drivers/net/macsec.c
Source file repositories/reference/linux-study-clean/drivers/net/macsec.c
File Facts
- System
- Linux kernel
- Corpus path
drivers/net/macsec.c- Extension
.c- Size
- 114623 bytes
- Lines
- 4564
- Domain
- Driver Families
- Bucket
- drivers/net
- Inferred role
- Driver Families: operation-table or driver-model contract
- Status
- pattern implementation candidate
Why This File Exists
Repeatable hardware-adapter layer. Deep compatibility for every driver is out of scope; this atlas records patterns, probe lifecycles, bus glue, IRQ/DMA usage, and links back to core abstractions.
- Repeatable hardware-adapter layer. Deep compatibility for every driver is out of scope; this atlas records patterns, probe lifecycles, bus glue, IRQ/DMA usage, and links back to core abstractions.
- Defines an operation table; this is where Linux turns generic core objects into subsystem-specific behavior.
- Uses kernel synchronization; read lock ordering, sleepability, and interrupt context assumptions before translating.
- Allocates kernel memory; connect allocation flags and lifetime to context constraints.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
linux/types.hlinux/skbuff.hlinux/socket.hlinux/module.hcrypto/aead.hlinux/etherdevice.hlinux/netdevice.hlinux/rtnetlink.hlinux/refcount.hnet/genetlink.hnet/sock.hnet/gro_cells.hnet/macsec.hnet/dst_metadata.hnet/netdev_lock.hlinux/phy.hlinux/byteorder/generic.hlinux/if_arp.huapi/linux/if_macsec.h
Detected Declarations
struct macsec_eth_headerstruct gcm_iv_xpnstruct gcm_ivstruct pcpu_secy_statsstruct macsec_devstruct macsec_rxh_datastruct macsec_cbfunction free_rx_sc_rcufunction macsec_rxsc_putfunction free_rxsa_workfunction macsec_rxsa_putfunction free_txsa_workfunction macsec_txsa_putfunction make_scifunction macsec_active_scifunction macsec_frame_scifunction macsec_sectag_lenfunction macsec_hdr_lenfunction macsec_extra_lenfunction macsec_fill_sectagfunction macsec_set_shortlenfunction macsec_is_offloadedfunction macsec_check_offloadfunction macsec_validate_skbfunction macsec_fill_iv_xpnfunction macsec_fill_ivfunction __macsec_pn_wrappedfunction macsec_pn_wrappedfunction tx_sa_update_pnfunction macsec_encrypt_finishfunction macsec_msdu_lenfunction macsec_count_txfunction count_txfunction macsec_encrypt_donefunction macsec_post_decryptfunction macsec_reset_skbfunction macsec_finalize_skbfunction count_rxfunction macsec_decrypt_donefunction for_each_rxscfunction for_each_rxsc_rtnlfunction handle_not_macsecfunction list_for_each_entry_rcufunction macsec_handle_framefunction list_for_each_entry_rcufunction list_for_each_entry_rcufunction init_rx_safunction clear_rx_sa
Annotated Snippet
static const struct net_device_ops macsec_netdev_ops = {
.ndo_init = macsec_dev_init,
.ndo_uninit = macsec_dev_uninit,
.ndo_open = macsec_dev_open,
.ndo_stop = macsec_dev_stop,
.ndo_fix_features = macsec_fix_features,
.ndo_change_mtu = macsec_change_mtu,
.ndo_set_rx_mode = macsec_dev_set_rx_mode,
.ndo_change_rx_flags = macsec_dev_change_rx_flags,
.ndo_set_mac_address = macsec_set_mac_address,
.ndo_vlan_rx_add_vid = macsec_vlan_rx_add_vid,
.ndo_vlan_rx_kill_vid = macsec_vlan_rx_kill_vid,
