lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20171215091308.23626-1-steffen.klassert@secunet.com>
Date:   Fri, 15 Dec 2017 10:13:03 +0100
From:   Steffen Klassert <steffen.klassert@...unet.com>
To:     <netdev@...r.kernel.org>
CC:     Steffen Klassert <steffen.klassert@...unet.com>
Subject: [PATCH RFC v2 0/5] Support asynchronous crypto for IPsec GSO.

This patchset implements asynchronous crypto handling
in the layer 2 TX path. With this we can allow IPsec
ESP GSO for software crypto. This also merges the IPsec
GSO and non-GSO paths to both use validate_xmit_xfrm().

1) Separate ESP handling from segmentation for GRO packets.
   This unifies the IPsec GSO and non GSO codepath.

2) Add asynchronous callbacks for xfrm on layer 2. This
   adds the necessary infrastructure to core networking.

3) Allow to use the layer2 IPsec GSO codepath for software
   crypto, all infrastructure is there now.

4) Also allow IPsec GSO with software crypto for local sockets.

5) Don't require synchronous crypto fallback on IPsec offloading,
   it is not needed anymore.

I plan to merge this to ipsec-next during this development cycle.

Changes from v1:

- Resolve conflicts with the lockless qdisc patchset.

- Fix compilation error when CONFIG_XFRM is not set.

- Order local local variables of new functions in reverse christmas
  tree ordering.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