lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20190116030659.27755-1-jakub.kicinski@netronome.com>
Date:   Tue, 15 Jan 2019 19:06:50 -0800
From:   Jakub Kicinski <jakub.kicinski@...ronome.com>
To:     davem@...emloft.net
Cc:     oss-drivers@...ronome.com, netdev@...r.kernel.org,
        Jakub Kicinski <jakub.kicinski@...ronome.com>
Subject: [PATCH net-next 0/9] nfp: flower: improve flower resilience

Hi!

This series contains mostly changes which improve nfp flower
offload's resilience, but are too large or risky to push into net.

Fred makes the driver waits for flower FW responses uninterruptible,
and a little longer (~40ms).

Pieter adds support for cards with multiple rule memories.

John reworks the MAC offloads.  He says:
> When potential tunnel end-point MACs are offloaded, they are assigned an
> index. This index may be associated with a port number meaning that if a
> packet matches an offloaded MAC address on the card, then the ingress
> port for that MAC can also be verified. In the case of shared MACs (e.g.
> on a linux bond) there may be situations where this index maps to only
> one of the ports that share the MAC.
> 
> The idea of 'global' MAC indexes are supported that bypass the check on
> ingress port on the NFP. The patchset tracks shared MACs and assigns
> global indexes to these. It also ensures that port based indexes are
> re-applied if a single port becomes the only user of an offloaded MAC.
> 
> Other patches in the set aim to tidy code without changing functionality.
> There is also a delete offload message introduced to ensure that MACs no
> longer in use in kernel space are removed from the firmware lookup tables.

Fred Lotter (1):
  nfp: flower: increase cmesg reply timeout

John Hurley (7):
  nfp: flower: tidy tunnel related private data
  nfp: flower: ignore offload of VF and PF repr MAC addresses
  nfp: flower: remove list infastructure from MAC offload
  nfp: flower: ensure deletion of old offloaded MACs
  nfp: flower: add infastructure for non-repr priv data
  nfp: flower: ensure MAC cleanup on address change
  nfp: flower: enable MAC address sharing for offloadable devs

Pieter Jansen van Vuuren (1):
  nfp: flower: support multiple memory units for filter offloads

 .../net/ethernet/netronome/nfp/flower/cmsg.c  |   2 +-
 .../net/ethernet/netronome/nfp/flower/cmsg.h  |   3 +
 .../net/ethernet/netronome/nfp/flower/main.c  | 109 +++-
 .../net/ethernet/netronome/nfp/flower/main.h  |  89 ++-
 .../net/ethernet/netronome/nfp/flower/match.c |   3 -
 .../ethernet/netronome/nfp/flower/metadata.c  |  27 +-
 .../netronome/nfp/flower/tunnel_conf.c        | 612 +++++++++++-------
 7 files changed, 573 insertions(+), 272 deletions(-)

-- 
2.19.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