Supporting Hardware offload capability for MACsec

[thaller@redhat.com: adjust libnl-route-3.sym file] https://github.com/thom311/libnl/pull/300
author: Johan Alexis Duque Cadena <johan.duque@technica-engineering.de> 2021-11-26 18:18:57 (GMT)
committer: Thomas Haller <thaller@redhat.com> 2022-03-03 11:53:33 (GMT)
commit: b6cc13d76b2927640dc0e41b98fff0f211c643d4 (patch)
tree: bdad2853c3f0589c575133e5b35e4de0cc2362cd
parent: 39944c67dc6f59b3ec1f291c7febad6abbb4e9bd (diff)
download: libnl-b6cc13d76b2927640dc0e41b98fff0f211c643d4.zip
libnl-b6cc13d76b2927640dc0e41b98fff0f211c643d4.tar.gz
libnl-b6cc13d76b2927640dc0e41b98fff0f211c643d4.tar.bz2
4 files changed, 50 insertions, 1 deletions
diff --git a/include/linux-private/linux/if_link.h b/include/linux-private/linux/if_link.h
index f4a9715..47ccf7f 100644
--- a/include/linux-private/linux/if_link.h
+++ b/include/linux-private/linux/if_link.h
@@ -455,6 +455,7 @@ enum {
 	IFLA_MACSEC_REPLAY_PROTECT,
 	IFLA_MACSEC_VALIDATION,
 	IFLA_MACSEC_PAD,
+	IFLA_MACSEC_OFFLOAD,
 	__IFLA_MACSEC_MAX,
 };
 
diff --git a/include/netlink/route/link/macsec.h b/include/netlink/route/link/macsec.h
index 69344fb..3139b47 100644
--- a/include/netlink/route/link/macsec.h
+++ b/include/netlink/route/link/macsec.h
@@ -37,6 +37,9 @@ int rtnl_link_macsec_get_protect(struct rtnl_link *, uint8_t *);
 int rtnl_link_macsec_set_encrypt(struct rtnl_link *, uint8_t);
 int rtnl_link_macsec_get_encrypt(struct rtnl_link *, uint8_t *);
 
+int rtnl_link_macsec_set_offload(struct rtnl_link *, uint8_t);
+int rtnl_link_macsec_get_offload(struct rtnl_link *, uint8_t *);
+
 int rtnl_link_macsec_set_encoding_sa(struct rtnl_link *, uint8_t);
 int rtnl_link_macsec_get_encoding_sa(struct rtnl_link *, uint8_t *);
 
diff --git a/lib/route/link/macsec.c b/lib/route/link/macsec.c
index baa2620..4d26673 100644
--- a/lib/route/link/macsec.c
+++ b/lib/route/link/macsec.c
@@ -41,6 +41,7 @@
 #define MACSEC_ATTR_REPLAY_PROTECT	(1 << 10)
 #define MACSEC_ATTR_VALIDATION		(1 << 11)
 #define MACSEC_ATTR_PORT		(1 << 12)
+#define MACSEC_ATTR_OFFLOAD		(1 << 13)
 
 struct macsec_info {
 	int ifindex;
@@ -52,7 +53,7 @@ struct macsec_info {
 	enum macsec_validation_type validate;
 	uint8_t encoding_sa;
 
-	uint8_t send_sci, end_station, scb, replay_protect, protect, encrypt;
+	uint8_t send_sci, end_station, scb, replay_protect, protect, encrypt, offload;
 
 	uint32_t ce_mask;
 };
@@ -74,6 +75,7 @@ static struct nla_policy macsec_policy[IFLA_MACSEC_MAX+1] = {
 	[IFLA_MACSEC_SCB] = { .type = NLA_U8 },
 	[IFLA_MACSEC_REPLAY_PROTECT] = { .type = NLA_U8 },
 	[IFLA_MACSEC_VALIDATION] = { .type = NLA_U8 },
+	[IFLA_MACSEC_OFFLOAD] = { .type = NLA_U8 },
 };
 
