From nobody Sun Feb 8 06:56:42 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4642FEB64D9 for ; Thu, 15 Jun 2023 11:21:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1343522AbjFOLVH (ORCPT ); Thu, 15 Jun 2023 07:21:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44364 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234125AbjFOLVE (ORCPT ); Thu, 15 Jun 2023 07:21:04 -0400 X-Greylist: delayed 463 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Thu, 15 Jun 2023 04:21:02 PDT Received: from ultron (136.red-2-136-200.staticip.rima-tde.net [2.136.200.136]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 9D1072686; Thu, 15 Jun 2023 04:21:02 -0700 (PDT) Received: from localhost.localdomain (localhost [127.0.0.1]) by ultron (Postfix) with ESMTP id C944D1AC01E3; Thu, 15 Jun 2023 13:13:17 +0200 (CEST) From: carlos.fernandez@technica-engineering.de To: carlos.fernandez@technica-engineering.de, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] net: macsec SCI assignment for ES = 0 Date: Thu, 15 Jun 2023 13:13:15 +0200 Message-Id: <20230615111315.6072-1-carlos.fernandez@technica-engineering.de> X-Mailer: git-send-email 2.17.1 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Carlos Fernandez According to 802.1AE standard, when ES and SC flags in TCI are zero, used SCI should be the current active SC_RX. Current kernel does not implement it and uses the header MAC address. Without this patch, when ES =3D 0 (using a bridge or switch), header MAC will not fit the SCI and MACSec frames will be discarted. Signed-off-by: Carlos Fernandez --- drivers/net/macsec.c | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index 3427993f94f7..ea9b15d555f4 100644 --- a/drivers/net/macsec.c +++ b/drivers/net/macsec.c @@ -256,16 +256,32 @@ static sci_t make_sci(const u8 *addr, __be16 port) return sci; } =20 -static sci_t macsec_frame_sci(struct macsec_eth_header *hdr, bool sci_pres= ent) +static sci_t macsec_frame_sci(struct macsec_eth_header *hdr, bool sci_pres= ent, + struct macsec_rxh_data *rxd) { + struct macsec_dev *macsec_device; sci_t sci; - + /* SC =3D 1*/ if (sci_present) memcpy(&sci, hdr->secure_channel_id, - sizeof(hdr->secure_channel_id)); - else + sizeof(hdr->secure_channel_id)); + /* SC =3D 0; ES =3D 0*/ + else if (0 =3D=3D (hdr->tci_an & (MACSEC_TCI_ES | MACSEC_TCI_SC))) { + list_for_each_entry_rcu(macsec_device, &rxd->secys, secys) { + struct macsec_rx_sc *rx_sc; + struct macsec_secy *secy =3D &macsec_device->secy; + + for_each_rxsc(secy, rx_sc) { + rx_sc =3D rx_sc ? macsec_rxsc_get(rx_sc) : NULL; + if (rx_sc && rx_sc->active) { + sci =3D rx_sc->sci; + return sci; + } + } + } + } else { sci =3D make_sci(hdr->eth.h_source, MACSEC_PORT_ES); - + } return sci; } =20 @@ -1150,11 +1166,11 @@ static rx_handler_result_t macsec_handle_frame(stru= ct sk_buff **pskb) =20 macsec_skb_cb(skb)->has_sci =3D !!(hdr->tci_an & MACSEC_TCI_SC); macsec_skb_cb(skb)->assoc_num =3D hdr->tci_an & MACSEC_AN_MASK; - sci =3D macsec_frame_sci(hdr, macsec_skb_cb(skb)->has_sci); =20 rcu_read_lock(); rxd =3D macsec_data_rcu(skb->dev); =20 + sci =3D macsec_frame_sci(hdr, macsec_skb_cb(skb)->has_sci, rxd); list_for_each_entry_rcu(macsec, &rxd->secys, secys) { struct macsec_rx_sc *sc =3D find_rx_sc(&macsec->secy, sci); =20 --=20 2.34.1