| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAAeCc_=SDXKA6DyS=kBr0TZMxixfnXzK-V9ZW7OUGK3swJKdDA@mail.gmail.com>
Date: Fri, 15 Nov 2024 15:46:35 +0530
From: Bharat Bhushan <bharatb.linux@...il.com>
To: Paolo Abeni <pabeni@...hat.com>
Cc: Bharat Bhushan <bbhushan2@...vell.com>, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, sgoutham@...vell.com, gakula@...vell.com,
sbhatta@...vell.com, hkelam@...vell.com, davem@...emloft.net,
edumazet@...gle.com, kuba@...nel.org, jerinj@...vell.com,
lcherian@...vell.com, ndabilpuram@...vell.com, sd@...asysnail.net
Subject: Re: [net-next PATCH v9 6/8] cn10k-ipsec: Process outbound ipsec
crypto offload
On Tue, Nov 12, 2024 at 6:20 PM Paolo Abeni <pabeni@...hat.com> wrote:
>
> > @@ -32,6 +33,16 @@ static bool otx2_xdp_rcv_pkt_handler(struct otx2_nic *pfvf,
> > struct otx2_cq_queue *cq,
> > bool *need_xdp_flush);
> >
> > +static void otx2_sq_set_sqe_base(struct otx2_snd_queue *sq,
> > + struct sk_buff *skb)
> > +{
> > + if (unlikely(xfrm_offload(skb)))
> > + sq->sqe_base = sq->sqe_ring->base + sq->sqe_size +
> > + (sq->head * (sq->sqe_size * 2));
>
> Not blocking, but I don't think the unlikely() is appropriate here and
> below. Some workloads will definitely see more ipsec encrypted packets
> than unencrypted ones.
Idea is to give priority to plane packets, so added unlikely.
>
> Perhaps you could protect such checks with a static_branch enabled when
> at least a SA is configured.
This is a good idea, will add static_branch when at least a SA is configured.
Thanks
-Bharat
>
> /P
>
>
Powered by blists - more mailing lists