lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Feb 2017 10:57:55 +0100 From: Steffen Klassert <steffen.klassert@...unet.com> To: <netdev@...r.kernel.org> CC: Steffen Klassert <steffen.klassert@...unet.com>, David Miller <davem@...emloft.net>, Eric Dumazet <eric.dumazet@...il.com>, Ilan Tayari <ilant@...lanox.com>, Sowmini Varadhan <sowmini.varadhan@...cle.com> Subject: [PATCH RFC v2 ipsec-next 0/6] IPsec GRO layer decapsulation This patchset adds a software GRO codepath for IPsec ESP. The ESP gro_receive callback functions decapsulate the ESP packets at the GRO layer and reinject them back with gro_cells_receive(). This saves a complete round through the stack for IPsec ESP packets. We also need this for ESP HW offload, because HW decrypt but does not decapsulate the packet. We need to decapsulate before the inbound policy check, otherwise this check will fail. Patches 2 an 3 prepare the generic code for packet consuming gro callbacks. Changes from v1: - Add the 'xfrm: Extend the sec_path for IPsec offloading' patch and use the secpath to encode GRO calls. - Coding style fixes.
Powered by blists - more mailing lists