diff options
author | Thomas Haller <thaller@redhat.com> | 2019-12-31 14:01:58 +0100 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2020-01-09 10:42:32 +0100 |
commit | 1ffdca6331f81122045b9397576378617809b9e1 (patch) | |
tree | 3b2155d70d6eb08590b9efa7732b01ded220651a | |
parent | 14b5627633c7db4fb98e185e3a7cc6e1f01a6134 (diff) | |
download | NetworkManager-1ffdca6331f81122045b9397576378617809b9e1.tar.gz |
platform: implement link_macsec_add via nm_platform_link_add()
-rw-r--r-- | src/platform/nm-linux-platform.c | 82 | ||||
-rw-r--r-- | src/platform/nm-platform.c | 39 | ||||
-rw-r--r-- | src/platform/nm-platform.h | 23 |
3 files changed, 43 insertions, 101 deletions
diff --git a/src/platform/nm-linux-platform.c b/src/platform/nm-linux-platform.c index 3988248d83..6dbef6d7b2 100644 --- a/src/platform/nm-linux-platform.c +++ b/src/platform/nm-linux-platform.c @@ -3909,6 +3909,32 @@ _nl_msg_new_link_set_linkinfo (struct nl_msg *msg, NLA_PUT_U8 (msg, IFLA_IPTUN_PMTUDISC, !!props->path_mtu_discovery); break; } + case NM_LINK_TYPE_MACSEC: { + const NMPlatformLnkMacsec *props = extra_data; + + nm_assert (props); + + if (!(data = nla_nest_start (msg, IFLA_INFO_DATA))) + goto nla_put_failure; + + if (props->icv_length) + NLA_PUT_U8 (msg, IFLA_MACSEC_ICV_LEN, 16); + if (props->cipher_suite) + NLA_PUT_U64 (msg, IFLA_MACSEC_CIPHER_SUITE, props->cipher_suite); + if (props->replay_protect) + NLA_PUT_U32 (msg, IFLA_MACSEC_WINDOW, props->window); + + NLA_PUT_U64 (msg, IFLA_MACSEC_SCI, htobe64 (props->sci)); + NLA_PUT_U8 (msg, IFLA_MACSEC_ENCODING_SA, props->encoding_sa); + NLA_PUT_U8 (msg, IFLA_MACSEC_ENCRYPT, props->encrypt); + NLA_PUT_U8 (msg, IFLA_MACSEC_PROTECT, props->protect); + NLA_PUT_U8 (msg, IFLA_MACSEC_INC_SCI, props->include_sci); + NLA_PUT_U8 (msg, IFLA_MACSEC_ES, props->es); + NLA_PUT_U8 (msg, IFLA_MACSEC_SCB, props->scb); + NLA_PUT_U8 (msg, IFLA_MACSEC_REPLAY_PROTECT, props->replay_protect); + NLA_PUT_U8 (msg, IFLA_MACSEC_VALIDATION, props->validation); + break; + }; default: nm_assert (!extra_data); break; @@ -7363,61 +7389,6 @@ link_get_dev_id (NMPlatform *platform, int ifindex) } static gboolean -link_macsec_add (NMPlatform *platform, - const char *name, - int parent, - const NMPlatformLnkMacsec *props, - const NMPlatformLink **out_link) -{ - nm_auto_nlmsg struct nl_msg *nlmsg = NULL; - struct nlattr *info; - struct nlattr *data; - - nlmsg = _nl_msg_new_link (RTM_NEWLINK, - NLM_F_CREATE | NLM_F_EXCL, - 0, - name); - if (!nlmsg) - return FALSE; - - NLA_PUT_U32 (nlmsg, IFLA_LINK, parent); - - if (!(info = nla_nest_start (nlmsg, IFLA_LINKINFO))) - goto nla_put_failure; - - NLA_PUT_STRING (nlmsg, IFLA_INFO_KIND, "macsec"); - - if (!(data = nla_nest_start (nlmsg, IFLA_INFO_DATA))) - goto nla_put_failure; - - if (props->icv_length) - NLA_PUT_U8 (nlmsg, IFLA_MACSEC_ICV_LEN, 16); - if (props->cipher_suite) - NLA_PUT_U64 (nlmsg, IFLA_MACSEC_CIPHER_SUITE, props->cipher_suite); - if (props->replay_protect) - NLA_PUT_U32 (nlmsg, IFLA_MACSEC_WINDOW, props->window); - - NLA_PUT_U64 (nlmsg, IFLA_MACSEC_SCI, htobe64 (props->sci)); - NLA_PUT_U8 (nlmsg, IFLA_MACSEC_ENCODING_SA, props->encoding_sa); - NLA_PUT_U8 (nlmsg, IFLA_MACSEC_ENCRYPT, props->encrypt); - NLA_PUT_U8 (nlmsg, IFLA_MACSEC_PROTECT, props->protect); - NLA_PUT_U8 (nlmsg, IFLA_MACSEC_INC_SCI, props->include_sci); - NLA_PUT_U8 (nlmsg, IFLA_MACSEC_ES, props->es); - NLA_PUT_U8 (nlmsg, IFLA_MACSEC_SCB, props->scb); - NLA_PUT_U8 (nlmsg, IFLA_MACSEC_REPLAY_PROTECT, props->replay_protect); - NLA_PUT_U8 (nlmsg, IFLA_MACSEC_VALIDATION, props->validation); - - nla_nest_end (nlmsg, data); - nla_nest_end (nlmsg, info); - - return (do_add_link_with_lookup (platform, - NM_LINK_TYPE_MACSEC, - name, nlmsg, out_link) >= 0); -nla_put_failure: - g_return_val_if_reached (FALSE); -} - -static gboolean link_macvlan_add (NMPlatform *platform, const char *name, int parent, @@ -9144,7 +9115,6 @@ nm_linux_platform_class_init (NMLinuxPlatformClass *klass) platform_class->wpan_set_short_addr = wpan_set_short_addr; platform_class->wpan_set_channel = wpan_set_channel; - platform_class->link_macsec_add = link_macsec_add; platform_class->link_macvlan_add = link_macvlan_add; platform_class->link_tun_add = link_tun_add; diff --git a/src/platform/nm-platform.c b/src/platform/nm-platform.c index 831b26cb88..f152f1b2d4 100644 --- a/src/platform/nm-platform.c +++ b/src/platform/nm-platform.c @@ -1244,6 +1244,10 @@ nm_platform_link_add (NMPlatform *self, nm_utils_strbuf_append_str (&buf_p, &buf_len, ", "); nm_platform_lnk_ipip_to_string ((const NMPlatformLnkIpIp *) extra_data, buf_p, buf_len); break; + case NM_LINK_TYPE_MACSEC: + nm_utils_strbuf_append_str (&buf_p, &buf_len, ", "); + nm_platform_lnk_macsec_to_string ((const NMPlatformLnkMacsec *) extra_data, buf_p, buf_len); + break; default: nm_assert (!extra_data); break; @@ -2750,41 +2754,6 @@ nm_platform_link_infiniband_get_properties (NMPlatform *self, } /** - * nm_platform_macsec_add: - * @self: platform instance - * @name: name of the new interface - * @parent: parent link - * @props: interface properties - * @out_link: on success, the link object - * - * Create a MACsec interface. - */ -int -nm_platform_link_macsec_add (NMPlatform *self, - const char *name, - int parent, - const NMPlatformLnkMacsec *props, - const NMPlatformLink **out_link) -{ - int r; - - _CHECK_SELF (self, klass, -NME_BUG); - - g_return_val_if_fail (props, -NME_BUG); - g_return_val_if_fail (name, -NME_BUG); - - r = _link_add_check_existing (self, name, NM_LINK_TYPE_MACSEC, out_link); - if (r < 0) - return r; - - _LOG2D ("adding link %s", nm_platform_lnk_macsec_to_string (props, NULL, 0)); - - if (!klass->link_macsec_add (self, name, parent, props, out_link)) - return -NME_UNSPEC; - return 0; -} - -/** * nm_platform_macvlan_add: * @self: platform instance * @name: name of the new interface diff --git a/src/platform/nm-platform.h b/src/platform/nm-platform.h index 617c5cbe28..03df636f46 100644 --- a/src/platform/nm-platform.h +++ b/src/platform/nm-platform.h @@ -1039,11 +1039,6 @@ typedef struct { gboolean egress_reset_all, const NMVlanQosMapping *egress_map, gsize n_egress_map); - gboolean (*link_macsec_add) (NMPlatform *self, - const char *name, - int parent, - const NMPlatformLnkMacsec *props, - const NMPlatformLink **out_link); gboolean (*link_macvlan_add) (NMPlatform *self, const char *name, int parent, @@ -1493,6 +1488,19 @@ nm_platform_link_ipip_add (NMPlatform *self, return nm_platform_link_add (self, NM_LINK_TYPE_IPIP, name, 0, NULL, 0, props, out_link); } +static inline int +nm_platform_link_macsec_add (NMPlatform *self, + const char *name, + int parent, + const NMPlatformLnkMacsec *props, + const NMPlatformLink **out_link) +{ + g_return_val_if_fail (props, -NME_BUG); + g_return_val_if_fail (parent > 0, -NME_BUG); + + return nm_platform_link_add (self, NM_LINK_TYPE_MACSEC, name, parent, NULL, 0, props, out_link); +} + gboolean nm_platform_link_delete (NMPlatform *self, int ifindex); gboolean nm_platform_link_set_netns (NMPlatform *self, int ifindex, int netns_fd); @@ -1663,11 +1671,6 @@ const struct in6_addr *nm_platform_ip6_address_get_peer (const NMPlatformIP6Addr const NMPlatformIP4Address *nm_platform_ip4_address_get (NMPlatform *self, int ifindex, in_addr_t address, guint8 plen, in_addr_t peer_address); -int nm_platform_link_macsec_add (NMPlatform *self, - const char *name, - int parent, - const NMPlatformLnkMacsec *props, - const NMPlatformLink **out_link); int nm_platform_link_macvlan_add (NMPlatform *self, const char *name, int parent, |