 /**
@@ -158,6 +160,11 @@ static int macsec_parse(struct rtnl_link *link, struct nlattr *data,
 		info->ce_mask |= MACSEC_ATTR_ENCRYPT;
 	}
 
+	if (tb[IFLA_MACSEC_OFFLOAD]) {
+		info->offload = nla_get_u8(tb[IFLA_MACSEC_OFFLOAD]);
+		info->ce_mask |= MACSEC_ATTR_OFFLOAD;
+	}
+
 	if (tb[IFLA_MACSEC_INC_SCI]) {
 		info->send_sci = nla_get_u8(tb[IFLA_MACSEC_INC_SCI]);
 		info->ce_mask |= MACSEC_ATTR_INC_SCI;
@@ -306,6 +313,9 @@ static int macsec_put_attrs(struct nl_msg *msg, struct rtnl_link *link)
 	if ((info->ce_mask & MACSEC_ATTR_ENCRYPT))
 		NLA_PUT_U8(msg, IFLA_MACSEC_ENCRYPT, info->encrypt);
 
+	if ((info->ce_mask & MACSEC_ATTR_OFFLOAD))
+		NLA_PUT_U8(msg, IFLA_MACSEC_OFFLOAD, info->offload);
+
 	if (info->cipher_suite != MACSEC_DEFAULT_CIPHER_ID || info->icv_len != DEFAULT_ICV_LEN) {
 		NLA_PUT_U64(msg, IFLA_MACSEC_CIPHER_SUITE, info->cipher_suite);
 		NLA_PUT_U8(msg, IFLA_MACSEC_ICV_LEN, info->icv_len);
@@ -632,6 +642,36 @@ int rtnl_link_macsec_get_encrypt(struct rtnl_link *link, uint8_t *encrypt)
 	return 0;
 }
 
+int rtnl_link_macsec_set_offload(struct rtnl_link *link, uint8_t offload)
+{
+	struct macsec_info *info = link->l_info;
+
+	IS_MACSEC_LINK_ASSERT(link);
+
+	if (offload > 1)
+		return -NLE_INVAL;
+
+	info->offload = offload;
+	info->ce_mask |= MACSEC_ATTR_OFFLOAD;
+
+	return 0;
+}
+
+int rtnl_link_macsec_get_offload(struct rtnl_link *link, uint8_t *offload)
+{
+	struct macsec_info *info = link->l_info;
+
+	IS_MACSEC_LINK_ASSERT(link);
+
+	if (!(info->ce_mask & MACSEC_ATTR_OFFLOAD))
+		return -NLE_NOATTR;
+
+	if (offload)
+		*offload = info->offload;
+
+	return 0;
+}
+
 int rtnl_link_macsec_set_encoding_sa(struct rtnl_link *link, uint8_t encoding_sa)
 {
 	struct macsec_info *info = link->l_info;
diff --git a/libnl-route-3.sym b/libnl-route-3.sym
index 4a65503..584dd5a 100644
--- a/libnl-route-3.sym
+++ b/libnl-route-3.sym
@@ -1150,3 +1150,8 @@ global:
 	rtnl_vlan_set_vlan_id;
 	rtnl_vlan_set_vlan_prio;
 } libnl_3_4;
+
+libnl_3_6 {
+	rtnl_link_macsec_set_offload;
+	rtnl_link_macsec_get_offload;
+} libnl_3_5;
author	Johan Alexis Duque Cadena <johan.duque@technica-engineering.de>	2021-11-26 18:18:57 (GMT)
committer	Thomas Haller <thaller@redhat.com>	2022-03-03 11:53:33 (GMT)
commit	b6cc13d76b2927640dc0e41b98fff0f211c643d4 (patch)
tree	bdad2853c3f0589c575133e5b35e4de0cc2362cd
parent	39944c67dc6f59b3ec1f291c7febad6abbb4e9bd (diff)
download	libnl-b6cc13d76b2927640dc0e41b98fff0f211c643d4.zip libnl-b6cc13d76b2927640dc0e41b98fff0f211c643d4.tar.gz libnl-b6cc13d76b2927640dc0e41b98fff0f211c643d4.tar.bz2