[{"id":1753983,"web_url":"http://patchwork.ozlabs.org/comment/1753983/","msgid":"<20170822141627.GB11932@bistromath.localdomain>","list_archive_url":null,"date":"2017-08-22T14:16:27","subject":"Re: [PATCH 1/1] macsec_linux: exit early when missing macsec kernel\n\tmodule","submitter":{"id":47767,"url":"http://patchwork.ozlabs.org/api/people/47767/","name":"Sabrina Dubroca","email":"sd@queasysnail.net"},"content":"Hello Michael,\n\n2017-08-18, 19:44:20 +0200, Michael Braun wrote:\n> Using driver macsec_linux makes no sense without macsec kernel module loaded.\n> \n> Signed-off-by: Michael Braun \n> ---\n> src/drivers/driver_macsec_linux.c | 35 +++++++++++++++++++++++++++++++++++\n> 1 file changed, 35 insertions(+)\n> \n> diff --git a/src/drivers/driver_macsec_linux.c b/src/drivers/driver_macsec_linux.c\n> index 0694e60..df2197b 100644\n> --- a/src/drivers/driver_macsec_linux.c\n> +++ b/src/drivers/driver_macsec_linux.c\n> @@ -234,10 +234,45 @@ static void macsec_drv_wpa_deinit(void *priv)\n> }\n> \n> \n> +static int macsec_check_macsec()\n> +{\n> +\tstruct nl_sock *sk;\n> +\tint err = -1;\n> +\n> +\tsk = nl_socket_alloc();\n> +\tif (!sk) {\n> +\t\twpa_printf(MSG_ERROR, DRV_PREFIX \"failed to alloc genl socket\");\n> +\t\treturn -1;\n> +\t}\n> +\n> +\tif (genl_connect(sk) < 0) {\n> +\t\twpa_printf(MSG_ERROR,\n> +\t\t\t DRV_PREFIX \"connection to genl socket failed\");\n> +\t\tgoto out_free;\n> +\t}\n> +\n> +\tint macsec_genl_id = genl_ctrl_resolve(sk, \"macsec\");\n\nI'm not sure what version of the C standard hostap follows, but I\ndon't remember seeing mixed declarations and code.\n\n\n> +\tif (macsec_genl_id < 0) {\n> +\t\twpa_printf(MSG_ERROR, DRV_PREFIX \"genl resolve failed\");\n> +\t\tgoto out_free;\n> +\t}\n> +\n> +\terr = 0;\n> +\n> +out_free:\n> +\tnl_socket_free(sk);\n> +\treturn err;\n> +}\n> +\n> static void * macsec_drv_wpa_init(void *ctx, const char *ifname)\n> {\n> \tstruct macsec_drv_data *drv;\n> \n> +\tif (macsec_check_macsec() < 0) {\n> +\t\twpa_printf(MSG_ERROR, DRV_PREFIX \"macsec kernel module missing\");\n\nThat's not quite true. It's unlikely, but possible, that the check\nfailed in the alloc or connect steps. Since all the failure cases\nalready output an error, I'd drop this one, or add it to the \"genl\nresolve failed\" (\"genl resolve failed -- the macsec kernel module is\nprobably missing\" or similar).\n\n\nBTW, your patch led me to check if we could make the macsec module\nautoload, and I just submitted this patch to the kernel:\nhttps://patchwork.ozlabs.org/patch/804437/\n\n\n> +\t\treturn NULL;\n> +\t}\n> +\n> \tdrv = os_zalloc(sizeof(*drv));\n> \tif (!drv)\n> \t\treturn NULL;\n> -- \n> 2.1.4\n\n\nThanks.","headers":{"Return-Path":"","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":["ozlabs.org; spf=none (mailfrom)\n\tsmtp.mailfrom=lists.infradead.org (client-ip=65.50.211.133;\n\thelo=bombadil.infradead.org;\n\tenvelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;\n\treceiver=)","ozlabs.org; dkim=pass (2048-bit key;\n\tunprotected) header.d=lists.infradead.org\n\theader.i=@lists.infradead.org header.b=\"jER77PHc\"; \n\tdkim-atps=neutral","ext-mx04.extmail.prod.ext.phx2.redhat.com;\n\tdmarc=none (p=none dis=none)\n\theader.from=queasysnail.net","ext-mx04.extmail.prod.ext.phx2.redhat.com;\n\tspf=none smtp.mailfrom=sd@queasysnail.net"],"Received":["from bombadil.infradead.org (bombadil.infradead.org\n\t[65.50.211.133])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n\tbits)) (No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xcCM307cjz9s1h\n\tfor ;\n\tWed, 23 Aug 2017 00:17:51 +1000 (AEST)","from localhost ([127.0.0.1] helo=bombadil.infradead.org)\n\tby bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux))\n\tid 1dk9zd-0002bf-FH; Tue, 22 Aug 2017 14:17:21 +0000","from mx1.redhat.com ([209.132.183.28])\n\tby bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux))\n\tid 1dk9z9-0002Gy-72\n\tfor hostap@lists.infradead.org; Tue, 22 Aug 2017 14:16:58 +0000","from smtp.corp.redhat.com\n\t(int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11])\n\t(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby mx1.redhat.com (Postfix) with ESMTPS id 5643280472;\n\tTue, 22 Aug 2017 14:16:30 +0000 (UTC)","from bistromath.localdomain (ovpn-116-179.ams2.redhat.com\n\t[10.36.116.179])\n\tby smtp.corp.redhat.com (Postfix) with ESMTPS id 4E7BA7F796;\n\tTue, 22 Aug 2017 14:16:28 +0000 (UTC)"],"DKIM-Signature":"v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;\n\td=lists.infradead.org; s=bombadil.20170209; h=Sender:\n\tContent-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post:\n\tList-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References:\n\tMessage-ID:Subject:To:From:Date:Reply-To:Content-ID:Content-Description:\n\tResent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:\n\tList-Owner; bh=AdMnuURH+y1O4AovUW2ykOtiFQ7WzjDSzrkXJz2CrDg=;\n\tb=jER77PHcJn8Ppx\n\tAo0IlT2dCl0U+0+tKoarle79OJ94yLiNCnRAM2WF0nVDQqVUJnxCQc1Em/vKnj1dN3MsBKjvrrCVe\n\tUv1mzefwN02J4SmK400PYXH4UrE+IgLqMplfamf9k83Y4TGg4002XseIczTNzGhVOTqZorA17b8kZ\n\tSwVwpys2fl9lhM5XkF1jnxk5abv/2xzIJx2rJt2pv4R0Sle692K6rs83cGACPPpk86erIiXTuUW0G\n\t2Jl7Ccprj6kPiCGe701NtWLryVrbldeIcB9aogdqyuapBjsoqxdkkoSltVwpaLcO6whiPPOXwrwlI\n\t1sxEAqHP8iOgE2CfdS6A==;","DMARC-Filter":"OpenDMARC Filter v1.3.2 mx1.redhat.com 5643280472","DKIM-Filter":"OpenDKIM Filter v2.11.0 mx1.redhat.com 5643280472","Date":"Tue, 22 Aug 2017 16:16:27 +0200","From":"Sabrina Dubroca ","To":"Michael Braun ","Subject":"Re: [PATCH 1/1] macsec_linux: exit early when missing macsec kernel\n\tmodule","Message-ID":"<20170822141627.GB11932@bistromath.localdomain>","References":"<1503078260-22306-1-git-send-email-michael-dev@fami-braun.de>","MIME-Version":"1.0","Content-Disposition":"inline","In-Reply-To":"<1503078260-22306-1-git-send-email-michael-dev@fami-braun.de>","User-Agent":"Mutt/1.8.3 (2017-05-23)","X-Scanned-By":"MIMEDefang 2.79 on 10.5.11.11","X-Greylist":"Sender IP whitelisted, not delayed by milter-greylist-4.5.16\n\t(mx1.redhat.com [10.5.110.28]); Tue, 22 Aug 2017 14:16:30 +0000 (UTC)","X-CRM114-Version":"20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 ","X-CRM114-CacheID":"sfid-20170822_071651_443690_6D4BEC59 ","X-CRM114-Status":"GOOD ( 18.11 )","X-Spam-Score":"-6.9 (------)","X-Spam-Report":"SpamAssassin version 3.4.1 on bombadil.infradead.org summary:\n\tContent analysis details: (-6.9 points)\n\tpts rule name description\n\t---- ----------------------\n\t--------------------------------------------------\n\t-5.0 RCVD_IN_DNSWL_HI RBL: Sender listed at http://www.dnswl.org/,\n\thigh trust [209.132.183.28 listed in list.dnswl.org]\n\t-0.0 SPF_HELO_PASS SPF: HELO matches SPF record\n\t-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%\n\t[score: 0.0000]","X-BeenThere":"hostap@lists.infradead.org","X-Mailman-Version":"2.1.21","Precedence":"list","List-Id":"","List-Unsubscribe":",\n\t","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n\t","Cc":"projekt-wlan@fem.tu-ilmenau.de, hostap@lists.infradead.org","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Sender":"\"Hostap\" ","Errors-To":"hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org"}},{"id":1754035,"web_url":"http://patchwork.ozlabs.org/comment/1754035/","msgid":"<4564343ec97793c3332d5dfefff1de49@fami-braun.de>","list_archive_url":null,"date":"2017-08-22T14:54:31","subject":"Re: [PATCH 1/1] macsec_linux: exit early when missing macsec kernel\n\tmodule","submitter":{"id":3892,"url":"http://patchwork.ozlabs.org/api/people/3892/","name":"michael-dev","email":"michael-dev@fami-braun.de"},"content":"Am 22.08.2017 16:16, schrieb Sabrina Dubroca:\n>> +\tint macsec_genl_id = genl_ctrl_resolve(sk, \"macsec\");\n> \n> I'm not sure what version of the C standard hostap follows, but I\n> don't remember seeing mixed declarations and code.\n\nyou're right.\n\n>> +\tif (macsec_check_macsec() < 0) {\n>> +\t\twpa_printf(MSG_ERROR, DRV_PREFIX \"macsec kernel module missing\");\n> \n> That's not quite true. It's unlikely, but possible, that the check\n> failed in the alloc or connect steps. Since all the failure cases\n> already output an error, I'd drop this one, or add it to the \"genl\n> resolve failed\" (\"genl resolve failed -- the macsec kernel module is\n> probably missing\" or similar).\n\nI'll change it while I'm at it.\n\n> BTW, your patch led me to check if we could make the macsec module\n> autoload, and I just submitted this patch to the kernel:\n> https://patchwork.ozlabs.org/patch/804437/\n\nNice.\n\nThanks,\nM. Braun","headers":{"Return-Path":"","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":["ozlabs.org; spf=none (mailfrom)\n\tsmtp.mailfrom=lists.infradead.org (client-ip=65.50.211.133;\n\thelo=bombadil.infradead.org;\n\tenvelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;\n\treceiver=)","ozlabs.org; dkim=pass (2048-bit key;\n\tunprotected) header.d=lists.infradead.org\n\theader.i=@lists.infradead.org header.b=\"eDD1VRE/\"; \n\tdkim=fail reason=\"signature verification failed\" (1024-bit key;\n\tunprotected) header.d=fami-braun.de header.i=@fami-braun.de\n\theader.b=\"Sai75rvd\"; dkim-atps=neutral"],"Received":["from bombadil.infradead.org (bombadil.infradead.org\n\t[65.50.211.133])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n\tbits)) (No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xcDBp6fRvz9s8P\n\tfor ;\n\tWed, 23 Aug 2017 00:55:46 +1000 (AEST)","from localhost ([127.0.0.1] helo=bombadil.infradead.org)\n\tby bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux))\n\tid 1dkAaR-0001MD-PM; Tue, 22 Aug 2017 14:55:23 +0000","from mo6-p00-ob.smtp.rzone.de ([2a01:238:20a:202:5300::2])\n\tby bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux))\n\tid 1dkAa3-0000zq-2P\n\tfor hostap@lists.infradead.org; Tue, 22 Aug 2017 14:55:01 +0000","from dynamic.fami-braun.de (p4FD34E38.dip0.t-ipconnect.de\n\t[79.211.78.56]) by smtp.strato.de (RZmta 41.3 DYNA|AUTH)\n\twith ESMTPSA id g02b4at7MEsYDzr\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve\n\tsecp521r1 with 521 ECDH bits, eq. 15360 bits RSA))\n\t(Client did not present a certificate);\n\tTue, 22 Aug 2017 16:54:34 +0200 (CEST)","from dynamic.fami-braun.de (localhost [127.0.0.1])\n\tby dynamic.fami-braun.de (fami-braun.de) with ESMTP id 0DEE11541DF;\n\tTue, 22 Aug 2017 16:54:34 +0200 (CEST)","from +CUF8u6hhGh/fAqYWIOwnnGUiEs1esvcC2JbbCbbfMoqFEyGGvVY8Q==\n\t(frl9YqXDYDTUmSKePLJoFUIY7tOqGRG4) by webmail.fami-braun.de\n\twith HTTP (HTTP/1.1 POST); Tue, 22 Aug 2017 16:54:31 +0200"],"DKIM-Signature":["v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;\n\td=lists.infradead.org; s=bombadil.20170209; h=Sender:Content-Type:\n\tContent-Transfer-Encoding:Cc:List-Subscribe:List-Help:List-Post:List-Archive:\n\tList-Unsubscribe:List-Id:Message-ID:References:In-Reply-To:Subject:To:From:\n\tDate:MIME-Version:Reply-To:Content-ID:Content-Description:Resent-Date:\n\tResent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;\n\tbh=wXoAKt4ZdwEcMqK7ZPcaGSjILd//KKQjcXIEP851kDs=;\n\tb=eDD1VRE/KXe76LeCAMuGQI0N7\n\twyiqmHRcqVo8HX4Zqw6jZ4iHYsIB0JXPjNJmqAdwIRB45BJ4S4GjO5e5s9YCPdxYFUnWLkiWPGzeH\n\tvO2HkJMKdV1xsqoxF4qTLsk+BzjxcWhqsLpSYPhPFHHbfnFY0F9CSmpZvrLBL0raImkJ82aK81Gj5\n\tMd6R+JpgpBLaWLOUbjApo6xBdwz+X5eU6/YpRXNee1r7TuHBBwA/slJEXX+DHZAfxoe9KLc7a9+2V\n\tevr/54mOL1fAEC61JL7xGuN4BXxgrJI3dD/BsR7ELZpAhn4cnY7FszLyLvJnu4tysTg55d3u8UkmW\n\t92V/osjgg==;","v=1; a=rsa-sha256; c=relaxed/relaxed; t=1503413675;\n\tl=924; s=domk; d=fami-braun.de;\n\th=References:In-Reply-To:Subject:Cc:To:From:Date:\n\tContent-Transfer-Encoding:Content-Type:MIME-Version;\n\tbh=2ZpZJmxYNvz9mWHN0lo8ps/AwEdO355XO1BY7ZOVlKk=;\n\tb=Sai75rvdm7v2Yk/kbkUUbKi7zKpNYWe6ejpt5WA1rrBcIJosrLHWlKguBFnicB06Tv\n\tEU80V46oVovX/UDmVEDbVY/+7j66dBphcRQUQPwTUnp6NPVldRlPOK8le9NCHrgazNxK\n\tAcS8J7uI1OfhJJ3fPjqoyzx+ns7wNjzrUUejw="],"X-RZG-AUTH":":P20JeEWkefDI1ODZs1HHtgV3eF0OpFsRaGIBBWYxhJvJPtnXtogBWnvAo0oTzCWgZs1oU98=","X-RZG-CLASS-ID":"mo00","MIME-Version":"1.0","Date":"Tue, 22 Aug 2017 16:54:31 +0200","From":"michael-dev ","To":"Sabrina Dubroca ","Subject":"Re: [PATCH 1/1] macsec_linux: exit early when missing macsec kernel\n\tmodule","In-Reply-To":"<20170822141627.GB11932@bistromath.localdomain>","References":"<1503078260-22306-1-git-send-email-michael-dev@fami-braun.de>\n\t<20170822141627.GB11932@bistromath.localdomain>","Message-ID":"<4564343ec97793c3332d5dfefff1de49@fami-braun.de>","X-Sender":"michael-dev@fami-braun.de","User-Agent":"Roundcube Webmail/1.3.0 ","X-Virus-Scanned":"clamav-milter 0.99.2 at gate","X-Virus-Status":"Clean","X-Spam-Status":"No, score=-1.9 required=5.0 tests=BAYES_00, UNPARSEABLE_RELAY\n\tautolearn=ham autolearn_force=no version=3.4.0","X-Spam-Checker-Version":"SpamAssassin 3.4.0 (2014-02-07) on gate.zuhause.all","X-CRM114-Version":"20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 ","X-CRM114-CacheID":"sfid-20170822_075459_489437_AE79D06B ","X-CRM114-Status":"GOOD ( 10.10 )","X-Spam-Score":"-2.7 (--)","X-Spam-Report":"SpamAssassin version 3.4.1 on bombadil.infradead.org summary:\n\tContent analysis details: (-2.7 points)\n\tpts rule name description\n\t---- ----------------------\n\t--------------------------------------------------\n\t-0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/,\n\tlow\n\ttrust [2a01:238:20a:202:5300:0:0:2 listed in] [list.dnswl.org]\n\t-0.0 SPF_HELO_PASS SPF: HELO matches SPF record\n\t-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%\n\t[score: 0.0000]\n\t-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature\n\t0.1 DKIM_SIGNED Message has a DKIM or DK signature,\n\tnot necessarily valid\n\t-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from\n\tauthor's domain\n\t0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay\n\tlines","X-BeenThere":"hostap@lists.infradead.org","X-Mailman-Version":"2.1.21","Precedence":"list","List-Id":"","List-Unsubscribe":",\n\t","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n\t","Cc":"projekt-wlan@fem.tu-ilmenau.de, hostap@lists.infradead.org","Content-Transfer-Encoding":"7bit","Content-Type":"text/plain; charset=\"us-ascii\"; Format=\"flowed\"","Sender":"\"Hostap\" ","Errors-To":"hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org"}}]