec_config(pdata->osi_core, &tx_sa, OSI_DISABLE,
@@ -863,7 +911,7 @@ exit:
return ret; return ret;
} }
static int macsec_en_tx_sa(struct sk_buff *skb, struct genl_info *info) static int macsec_create_tx_sa(struct sk_buff *skb, struct genl_info *info)
{ {
struct nlattr **attrs = info->attrs; struct nlattr **attrs = info->attrs;
struct macsec_priv_data *macsec_pdata; struct macsec_priv_data *macsec_pdata;
@@ -902,7 +950,7 @@ static int macsec_en_tx_sa(struct sk_buff *skb, struct genl_info *info)
} }
tx_sa.pn_window = macsec_pdata->pn_window; tx_sa.pn_window = macsec_pdata->pn_window;
pr_err("%s:\n" dev_info(dev, "%s:\n"
"\tsci: %02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\n" "\tsci: %02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x\n"
"\tan: %u\n" "\tan: %u\n"
"\tpn: %u", "\tpn: %u",
@@ -910,11 +958,8 @@ static int macsec_en_tx_sa(struct sk_buff *skb, struct genl_info *info)
tx_sa.sci[0], tx_sa.sci[1], tx_sa.sci[2], tx_sa.sci[3], tx_sa.sci[0], tx_sa.sci[1], tx_sa.sci[2], tx_sa.sci[3],
tx_sa.sci[4], tx_sa.sci[5], tx_sa.sci[6], tx_sa.sci[7], tx_sa.sci[4], tx_sa.sci[5], tx_sa.sci[6], tx_sa.sci[7],
tx_sa.curr_an, tx_sa.next_pn); tx_sa.curr_an, tx_sa.next_pn);
pr_err("\tkey: "); dev_info(dev, "\tkey: " KEYSTR, KEY2STR(tx_sa.sak));
for (i = 0; i < 16; i++) { tx_sa.flags = OSI_CREATE_SA;
pr_cont(" %02x", tx_sa.sak[i]);
}
pr_err("");
mutex_lock(&macsec_pdata->lock); mutex_lock(&macsec_pdata->lock);
ret = osi_macsec_config(pdata->osi_core, &tx_sa, OSI_ENABLE, ret = osi_macsec_config(pdata->osi_core, &tx_sa, OSI_ENABLE,
@@ -951,6 +996,60 @@ exit:
return ret; return ret;
} }
static int macsec_en_tx_sa(struct sk_buff *skb, struct genl_info *info)
{
struct nlattr **attrs = info->attrs;
struct macsec_priv_data *macsec_pdata;
struct ether_priv_data *pdata;
struct osi_macsec_sc_info tx_sa;
struct nlattr *tb_sa[NUM_NV_MACSEC_SA_ATTR];
int ret = 0;
unsigned short kt_idx;
struct device *dev = NULL;
PRINT_ENTRY();
macsec_pdata = genl_to_macsec_pdata(info);
if (macsec_pdata) {
pdata = macsec_pdata->ether_pdata;
} else {
ret = -EPROTO;
goto exit;
}
dev = pdata->dev;
if (!netif_running(pdata->ndev)) {
ret = -ENETDOWN;
dev_err(dev, "%s: MAC interface down!!\n", __func__);
goto exit;
}
if (!attrs[NV_MACSEC_ATTR_IFNAME] ||
parse_sa_config(attrs, tb_sa, &tx_sa)) {
dev_err(dev, "%s: failed to parse nlattrs", __func__);
ret = -EINVAL;
goto exit;
}
dev_info(dev, "%s: ENable Transmit SA", __func__);
tx_sa.pn_window = macsec_pdata->pn_window;
tx_sa.flags = OSI_ENABLE_SA;
