| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e03fbb80-2f44-465b-9152-d85302b9454a@redhat.com>
Date: Tue, 12 Nov 2024 13:48:57 +0100
From: Paolo Abeni <pabeni@...hat.com>
To: Bharat Bhushan <bbhushan2@...vell.com>, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, sgoutham@...vell.com, gakula@...vell.com,
sbhatta@...vell.com, hkelam@...vell.com, davem@...emloft.net,
edumazet@...gle.com, kuba@...nel.org, jerinj@...vell.com,
lcherian@...vell.com, ndabilpuram@...vell.com, sd@...asysnail.net
Subject: Re: [net-next PATCH v9 6/8] cn10k-ipsec: Process outbound ipsec
crypto offload
> @@ -32,6 +33,16 @@ static bool otx2_xdp_rcv_pkt_handler(struct otx2_nic *pfvf,
> struct otx2_cq_queue *cq,
> bool *need_xdp_flush);
>
> +static void otx2_sq_set_sqe_base(struct otx2_snd_queue *sq,
> + struct sk_buff *skb)
> +{
> + if (unlikely(xfrm_offload(skb)))
> + sq->sqe_base = sq->sqe_ring->base + sq->sqe_size +
> + (sq->head * (sq->sqe_size * 2));
Not blocking, but I don't think the unlikely() is appropriate here and
below. Some workloads will definitely see more ipsec encrypted packets
than unencrypted ones.
Perhaps you could protect such checks with a static_branch enabled when
at least a SA is configured.
/P
Powered by blists - more mailing lists