In Innova TLS, TLS contexts are added or deleted
via a command message over the SBU connection.
The HW then sends a response message over the same connection.
Complete the implementation for Innova TLS (FPGA-based) hardware by
adding support for rx inline crypto offload.
Signed-off-by: Boris
This patch completes the generic infrastructure to offload TLS crypto to a
network device. It enables the kernel to skip decryption and
authentication of some skbs marked as decrypted by the NIC. In the fast
path, all packets received are decrypted by the NIC and the performance
is comparable to
Hi,
The following series provides TLS RX inline crypto offload.
v5->v4:
- Remove the Kconfig to mutually exclude both IPsec and TLS
v4->v3:
- Remove the iov revert for zero copy send flow
v2->v3:
- Fix typo
- Adjust cover letter
- Fix bug in zero copy flows
- Use
Add new netdev tls op for resynchronizing HW tls context
Signed-off-by: Boris Pismenny
---
include/linux/netdevice.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
index b683971..0434df3 100644
--- a/include/linux/netdevice.h
+++
For symmetry, we rename tls_offload_context to
tls_offload_context_tx before we add tls_offload_context_rx.
Signed-off-by: Boris Pismenny
---
.../net/ethernet/mellanox/mlx5/core/en_accel/tls.h | 6 +++---
include/net/tls.h | 16 +++---
This patch splits tls_sw_release_resources_rx into two functions one
which releases all inner software tls structures and another that also
frees the containing structure.
In TLS_DEVICE we will need to release the software structures without
freeeing the containing structure, which contains other
Implement the TLS rx offload data path according to the
requirements of the TLS generic NIC offload infrastructure.
Special metadata ethertype is used to pass information to
the hardware.
When hardware loses synchronization a special resync request
metadata message is used to request resync.
From: Ilya Lesokhin
This patch adds a netdev feature to configure TLS RX inline crypto offload.
Signed-off-by: Ilya Lesokhin
Signed-off-by: Boris Pismenny
---
include/linux/netdev_features.h | 2 ++
net/core/ethtool.c | 1 +
2 files changed, 3 insertions(+)
diff --git
This patch allows tls_set_sw_offload to fill the context in case it was
already allocated previously.
We will use it in TLS_DEVICE to fill the RX software context.
Signed-off-by: Boris Pismenny
---
net/tls/tls_sw.c | 34 ++
1 file changed, 22 insertions(+), 12
For symmetry, we rename mlx5e_tls_offload_context to
mlx5e_tls_offload_context_tx before we add mlx5e_tls_offload_context_rx.
Signed-off-by: Boris Pismenny
Reviewed-by: Aviad Yehezkel
Reviewed-by: Tariq Toukan
---
drivers/net/ethernet/mellanox/mlx5/core/en_accel/tls.c | 2 +-
zerocopy_from_iter iterates over the message, but it doesn't revert the
updates made by the iov iteration. This patch fixes it. Now, the iov can
be used after calling zerocopy_from_iter.
Fixes: 3c4d75591 ("tls: kernel TLS support")
Signed-off-by: Boris Pismenny
---
net/tls/tls_sw.c | 8 +---
Prevent coalescing of decrypted and encrypted SKBs in GRO
and TCP layer.
Signed-off-by: Boris Pismenny
Signed-off-by: Ilya Lesokhin
---
net/ipv4/tcp_input.c | 12
net/ipv4/tcp_offload.c | 3 +++
2 files changed, 15 insertions(+)
diff --git a/net/ipv4/tcp_input.c
On Thu, 12 Jul 2018 14:48:23 -0700
dsah...@kernel.org wrote:
> @@ -4388,6 +4388,13 @@ static int ip6_route_multipath_add(struct fib6_config
> *cfg,
> rt = NULL;
> goto cleanup;
> }
> + if (!rt6_qualify_for_ecmp(rt)) {
> +
Commit 8b7008620b84 ("net: Don't copy pfmemalloc flag in
__copy_skb_header()") introduced a different handling for the
pfmemalloc flag in copy and clone paths.
In __skb_clone(), now, the flag is set only if it was set in the
original skb, but not cleared if it wasn't. This is wrong and
might lead
Hi,
2018-07-13 20:02 GMT+09:00 Ka-Cheong Poon :
> There are many data structures (RDS socket options) used by RDS apps
> which use a 32 bit integer to store IP address. To support IPv6,
> struct in6_addr needs to be used. To ensure backward compatibility, a
> new data structure is introduced for
On Tue, Jul 10, 2018 at 08:02:10PM +0300, Vlad Buslov wrote:
>
> On Tue 10 Jul 2018 at 13:55, Simon Horman wrote:
> > On Mon, Jul 09, 2018 at 01:29:11PM +0300, Vlad Buslov wrote:
> >> Extend struct tcf_walker with additional 'cookie' field. It is intended to
> >> be used by classifier walk
On Thu, 12 Jul 2018 23:10:28 +0300 Or Gerlitz wrote:
> On Wed, Jul 11, 2018 at 11:06 PM, Jesper Dangaard Brouer
> wrote:
>
> > Well, I would prefer you to implement those. I just did a quick
> > implementation (its trivially easy) so I have something to benchmark
> > with. The performance
There are many data structures (RDS socket options) used by RDS apps
which use a 32 bit integer to store IP address. To support IPv6,
struct in6_addr needs to be used. To ensure backward compatibility, a
new data structure is introduced for each of those data structures
which use a 32 bit integer
This patch changes the internal representation of an IP address to use
struct in6_addr. IPv4 address is stored as an IPv4 mapped address.