mutex_lock(&macsec_pdata->lock);
ret = osi_macsec_config(pdata->osi_core, &tx_sa, OSI_ENABLE,
OSI_CTLR_SEL_TX, &kt_idx);
if (ret < 0) {
dev_err(dev, "%s: failed to enable Tx SA", __func__);
mutex_unlock(&macsec_pdata->lock);
goto exit;
}
mutex_unlock(&macsec_pdata->lock);
exit:
PRINT_EXIT();
return ret;
}
static int macsec_deinit(struct sk_buff *skb, struct genl_info *info) static int macsec_deinit(struct sk_buff *skb, struct genl_info *info)
{ {
struct nlattr **attrs = info->attrs; struct nlattr **attrs = info->attrs;
@@ -1171,6 +1270,11 @@ static const struct genl_ops nv_macsec_genl_ops[] = {
.doit = macsec_en_tx_sa, .doit = macsec_en_tx_sa,
.flags = GENL_ADMIN_PERM, .flags = GENL_ADMIN_PERM,
}, },
{
.cmd = NV_MACSEC_CMD_CREATE_TX_SA,
.doit = macsec_create_tx_sa,
.flags = GENL_ADMIN_PERM,
},
{ {
.cmd = NV_MACSEC_CMD_DIS_TX_SA, .cmd = NV_MACSEC_CMD_DIS_TX_SA,
.doit = macsec_dis_tx_sa, .doit = macsec_dis_tx_sa,
@@ -1181,6 +1285,11 @@ static const struct genl_ops nv_macsec_genl_ops[] = {
.doit = macsec_en_rx_sa, .doit = macsec_en_rx_sa,
.flags = GENL_ADMIN_PERM, .flags = GENL_ADMIN_PERM,
}, },
{
.cmd = NV_MACSEC_CMD_CREATE_RX_SA,
.doit = macsec_create_rx_sa,
.flags = GENL_ADMIN_PERM,
},
{ {
.cmd = NV_MACSEC_CMD_DIS_RX_SA, .cmd = NV_MACSEC_CMD_DIS_RX_SA,
.doit = macsec_dis_rx_sa, .doit = macsec_dis_rx_sa,

8
drivers/net/ethernet/nvidia/nvethernet/macsec.h
View File

@@ -52,6 +52,12 @@
#define MACSEC_SIZE 0x10000U #define MACSEC_SIZE 0x10000U
#endif #endif
#define KEY2STR(a) (a)[0], (a)[1], (a)[2], (a)[3], (a)[4], (a)[5],\
(a)[6], (a)[7], (a)[8], (a)[9], (a)[10], (a)[11],\
(a)[12], (a)[13], (a)[14], (a)[15]
#define KEYSTR "%02x %02x %02x %02x %02x %02x %02x %02x %02x %02x \
%02x %02x %02x %02x %02x %02x"
/* keep the same enum definition in nv macsec supplicant driver */ /* keep the same enum definition in nv macsec supplicant driver */
enum nv_macsec_sa_attrs { enum nv_macsec_sa_attrs {
NV_MACSEC_SA_ATTR_UNSPEC, NV_MACSEC_SA_ATTR_UNSPEC,
@@ -144,8 +150,10 @@ enum nv_macsec_nl_commands {
NV_MACSEC_CMD_SET_REPLAY_PROT, NV_MACSEC_CMD_SET_REPLAY_PROT,
NV_MACSEC_CMD_SET_CIPHER, NV_MACSEC_CMD_SET_CIPHER,
NV_MACSEC_CMD_SET_CONTROLLED_PORT, NV_MACSEC_CMD_SET_CONTROLLED_PORT,
NV_MACSEC_CMD_CREATE_TX_SA,
NV_MACSEC_CMD_EN_TX_SA, NV_MACSEC_CMD_EN_TX_SA,
NV_MACSEC_CMD_DIS_TX_SA, NV_MACSEC_CMD_DIS_TX_SA,
NV_MACSEC_CMD_CREATE_RX_SA,
NV_MACSEC_CMD_EN_RX_SA, NV_MACSEC_CMD_EN_RX_SA,
NV_MACSEC_CMD_DIS_RX_SA, NV_MACSEC_CMD_DIS_RX_SA,
NV_MACSEC_CMD_TZ_CONFIG, NV_MACSEC_CMD_TZ_CONFIG,