Hi,
> +struct macsec_rx_sa_stats {
> + __u32 InPktsOK;
> + __u32 InPktsInvalid;
> + __u32 InPktsNotValid;
> + __u32 InPktsNotUsingSA;
> + __u32 InPktsUnusedSA;
> +};
> +
> +struct macsec_tx_sa_stats {
> + __u32 OutPktsProtected;
> + __u32 OutPktsEncrypted;
> +};
Just noticed this: is there a particular reason for using only __u32
here? The others all seem to use __u64.
> +static int macsec_dump_txsc(struct sk_buff *skb, struct
> netlink_callback *cb)
> +{
> + struct net *net = sock_net(skb->sk);
> + struct net_device *dev;
> + int dev_idx, d;
> +
> + dev_idx = cb->args[0];
> +
> + d = 0;
> + for_each_netdev(net, dev) {
> + struct macsec_secy *secy;
> +
> + if (d < dev_idx)
> + goto next;
> +
> + if (!netif_is_macsec(dev))
> + goto next;
> +
> + secy = &macsec_priv(dev)->secy;
> + if (dump_secy(secy, dev, skb, cb) < 0)
> + goto done;
> +next:
> + d++;
> + }
> +
> +done:
> + cb->args[0] = d;
> + return skb->len;
> +}
Maybe you should consider adding genl_dump_check_consistent() support
here, so userspace can figure out if the dump was really consistent, if
necessary.
To do this, you have to keep a global generation counter that changes
whenever this list changes (adding/removing macsec interfaces, I think)
and then set
cb->seq = macsec_generation_counter;
at the beginning of this function, and call
genl_dump_check_consistent() for each message in the loop.
Btw, aren't you missing locking here for for_each_netdev()?
johannes
