macsec: add support for IFLA_MACSEC_OFFLOAD in macsec_changelink

	return false;

}

static int macsec_update_offload(struct net_device *dev, enum macsec_offload offload)

{

	enum macsec_offload prev_offload;

	const struct macsec_ops *ops;

	struct macsec_context ctx;

	struct macsec_dev *macsec;

	int ret = 0;

	macsec = macsec_priv(dev);

	/* Check if the offloading mode is supported by the underlying layers */

	if (offload != MACSEC_OFFLOAD_OFF &&

	    !macsec_check_offload(offload, macsec))

		return -EOPNOTSUPP;

	/* Check if the net device is busy. */

	if (netif_running(dev))

		return -EBUSY;

	/* Check if the device already has rules configured: we do not support

	 * rules migration.

	 */

	if (macsec_is_configured(macsec))

		return -EBUSY;

	prev_offload = macsec->offload;

	ops = __macsec_get_ops(offload == MACSEC_OFFLOAD_OFF ? prev_offload : offload,

			       macsec, &ctx);

	if (!ops)

		return -EOPNOTSUPP;

	macsec->offload = offload;

	ctx.secy = &macsec->secy;

	ret = offload == MACSEC_OFFLOAD_OFF ? macsec_offload(ops->mdo_del_secy, &ctx)

					    : macsec_offload(ops->mdo_add_secy, &ctx);

	if (ret)

		macsec->offload = prev_offload;

	return ret;

}

static int macsec_upd_offload(struct sk_buff *skb, struct genl_info *info)

{

	struct nlattr *tb_offload[MACSEC_OFFLOAD_ATTR_MAX + 1];

	enum macsec_offload offload, prev_offload;

	int (*func)(struct macsec_context *ctx);

	struct nlattr **attrs = info->attrs;

	struct net_device *dev;

	const struct macsec_ops *ops;

	struct macsec_context ctx;

	enum macsec_offload offload;

	struct macsec_dev *macsec;

	struct net_device *dev;

	int ret = 0;

	if (!attrs[MACSEC_ATTR_IFINDEX])

	}

	offload = nla_get_u8(tb_offload[MACSEC_OFFLOAD_ATTR_TYPE]);

	if (macsec->offload == offload)

		goto out;

	/* Check if the offloading mode is supported by the underlying layers */

	if (offload != MACSEC_OFFLOAD_OFF &&

	    !macsec_check_offload(offload, macsec)) {

		ret = -EOPNOTSUPP;

		goto out;

	}

	/* Check if the net device is busy. */

	if (netif_running(dev)) {

		ret = -EBUSY;

		goto out;

	}

	prev_offload = macsec->offload;

	macsec->offload = offload;

	/* Check if the device already has rules configured: we do not support

	 * rules migration.

	 */

	if (macsec_is_configured(macsec)) {

		ret = -EBUSY;

		goto rollback;

	}

	ops = __macsec_get_ops(offload == MACSEC_OFFLOAD_OFF ? prev_offload : offload,

			       macsec, &ctx);

	if (!ops) {

		ret = -EOPNOTSUPP;

		goto rollback;

	}

	if (prev_offload == MACSEC_OFFLOAD_OFF)

		func = ops->mdo_add_secy;

	else

		func = ops->mdo_del_secy;

	ctx.secy = &macsec->secy;

	ret = macsec_offload(func, &ctx);

	if (ret)

		goto rollback;

	rtnl_unlock();

	return 0;

rollback:

	macsec->offload = prev_offload;

	if (macsec->offload != offload)

		ret = macsec_update_offload(dev, offload);

out:

	rtnl_unlock();

	return ret;

			     struct netlink_ext_ack *extack)

{

	struct macsec_dev *macsec = macsec_priv(dev);

	bool macsec_offload_state_change = false;

	enum macsec_offload offload;

	struct macsec_tx_sc tx_sc;

	struct macsec_secy secy;

	int ret;

	if (ret)

		goto cleanup;

	if (data[IFLA_MACSEC_OFFLOAD]) {

		offload = nla_get_u8(data[IFLA_MACSEC_OFFLOAD]);

		if (macsec->offload != offload) {

			macsec_offload_state_change = true;

			ret = macsec_update_offload(dev, offload);

			if (ret)

				goto cleanup;

		}

	}

	/* If h/w offloading is available, propagate to the device */

	if (macsec_is_offloaded(macsec)) {

	if (!macsec_offload_state_change && macsec_is_offloaded(macsec)) {

		const struct macsec_ops *ops;

		struct macsec_context ctx;