All the functions which take an IP address as argument are also
changed to use struct in6_addr. But RDS socket layer is not modified
such that it still does
This patch enables RDS to use IPv6 addresses. For RDS/TCP, the
listener is now an IPv6 endpoint which accepts both IPv4 and IPv6
connection requests. RDS/RDMA/IB uses a private data (struct
rds_ib_connect_private) exchange between endpoints at RDS connection
establishment time to support RDMA.
This patch set adds IPv6 support to the kernel RDS and related
modules. Existing RDS apps using IPv4 address continue to run without
any problem. New RDS apps which want to use IPv6 address can do so by
passing the address in struct sockaddr_in6 to bind(), connect() or
sendmsg(). And those apps
> This is used to differentiate when auto adjust is used and when user has set
> the MTU.
> As I already said everything is working as expected and you should not
> remove this code.
>
I see, thank you, and sorry for the noise.
-R
The plusb module appears to be not maintained.
I would like to submit a patch for the PL2501 device;
> lsusb | grep PL2501
Bus 001 Device 053: ID 067b:2501 Prolific Technology, Inc. PL2501
USB-USB Bridge (USB 2.0)
There have been patches previously submitted for this device but they
have
This patch changes the TC_ACT_REDIRECT code path to allow
providing the redirect parameters via the tcf_result argument.
Such union is expanded to host the redirect device, the redirect
direction (ingress/egress) and the stats to be updated on error
conditions.
Actions/classifiers using
Only cls_bpf and act_bpf can safely use such value. If a generic
action is configured by user space to return TC_ACT_REDIRECT,
the usually visible behavior is passing the skb up the stack - as
for unknown action, but, with complex configuration, more random
results can be obtained.
This patch
When mirred is invoked from the ingress path, and it wants to redirect
the processed packet, it can now use the ACT_REDIRECT action,
filling the tcf_result accordingly.
This avoids a skb_clone() in the TC S/W data path giving a ~10%
improvement in forwarding performances. Overall TC S/W
Each lockless action currently does its own RCU locking in ->act().
This is allows using plain RCU accessor, even if the context
is really RCU BH.
This change drops the per action RCU lock, replace the accessors
with _bh variant, cleans up a bit the surronding code and documents
the RCU status in
This series is aimed at improving the act_mirred redirect performances.
Such action is used by OVS to represent TC S/W flows, and it's current largest
bottle-neck is the need for a skb_clone() for each packet.
The first 2 patches introduce some cleanup and safeguards to allow changing the
On 13/07/18 12:11, Li,Rongqing wrote:
>
>
>> -邮件原件-
>> 发件人: Nikolay Aleksandrov [mailto:niko...@cumulusnetworks.com]
>> 发送时间: 2018年7月13日 16:01
>> 收件人: Li,Rongqing ; netdev@vger.kernel.org
>> 主题: Re: [PATCH][net-next] bridge: clean up mtu_set_by_user setting to
>> false and comments
>>
>>
This patch adds support for IGMPMSG_WRVIFWHOLE which is used to pass
full packet and real vif id when the incoming interface is wrong.
While the RP and FHR are setting up state we need to be sending the
registers encapsulated with all the data inside otherwise we lose it.
The RP then decapsulates
> -邮件原件-
> 发件人: Nikolay Aleksandrov [mailto:niko...@cumulusnetworks.com]
> 发送时间: 2018年7月13日 16:01
> 收件人: Li,Rongqing ; netdev@vger.kernel.org
> 主题: Re: [PATCH][net-next] bridge: clean up mtu_set_by_user setting to
> false and comments
>
> On 13/07/18 09:47, Li RongQing wrote:
> > Once
Hy Tobin,
> Add '::' before code snippets and indent all snippets uniformly starting
> with 2 spaces.
Just FYI about reST Markup (no need to fix anything in your patch).
You can also add '::' (the markup for literal blocks) at the last line of the
previous paragraph, e.g:
---
Booting a VM
On 13/07/18 09:47, Li RongQing wrote:
> Once mtu_set_by_user is set to true, br_mtu_auto_adjust will
> not run, and no chance to clear mtu_set_by_user.
>
^^
This was by design, there is no error here and no "cleanup" is needed.
If you read the ndo_change_mtu() call you'll see the comment:
/* this
gro_hash size is 192 bytes, and uses 3 cache lines, if there is few
flows, gro_hash may be not fully used, so it is unnecessary to iterate
all gro_hash in napi_gro_flush(), to occupy unnecessary cacheline.
convert gro_count to a bitmask, and rename it as gro_bitmask, each bit
represents a element
Once mtu_set_by_user is set to true, br_mtu_auto_adjust will
not run, and no chance to clear mtu_set_by_user.
and br_mtu_auto_adjust will run only if mtu_set_by_user is
false, so not need to set it to false again
Cc: Nikolay Aleksandrov
Signed-off-by: Li RongQing
---
net/bridge/br_device.c |
On Wed, Jul 11, 2018 at 12:33 PM Marcelo Ricardo Leitner
wrote:
>
> On Tue, Jul 10, 2018 at 07:25:53PM -0700, Cong Wang wrote:
> > On Mon, Jul 9, 2018 at 2:40 PM Marcelo Ricardo Leitner
> > wrote:
> > >
> > > On Mon, Jul 09, 2018 at 05:03:31PM -0400, Michel Machado wrote:
> > > >Changing
101 - 136 of 136 matches
Mail list logo