lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20171103090344.19444-1-jiri@resnulli.us>
Date:   Fri,  3 Nov 2017 10:03:28 +0100
From:   Jiri Pirko <jiri@...nulli.us>
To:     netdev@...r.kernel.org
Cc:     davem@...emloft.net, petrm@...lanox.com, idosch@...lanox.com,
        mlxsw@...lanox.com
Subject: [patch net-next 00/16] mlxsw: Handle changes in GRE configuration

From: Jiri Pirko <jiri@...lanox.com>

Petr says:

Until now, when an IP tunnel was offloaded by the mlxsw driver, the
offload was pretty much static, and changes in Linux configuration were
not reflected in the hardware. That led to discrepancies between traffic
flows in slow path and fast path. The work-around used to be to remove
all routes that forward to the netdevice and re-add them. This is
clearly suboptimal, but actually, as of the decap-only patchset, it's
not even enough anymore, and one needs to go all the way and simply drop
the tunnel and recreate it correctly.

With this patchset, the NETDEV_CHANGE events that are generated for
changes of up'd tunnel netdevices are captured and interpreted to
correctly reconfigure the HW in accordance with changes requested at the
software layer. In addition, NETDEV_CHANGEUPPER, NETDEV_UP and
NETDEV_DOWN are now handled not only for tunnel devices themselves, but
also for their bound devices. Each change is then translated to one or
more of the following updates to the HW configuration:

- refresh of offload of local route that corresponds to tunnel's local
  address
- refresh of the loopback RIF
- refresh of offloads of routes that forward to the changed tunnel
- removal of tunnel offloads

These tools are used to implement the following configuration changes:

- addition of a new offloadable tunnel with local address that conflicts
  with that of an already-offloaded tunnel (the existing tunnel is
  onloaded, the new one isn't offloaded)
- changes to TTL, TOS that make tunnel unsuitable for offloading
- changes to ikey, okey, remote
- changes to local, which when they cause conflict with another
  tunnel, lead to onloading of both newly-conflicting tunnels
- migration of a bound device of an offloaded tunnel device to a
  different VRF
- changes to what device is bound to a tunnel device (i.e. like what
  "ip tunnel change name g dev another" does)
- changes to up / down state of a bound device. A down bound device
  doesn't forward encapsulated traffic anymore, but decap still works.

This patchset starts with a suite of patches that adapt the existing
code base step by step to facilitate introduction of the offloading
code. The five substantial patches at the end then implement the changes
mentioned above.

Petr Machata (16):
  mlxsw: spectrum: Rename IPIP-related netdevice handlers
  mlxsw: spectrum_router: Extract mlxsw_sp_netdevice_ipip_can_offload()
  mlxsw: spectrum: Move mlxsw_sp_ipip_netdev_{s,d}addr{,4}()
  mlxsw: spectrum_ipip: Split accessor functions
  mlxsw: spectrum_router: Extract mlxsw_sp_ipip_entry_ol_down_event()
  mlxsw: spectrum_router: Make mlxsw_sp_netdevice_ipip_ol_up_event()
    void
  mlxsw: spectrum_router: Extract mlxsw_sp_ipip_entry_ol_up_event()
  mlxsw: spectrum: Propagate extack for tunnel events
  mlxsw: spectrum_router: Extract __mlxsw_sp_ipip_entry_update_tunnel()
  mlxsw: spectrum_router: Generalize
    __mlxsw_sp_ipip_entry_update_tunnel()
  mlxsw: spectrum_router: Fix saddr deduction in
    mlxsw_sp_ipip_entry_create()
  mlxsw: spectrum_router: Onload conflicting tunnels
  mlxsw: spectrum: Support IPIP underlay VRF migration
  mlxsw: spectrum: Handle NETDEV_CHANGE on L3 tunnels
  mlxsw: spectrum_ipip: Handle underlay device change
  mlxsw: spectrum_router: Handle down of tunnel underlay

 drivers/net/ethernet/mellanox/mlxsw/spectrum.c     |   8 +-
 drivers/net/ethernet/mellanox/mlxsw/spectrum.h     |  18 +-
 .../net/ethernet/mellanox/mlxsw/spectrum_ipip.c    | 183 ++++++-
 .../net/ethernet/mellanox/mlxsw/spectrum_ipip.h    |  12 +
 .../net/ethernet/mellanox/mlxsw/spectrum_router.c  | 539 +++++++++++++++------
 .../net/ethernet/mellanox/mlxsw/spectrum_router.h  |  29 +-
 6 files changed, 614 insertions(+), 175 deletions(-)

-- 
2.9.5

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