nv-tegra-mirror/linux-nv-oot
1
0
Fork 0
mirror of git://nv-tegra.nvidia.com/linux-nv-oot.git synced 2025-12-22 09:11:26 +03:00
Code Issues Packages Projects Releases Wiki Activity

nvethernet:MACSEC, add byp lut with VF MAC

Browse Source 
Issue: If the supplicant is killed for some reason Data would flow
plain on that interface, this needs to be avoided

Fix: Update bypass LUT such that if the frames from the VF(on which
supplicant is launched) is received on MACSEC either authenticate the
same or drop. Along with this handles below items as well. All the VFs MACIDs
are obtained in OSI to update the bypass LUTs to decide on which VF frames
to be authenticated and which VF frames needs to be bypassed.

1. Remove osi_macsec_en API and have single API to init and deinit
2. Remove explicit command from supplicant to set control port and
set protected frames. Handle the same in osi_macsec_init

Bug 3984665

Change-Id: I8bc8aa95d1e21e99e992b471fb70ed58073163f7
Signed-off-by: Sanath Kumar Gampa <sgampa@nvidia.com>
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/2878515
Tested-by: mobile promotions <svcmobile_promotions@nvidia.com>
Reviewed-by: mobile promotions <svcmobile_promotions@nvidia.com>
This commit is contained in:
Sanath Kumar Gampa
2023-03-27 12:44:28 +05:30
committed by mobile promotions
parent c6f9d73c58
commit d07b3d604c
4 changed files with 7 additions and 245 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
drivers/net/ethernet/nvidia/nvethernet/ether_linux.c
View File

@@ -6754,14 +6754,6 @@ static int ether_resume(struct ether_priv_data *pdata)
schedule_delayed_work(&pdata->ether_hsi_work,
msecs_to_jiffies(osi_core->hsi.err_time_threshold));
#endif
/* Keep MACSEC also to Resume if MACSEC is supported on this platform */
#ifdef MACSEC_SUPPORT
if (pdata->macsec_pdata && pdata->macsec_pdata->next_supp_idx != OSI_DISABLE) {
ret = macsec_resume(pdata->macsec_pdata);
if (ret < 0)
dev_err(pdata->dev, "Failed to resume MACSEC ");
}
#endif /* MACSEC_SUPPORT */
return 0;
@@ -6794,20 +6786,10 @@ static int ether_suspend_noirq(struct device *dev)
struct osi_dma_priv_data *osi_dma = pdata->osi_dma;
struct osi_ioctl ioctl_data = {};
unsigned int i = 0, chan = 0;
int ret;
if (!netif_running(ndev))
return 0;
/* Keep MACSEC to suspend if MACSEC is supported on this platform */
#ifdef MACSEC_SUPPORT
if (pdata->macsec_pdata && pdata->macsec_pdata->next_supp_idx != OSI_DISABLE) {
ret = macsec_suspend(pdata->macsec_pdata);
if (ret < 0)
dev_err(pdata->dev, "Failed to suspend macsec");
}
#endif /* MACSEC_SUPPORT */
tasklet_kill(&pdata->lane_restart_task);
/* stop workqueue */