.ndo_start_xmit = macsec_start_xmit,
.ndo_get_stats64 = macsec_get_stats64,
.ndo_get_iflink = macsec_get_iflink,
};
static const struct device_type macsec_type = {
.name = "macsec",
};
static int validate_cipher_suite(const struct nlattr *attr,
struct netlink_ext_ack *extack);
static const struct nla_policy macsec_rtnl_policy[IFLA_MACSEC_MAX + 1] = {
[IFLA_MACSEC_SCI] = { .type = NLA_U64 },
[IFLA_MACSEC_PORT] = { .type = NLA_U16 },
[IFLA_MACSEC_ICV_LEN] = NLA_POLICY_RANGE(NLA_U8, MACSEC_MIN_ICV_LEN, MACSEC_STD_ICV_LEN),
[IFLA_MACSEC_CIPHER_SUITE] = NLA_POLICY_VALIDATE_FN(NLA_U64, validate_cipher_suite),
[IFLA_MACSEC_WINDOW] = { .type = NLA_U32 },
[IFLA_MACSEC_ENCODING_SA] = NLA_POLICY_MAX(NLA_U8, MACSEC_NUM_AN - 1),
[IFLA_MACSEC_ENCRYPT] = NLA_POLICY_MAX(NLA_U8, 1),
[IFLA_MACSEC_PROTECT] = NLA_POLICY_MAX(NLA_U8, 1),
[IFLA_MACSEC_INC_SCI] = NLA_POLICY_MAX(NLA_U8, 1),
[IFLA_MACSEC_ES] = NLA_POLICY_MAX(NLA_U8, 1),
[IFLA_MACSEC_SCB] = NLA_POLICY_MAX(NLA_U8, 1),
[IFLA_MACSEC_REPLAY_PROTECT] = NLA_POLICY_MAX(NLA_U8, 1),
[IFLA_MACSEC_VALIDATION] = NLA_POLICY_MAX(NLA_U8, MACSEC_VALIDATE_MAX),
[IFLA_MACSEC_OFFLOAD] = NLA_POLICY_MAX(NLA_U8, MACSEC_OFFLOAD_MAX),
};
static void macsec_free_netdev(struct net_device *dev)
{
struct macsec_dev *macsec = macsec_priv(dev);
dst_release(&macsec->secy.tx_sc.md_dst->dst);
free_percpu(macsec->stats);
free_percpu(macsec->secy.tx_sc.stats);
/* Get rid of the macsec's reference to real_dev */
netdev_put(macsec->real_dev, &macsec->dev_tracker);
}
static void macsec_setup(struct net_device *dev)
{
ether_setup(dev);
dev->min_mtu = 0;
dev->max_mtu = ETH_MAX_MTU;
dev->priv_flags |= IFF_NO_QUEUE | IFF_UNICAST_FLT;
dev->netdev_ops = &macsec_netdev_ops;
dev->needs_free_netdev = true;
dev->priv_destructor = macsec_free_netdev;
SET_NETDEV_DEVTYPE(dev, &macsec_type);
eth_zero_addr(dev->broadcast);
}
static int macsec_changelink_common(struct net_device *dev,
struct nlattr *data[])
{
struct macsec_secy *secy;
struct macsec_tx_sc *tx_sc;
secy = &macsec_priv(dev)->secy;
tx_sc = &secy->tx_sc;
if (data[IFLA_MACSEC_ENCODING_SA]) {
struct macsec_tx_sa *tx_sa;
tx_sc->encoding_sa = nla_get_u8(data[IFLA_MACSEC_ENCODING_SA]);
tx_sa = rtnl_dereference(tx_sc->sa[tx_sc->encoding_sa]);
secy->operational = tx_sa && tx_sa->active;
}
if (data[IFLA_MACSEC_ENCRYPT])
tx_sc->encrypt = !!nla_get_u8(data[IFLA_MACSEC_ENCRYPT]);
if (data[IFLA_MACSEC_PROTECT])
secy->protect_frames = !!nla_get_u8(data[IFLA_MACSEC_PROTECT]);
Annotation
- Immediate include surface: `linux/types.h`, `linux/skbuff.h`, `linux/socket.h`, `linux/module.h`, `crypto/aead.h`, `linux/etherdevice.h`, `linux/netdevice.h`, `linux/rtnetlink.h`.
- Detected declarations: `struct macsec_eth_header`, `struct gcm_iv_xpn`, `struct gcm_iv`, `struct pcpu_secy_stats`, `struct macsec_dev`, `struct macsec_rxh_data`, `struct macsec_cb`, `function free_rx_sc_rcu`, `function macsec_rxsc_put`, `function free_rxsa_work`.
- Atlas domain: Driver Families / drivers/net.
- Implementation status: pattern implementation candidate.
- Synchronization appears in or near this file; preserve lock ordering, sleepability, and interrupt-context constraints.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.