psp: add crypt-offset and spi-threshold attributes

[PATCH net-next 0/3] psp: add crypt-offset and spi-threshold attributes

Posted by Akhilesh Samineni 2 months ago

This series introduces two new configurable per-device attributes to
the PSP (PSP Security Protocol) subsystem: crypt-offset and spi-threshold.

crypt-offset (Crypt Offset)
----------------------------------
The crypt-offset attribute specifies the byte offset within a packet from
which encryption begins. A non-zero value allows a fixed-size portion of
the packet header to remain in plaintext, which is useful where
intermediate network nodes need to inspect a well-known header before the
encrypted region. The default value is 0, meaning encryption starts
immediately after the PSP header.

spi-threshold (SPI Threshold)
-------------------------------
SPI values are allocated monotonically from a 32-bit per-device space.
The spi-threshold attribute lets userspace configure the SPI value at
which rotation should be triggered before the space is exhausted.

A named constant PSP_SPI_THRESHOLD_DEFAULT (~90% of 0x7FFFFFFF) is
introduced in include/net/psp/types.h as the single authoritative
definition, used by both the PSP core (psp_main.c) and the netdevsim
driver (psp.c). This avoids scattering the magic value across drivers.

A follow-up series will add netlink notification support to alert
subscribed listeners when the configured spi-threshold is reached,
enabling timely SPI rotation.

Akhilesh Samineni (3):
  psp: add crypt-offset and spi-threshold get/set attributes
  netdevsim: psp: handle the new crypt-offset and spi-threshold get/set operations
  selftests: net: psp: add crypt-offset and spi-threshold test cases

 Documentation/netlink/specs/psp.yaml       | 13 +++++++++
 drivers/net/netdevsim/netdevsim.h          |  2 ++
 drivers/net/netdevsim/psp.c                |  6 ++++
 include/net/psp/types.h                    |  7 +++++
 include/uapi/linux/psp.h                   |  2 ++
 net/psp/psp-nl-gen.c                       |  6 ++--
 net/psp/psp_main.c                         |  3 ++
 net/psp/psp_nl.c                           | 27 +++++++++++++++---
 tools/testing/selftests/drivers/net/psp.py | 32 +++++++++++++++++++++++
 9 files changed, 92 insertions(+), 6 deletions(-)

-- 
2.45.4

Re: [PATCH net-next 0/3] psp: add crypt-offset and spi-threshold attributes

Posted by Jakub Kicinski 2 months ago

On Mon,  6 Apr 2026 15:23:02 -0700 Akhilesh Samineni wrote:
> This series introduces two new configurable per-device attributes to
> the PSP (PSP Security Protocol) subsystem: crypt-offset and spi-threshold.

Please read this document:
https://www.kernel.org/doc/html/next/process/maintainer-netdev.html
-- 
pw-bot: cr

Re: [PATCH net-next 0/3] psp: add crypt-offset and spi-threshold attributes

Posted by Akhilesh Samineni 2 months ago

On Tue, Apr 7, 2026 at 6:44 AM Jakub Kicinski <kuba@kernel.org> wrote:
>
> On Mon,  6 Apr 2026 15:23:02 -0700 Akhilesh Samineni wrote:
> > This series introduces two new configurable per-device attributes to
> > the PSP (PSP Security Protocol) subsystem: crypt-offset and spi-threshold.
>
> Please read this document:
> https://www.kernel.org/doc/html/next/process/maintainer-netdev.html
> --

Thank you for the link. I have reviewed the netdev process documentation.
I’ve ensured my patches pass checkpatch and include the correct maintainers.

> pw-bot: cr

Re: [PATCH net-next 0/3] psp: add crypt-offset and spi-threshold attributes

Posted by Jakub Kicinski 2 months ago

On Tue, 7 Apr 2026 21:09:38 +0530 Akhilesh Samineni wrote:
> > Please read this document:
> > https://www.kernel.org/doc/html/next/process/maintainer-netdev.html
> 
> Thank you for the link. I have reviewed the netdev process documentation.

It is one thing to make an unknowing mistake and another thing
to ignore someone asking you to read the documentation.
Please read the doc top to bottom and tell your entire team to read it.

Re: [PATCH net-next 0/3] psp: add crypt-offset and spi-threshold attributes

Posted by Akhilesh Samineni 2 months ago

On Wed, Apr 8, 2026 at 6:39 AM Jakub Kicinski <kuba@kernel.org> wrote:
>
> On Tue, 7 Apr 2026 21:09:38 +0530 Akhilesh Samineni wrote:
> > > Please read this document:
> > > https://www.kernel.org/doc/html/next/process/maintainer-netdev.html
> >
> > Thank you for the link. I have reviewed the netdev process documentation.
>
> It is one thing to make an unknowing mistake and another thing
> to ignore someone asking you to read the documentation.
> Please read the doc top to bottom and tell your entire team to read it.

Hi Jakub, Daniel,

My apologies. I missed the requirement in the documentation regarding
the necessity of a real driver implementation alongside netdevsim for
new APIs.

I will submit the next version of the patch after the PSP driver is upstreamed.

Re: [PATCH net-next 0/3] psp: add crypt-offset and spi-threshold attributes

Posted by Daniel Zahka 2 months ago

On 4/7/26 11:39 AM, Akhilesh Samineni wrote:
> On Tue, Apr 7, 2026 at 6:44 AM Jakub Kicinski <kuba@kernel.org> wrote:
>> On Mon,  6 Apr 2026 15:23:02 -0700 Akhilesh Samineni wrote:
>>> This series introduces two new configurable per-device attributes to
>>> the PSP (PSP Security Protocol) subsystem: crypt-offset and spi-threshold.
>> Please read this document:
>> https://www.kernel.org/doc/html/next/process/maintainer-netdev.html
>> --
> Thank you for the link. I have reviewed the netdev process documentation.
> I’ve ensured my patches pass checkpatch and include the correct maintainers.


Hi Akhilesh. There's a sentence in the netdevsim section of that 
document that is problematic for the series as it is currently: 
"netdevsim in itself is not considered a use case/user. You must also 
implement the new APIs in a real driver."