nv-tegra-mirror/linux-nv-oot
1
0
Fork 0
mirror of git://nv-tegra.nvidia.com/linux-nv-oot.git synced 2025-12-22 17:25:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

nvethernet: Generate Hkey based on SAK

Browse Source 
- Remove restriction to allow multicast addresses to be added to byp_lut
and sci_lut
- Also update the usage of macsec_enable node to enable/disable both Tx
and Rx traffic
- Fix the issue of generating same Hkey for differet SAK by moving the Hey
key generation logic post obtaining SAK

Bug 4715173
Bug 4715001

Change-Id: I7d3088a1f58203a474b659c7197bacc05e8510dd
Signed-off-by: Sanath Kumar Gampa <sgampa@nvidia.com>
Reviewed-on: https://git-master.nvidia.com/r/c/linux-nv-oot/+/3164153
Tested-by: mobile promotions <svcmobile_promotions@nvidia.com>
Reviewed-by: mobile promotions <svcmobile_promotions@nvidia.com>
This commit is contained in:
Sanath Kumar Gampa
2024-06-27 05:37:48 +00:00
committed by mobile promotions
parent beb276a468
commit d5ff462449
1 changed files with 10 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
drivers/net/ethernet/nvidia/nvethernet/sysfs.c
View File

@@ -346,7 +346,7 @@ static ssize_t macsec_enable_store(struct device *dev,
ret = macsec_open(macsec_pdata, OSI_NULL); ret = macsec_open(macsec_pdata, OSI_NULL);
} else { } else {
dev_err(pdata->dev, dev_err(pdata->dev,
"Invalid. Valid inputs are 0/tx/rx/txrx\n"); "Invalid. Valid inputs are 0/txrx\n");
} }
return size; return size;
@@ -715,11 +715,6 @@ static int parse_inputs(const char *buf,
byte[i] = (unsigned char)temp3[i]; byte[i] = (unsigned char)temp3[i];
} }
if (mac_da_valid && !is_valid_ether_addr(mac_da)) {
pr_err("%s: Invalid mac DA\n", __func__);
goto err;
}
if (mac_sa_valid && !is_valid_ether_addr(mac_sa)) { if (mac_sa_valid && !is_valid_ether_addr(mac_sa)) {
pr_err("%s: Invalid mac SA\n", __func__); pr_err("%s: Invalid mac SA\n", __func__);
goto err; goto err;
@@ -1876,6 +1871,15 @@ static ssize_t macsec_kt_store(struct device *dev,
kt_config.table_config.rw = OSI_LUT_WRITE; kt_config.table_config.rw = OSI_LUT_WRITE;
kt_config.table_config.index = index; kt_config.table_config.index = index;
for (i = 0; i < OSI_KEY_LEN_128; i++) {
sak[i] = (unsigned char)temp[i];
}
if (key256bit == 1) {
for (i = OSI_KEY_LEN_128; i < OSI_KEY_LEN_256; i++) {
sak[i] = (unsigned char)temp[i];
}
}
/* HKEY GENERATION */ /* HKEY GENERATION */
tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC); tfm = crypto_alloc_cipher("aes", 0, CRYPTO_ALG_ASYNC);
if (crypto_cipher_setkey(tfm, sak, OSI_KEY_LEN_128)) { if (crypto_cipher_setkey(tfm, sak, OSI_KEY_LEN_128)) {
@@ -1886,15 +1890,6 @@ static ssize_t macsec_kt_store(struct device *dev,
crypto_cipher_encrypt_one(tfm, hkey, zeros); crypto_cipher_encrypt_one(tfm, hkey, zeros);
crypto_free_cipher(tfm); crypto_free_cipher(tfm);
for (i = 0; i < OSI_KEY_LEN_128; i++) {
sak[i] = (unsigned char)temp[i];
}
if (key256bit == 1) {
for (i = OSI_KEY_LEN_128; i < OSI_KEY_LEN_256; i++) {
sak[i] = (unsigned char)temp[i];
}
}
for (i = 0; i < OSI_KEY_LEN_128; i++) { for (i = 0; i < OSI_KEY_LEN_128; i++) {
kt_config.entry.h[i] = hkey[OSI_KEY_LEN_128 - 1 - i]; kt_config.entry.h[i] = hkey[OSI_KEY_LEN_128 - 1 - i];
} }