Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag

[RFC net-next v2 0/5] Add MACsec support for TJA11XX C45 PHYs · Radu Pirea (NXP OSS) <hidden> · 2023-08-24
[RFC net-next v2 1/5] net: macsec: documentation for macsec_context and macsec_ops · Radu Pirea (NXP OSS) <hidden> · 2023-08-24
Re: [RFC net-next v2 1/5] net: macsec: documentation for macsec_context and macsec_ops · Antoine Tenart <atenart@kernel.org> · 2023-08-24
[RFC net-next v2 4/5] net: phy: nxp-c45-tja11xx: add MACsec statistics · Radu Pirea (NXP OSS) <hidden> · 2023-08-24
Re: [RFC net-next v2 4/5] net: phy: nxp-c45-tja11xx: add MACsec statistics · Sabrina Dubroca <sd@queasysnail.net> · 2023-08-25
Re: [RFC net-next v2 4/5] net: phy: nxp-c45-tja11xx: add MACsec statistics · Radu Pirea (OSS) <hidden> · 2023-08-25
[RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · Radu Pirea (NXP OSS) <hidden> · 2023-08-24
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · Simon Horman <horms@kernel.org> · 2023-08-27
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · Sabrina Dubroca <sd@queasysnail.net> · 2023-08-28
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · Radu Pirea (OSS) <hidden> · 2023-08-28
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · Sabrina Dubroca <sd@queasysnail.net> · 2023-08-30
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · Radu Pirea <hidden> · 2023-09-01
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · "Russell King (Oracle)" <linux@armlinux.org.uk> · 2023-09-01
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · Radu Pirea (OSS) <hidden> · 2023-09-01
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · "Russell King (Oracle)" <linux@armlinux.org.uk> · 2023-09-01
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · Sabrina Dubroca <sd@queasysnail.net> · 2023-09-01
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · "Russell King (Oracle)" <linux@armlinux.org.uk> · 2023-09-01
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · Sabrina Dubroca <sd@queasysnail.net> · 2023-09-01
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · Radu Pirea (OSS) <hidden> · 2023-09-01
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · Sabrina Dubroca <sd@queasysnail.net> · 2023-09-01
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · Radu Pirea (OSS) <hidden> · 2023-09-01
Re: [RFC net-next v2 5/5] net: phy: nxp-c45-tja11xx: implement mdo_insert_tx_tag · Sabrina Dubroca <sd@queasysnail.net> · 2023-09-01
[RFC net-next v2 2/5] net: macsec: introduce mdo_insert_tx_tag · Radu Pirea (NXP OSS) <hidden> · 2023-08-24
Re: [RFC net-next v2 2/5] net: macsec: introduce mdo_insert_tx_tag · Sabrina Dubroca <sd@queasysnail.net> · 2023-08-24
Re: [RFC net-next v2 2/5] net: macsec: introduce mdo_insert_tx_tag · Radu Pirea (OSS) <hidden> · 2023-08-25
[RFC net-next v2 3/5] net: phy: nxp-c45-tja11xx add MACsec support · Radu Pirea (NXP OSS) <hidden> · 2023-08-24
Re: [RFC net-next v2 3/5] net: phy: nxp-c45-tja11xx add MACsec support · Sabrina Dubroca <sd@queasysnail.net> · 2023-08-25
Re: [RFC net-next v2 3/5] net: phy: nxp-c45-tja11xx add MACsec support · Andrew Lunn <andrew@lunn.ch> · 2023-08-25
Re: [RFC net-next v2 3/5] net: phy: nxp-c45-tja11xx add MACsec support · Radu Pirea (OSS) <hidden> · 2023-08-25
Re: [RFC net-next v2 3/5] net: phy: nxp-c45-tja11xx add MACsec support · Andrew Lunn <andrew@lunn.ch> · 2023-08-25
Re: [RFC net-next v2 3/5] net: phy: nxp-c45-tja11xx add MACsec support · Radu Pirea (OSS) <hidden> · 2023-08-25
Re: [RFC net-next v2 3/5] net: phy: nxp-c45-tja11xx add MACsec support · "Russell King (Oracle)" <linux@armlinux.org.uk> · 2023-08-30
Re: [RFC net-next v2 3/5] net: phy: nxp-c45-tja11xx add MACsec support · Sabrina Dubroca <sd@queasysnail.net> · 2023-08-28
Re: [RFC net-next v2 3/5] net: phy: nxp-c45-tja11xx add MACsec support · Simon Horman <horms@kernel.org> · 2023-08-27

From: Radu Pirea (OSS) <hidden>
Date: 2023-08-28 13:47:02
Also in: lkml


On 28.08.2023 13:17, Sabrina Dubroca wrote:

2023-08-24, 12:16:15 +0300, Radu Pirea (NXP OSS) wrote:

quoted

Implement mdo_insert_tx_tag to insert the TLV header in the ethernet
frame.

If extscs parameter is set to 1, then the TLV header will contain the
TX SC that will be used to encrypt the frame, otherwise the TX SC will
be selected using the MAC source address.

In which case would a user choose not to use the SCI? Using the MAC
address is probably fine in basic setups, but having to fiddle with a
module parameter (so unloading and reloading the module, which means
losing network connectivity) to make things work when the setup
evolves is really not convenient.

Is there a drawback to always using the SCI?

I see your concern. If the PHY driver is reloaded, then the offloaded 
MACsec configuration will vanish from the hardware. Actually, just a 
call to phy_disconnect is enough to break an offloaded MACsec iface and 
can be achieved by:
ip link set eth0 down && ip link set eth0 up

The only drawback is related to the PTP frames encryption. Due to 
hardware limitations, PHY timestamping + MACsec will not work if the 
custom header is inserted. The only way to get this work is by using the 
MAC SA selection and running PTP on the real netdev.


-- 
Radu P.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help