lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Nov 2017 17:06:38 -0800 From: Jakub Kicinski <jakub.kicinski@...ronome.com> To: netdev@...r.kernel.org Cc: oss-drivers@...ronome.com, Jakub Kicinski <jakub.kicinski@...ronome.com> Subject: [PATCH net 0/5] nfp: flower fixes and typo in ethtool stats name Hi! This set comes from the flower offload team. From Pieter we have a fix to the semantics of the flag telling FW whether to allocate or free a mask and correction of a typo in name of one of the MAC statistics (reveive -> received, we use past participle to match HW docs). Dirk fixes propagation of max MTU to representors. John improves VXLAN offload. The old code was not using egress_dev at all, so Jiri missed it in his conversion. The validation of ingress port is still not perfect, we will have to wait for shared block dust to settle to tackle it. This is how John explains the cases: The following example rule is now correctly offloaded in net-next kernel: tc filter add dev vxlan0 ... enc_dst_port 4789 ... skip_sw \ action redirect dev nfp_p0 The following rule will not be offloaded to the NFP (previously it incorrectly matched vxlan packets - it shouldn't as ingress dev is not a vxlan netdev): tc filter add dev nfp_p0 ... enc_dst_port 4789 ... skip_sw \ action redirect dev nfp_p0 Rules that are not matching on tunnels and are an egress offload are rejected. The standard match code assumes the offloaded repr is the ingress port. Rejecting egress offloads removes the chances of false interpretation of the rules on the NFP. A know issue is that the following rule example could still be offloaded and incorrectly match tunnel data: tc filter add dev dummy ... enc_dst_port 4789 ... skip_sw \ action redirect dev nfp_p0 Because the egress register callback does not give information on the ingress netdev, the patch assumes that if it is not a repr then it is the correct tunnel netdev. This may not be the case. The chances of this happening is reduced as it is enforced that the rule match on the well known vxlan port but it is still possible. Dirk van der Merwe (1): nfp: inherit the max_mtu from the PF netdev John Hurley (2): nfp: register flower reprs for egress dev offload nfp: remove false positive offloads in flower vxlan Pieter Jansen van Vuuren (2): nfp: fix flower offload metadata flag usage nfp: fix vlan receive MAC statistics typo drivers/net/ethernet/netronome/nfp/flower/main.c | 18 +++++++++++ drivers/net/ethernet/netronome/nfp/flower/main.h | 5 +-- .../net/ethernet/netronome/nfp/flower/metadata.c | 7 +++-- .../net/ethernet/netronome/nfp/flower/offload.c | 36 ++++++++++++++++++---- drivers/net/ethernet/netronome/nfp/nfp_app.h | 20 ++++++++++++ .../net/ethernet/netronome/nfp/nfp_net_ethtool.c | 2 +- drivers/net/ethernet/netronome/nfp/nfp_net_repr.c | 11 ++++++- drivers/net/ethernet/netronome/nfp/nfp_port.h | 2 +- 8 files changed, 88 insertions(+), 13 deletions(-) -- 2.14.1
Powered by blists - more mailing lists