| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Feb 2017 10:57:55 +0100
From: Steffen Klassert <steffen.klassert@...unet.com>
To: <netdev@...r.kernel.org>
CC: Steffen Klassert <steffen.klassert@...unet.com>,
David Miller <davem@...emloft.net>,
Eric Dumazet <eric.dumazet@...il.com>,
Ilan Tayari <ilant@...lanox.com>,
Sowmini Varadhan <sowmini.varadhan@...cle.com>
Subject: [PATCH RFC v2 ipsec-next 0/6] IPsec GRO layer decapsulation
This patchset adds a software GRO codepath for IPsec ESP.
The ESP gro_receive callback functions decapsulate the
ESP packets at the GRO layer and reinject them back with
gro_cells_receive(). This saves a complete round through
the stack for IPsec ESP packets.
We also need this for ESP HW offload, because HW decrypt but
does not decapsulate the packet. We need to decapsulate before
the inbound policy check, otherwise this check will fail.
Patches 2 an 3 prepare the generic code for packet consuming
gro callbacks.
Changes from v1:
- Add the 'xfrm: Extend the sec_path for IPsec offloading'
patch and use the secpath to encode GRO calls.
- Coding style fixes.
Powered by blists - more mailing lists