This uses libnl3 to communicate with the macsec module available on Linux. A recent enough version of libnl is needed for the hardware offload support. Signed-off-by: Emeel Hakim <ehakim@xxxxxxxxxx> --- src/drivers/driver_macsec_linux.c | 34 +++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/src/drivers/driver_macsec_linux.c b/src/drivers/driver_macsec_linux.c index b609bbf38..ac34d7ed9 100644 --- a/src/drivers/driver_macsec_linux.c +++ b/src/drivers/driver_macsec_linux.c @@ -73,6 +73,9 @@ struct macsec_drv_data { bool replay_protect; bool replay_protect_set; + enum macsec_offload offload; + bool offload_set; + u32 replay_window; u8 encoding_sa; @@ -228,6 +231,14 @@ static int try_commit(struct macsec_drv_data *drv) drv->replay_window); } + if (drv->offload_set) { + wpa_printf(MSG_DEBUG, DRV_PREFIX + "%s: try_commit offload=%d", + drv->ifname, drv->offload); + rtnl_link_macsec_set_offload(drv->link, + drv->offload); + } + if (drv->encoding_sa_set) { wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: try_commit encoding_sa=%d", @@ -455,6 +466,28 @@ static int macsec_drv_set_replay_protect(void *priv, bool enabled, } +/** + * macsec_drv_set_offload - Set offload status + * @priv: Private driver interface data + * @offload: 0 = MACSEC_OFFLOAD_OFF + * 1 = MACSEC_OFFLOAD_PHY + * 2 = MACSEC_OFFLOAD_MAC + * Returns: 0 on success, -1 on failure (or if not supported) + */ +static int macsec_drv_set_offload(void *priv, u8 offload) +{ + struct macsec_drv_data *drv = priv; + + + wpa_printf(MSG_DEBUG, "%s -> %02" PRIx8, __func__, offload); + + drv->offload_set = true; + drv->offload = offload; + + return try_commit(drv); +} + + /** * macsec_drv_set_current_cipher_suite - Set current cipher suite * @priv: Private driver interface data @@ -1648,6 +1681,7 @@ const struct wpa_driver_ops wpa_driver_macsec_linux_ops = { .enable_protect_frames = macsec_drv_enable_protect_frames, .enable_encrypt = macsec_drv_enable_encrypt, .set_replay_protect = macsec_drv_set_replay_protect, + .set_offload = macsec_drv_set_offload, .set_current_cipher_suite = macsec_drv_set_current_cipher_suite, .enable_controlled_port = macsec_drv_enable_controlled_port, .get_receive_lowest_pn = macsec_drv_get_receive_lowest_pn, -- 2.21.3 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap