| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 15 May 2016 16:42:21 -0700
From: Tom Herbert <tom@...bertland.com>
To: <davem@...emloft.net>, <netdev@...r.kernel.org>
CC: <kernel-team@...com>
Subject: [PATCH v5 net-next 00/14] ipv6: Enable GUEoIPv6 and more fixes for v6 tunneling
This patch set:
- Fixes GRE6 to process translate flags correctly from configuration
- Adds support for GSO and GRO for ip6ip6 and ip4ip6
- Add support for FOU and GUE in IPv6
- Support GRE, ip6ip6 and ip4ip6 over FOU/GUE
- Fixes ip6_input to deal with UDP encapsulations
- Some other minor fixes
v2:
- Removed a check of GSO types in MPLS
- Define GSO type SKB_GSO_IPXIP6 and SKB_GSO_IPXIP4 (based on input
from Alexander)
- Don't define GSO types specifically for IP6IP6 and IP4IP6, above
fix makes that unnecessary
- Don't bother clearing encapsulation flag in UDP tunnel segment
(another item suggested by Alexander).
v3:
- Address some minor comments from Alexander
v4:
- Rebase on changes to fix IP TX tunnels
- Fix MTU issues in ip4ip6, ip6ip6
- Add test data for above
v5:
- Address feedback from Shmulik Ladkani regarding extension header
code that does not return next header but in instead relies
on returning value via nhoff. Solution here is to fix EH
processing to return nexthdr value.
- Refactored IPv4 encaps so that we won't need to create
a ip6_tunnel_core.c when adding encap support IPv6.
Tested:
Tested a variety of case, but not the full matrix (which is quite
large now). Most of the obvious cases (e.g. GRE) work fine. Still
some issues probably with GSO/GRO being effective in all cases.
- IPv4/GRE/GUE/IPv6 with RCO
1 TCP_STREAM
6616 Mbps
200 TCP_RR
1244043 tps
141/243/446 90/95/99% latencies
86.61% CPU utilization
- IPv6/GRE/GUE/IPv6 with RCO
1 TCP_STREAM
6940 Mbps
200 TCP_RR
1270903 tps
138/236/440 90/95/99% latencies
87.51% CPU utilization
- IP6IP6
1 TCP_STREAM
2576 Mbps
200 TCP_RR
498981 tps
388/498/631 90/95/99% latencies
19.75% CPU utilization (1 CPU saturated)
- IP6IP6/GUE with RCO
1 TCP_STREAM
2031 Mbps
200 TCP_RR
1233818 tps
143/244/451 90/95/99% latencies
87.57 CPU utilization
- IP4IP6
1 TCP_STREAM
2371 Mbps
200 TCP_RR
763774 tps
250/318/466 90/95/99% latencies
35.25% CPU utilization (1 CPU saturated)
- IP4IP6/GUE with RCO
1 TCP_STREAM
2054 Mbps
200 TCP_RR
1196385 tps
148/251/460 90/95/99% latencies
87.56 CPU utilization
- GRE with keyid
200 TCP_RR
744173 tps
258/332/461 90/95/99% latencies
34.59% CPU utilization (1 CPU saturated)
Tom Herbert (14):
gso: Remove arbitrary checks for unsupported GSO
net: define gso types for IPx over IPv4 and IPv6
ipv6: Fix nexthdr for reinjection
ipv6: Change "final" protocol processing for encapsulation
net: Cleanup encap items in ip_tunnels.h
fou: Call setup_udp_tunnel_sock
fou: Split out {fou,gue}_build_header
fou: Support IPv6 in fou
ip6_tun: Add infrastructure for doing encapsulation
fou: Add encap ops for IPv6 tunnels
ip6_gre: Add support for fou/gue encapsulation
ip6_tunnel: Add support for fou/gue encapsulation
ip6ip6: Support for GSO/GRO
ip4ip6: Support for GSO/GRO
drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c | 5 +-
drivers/net/ethernet/broadcom/bnxt/bnxt.c | 4 +-
drivers/net/ethernet/intel/i40e/i40e_main.c | 3 +-
drivers/net/ethernet/intel/i40e/i40e_txrx.c | 3 +-
drivers/net/ethernet/intel/i40evf/i40e_txrx.c | 3 +-
drivers/net/ethernet/intel/i40evf/i40evf_main.c | 3 +-
drivers/net/ethernet/intel/igb/igb_main.c | 3 +-
drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 3 +-
drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 3 +-
include/linux/netdev_features.h | 12 +-
include/linux/netdevice.h | 4 +-
include/linux/skbuff.h | 4 +-
include/net/fou.h | 10 +-
include/net/inet_common.h | 5 +
include/net/ip6_tunnel.h | 58 ++++++++
include/net/ip_tunnels.h | 76 +++++++---
net/core/ethtool.c | 4 +-
net/ipv4/af_inet.c | 32 ++---
net/ipv4/fou.c | 144 +++++++++++--------
net/ipv4/gre_offload.c | 14 --
net/ipv4/ip_tunnel.c | 45 ------
net/ipv4/ip_tunnel_core.c | 9 ++
net/ipv4/ipip.c | 2 +-
net/ipv4/tcp_offload.c | 19 ---
net/ipv4/udp_offload.c | 10 --
net/ipv6/Makefile | 1 +
net/ipv6/fou6.c | 140 ++++++++++++++++++
net/ipv6/ip6_gre.c | 77 +++++++++-
net/ipv6/ip6_input.c | 33 ++++-
net/ipv6/ip6_offload.c | 77 +++++++---
net/ipv6/ip6_tunnel.c | 167 ++++++++++++++++++++--
net/ipv6/sit.c | 4 +-
net/ipv6/udp_offload.c | 13 --
net/mpls/mpls_gso.c | 9 --
net/netfilter/ipvs/ip_vs_xmit.c | 17 +--
35 files changed, 718 insertions(+), 298 deletions(-)
create mode 100644 net/ipv6/fou6.c
--
2.8.0.rc2
Powered by blists - more mailing lists