| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Jan 2019 19:06:50 -0800
From: Jakub Kicinski <jakub.kicinski@...ronome.com>
To: davem@...emloft.net
Cc: oss-drivers@...ronome.com, netdev@...r.kernel.org,
Jakub Kicinski <jakub.kicinski@...ronome.com>
Subject: [PATCH net-next 0/9] nfp: flower: improve flower resilience
Hi!
This series contains mostly changes which improve nfp flower
offload's resilience, but are too large or risky to push into net.
Fred makes the driver waits for flower FW responses uninterruptible,
and a little longer (~40ms).
Pieter adds support for cards with multiple rule memories.
John reworks the MAC offloads. He says:
> When potential tunnel end-point MACs are offloaded, they are assigned an
> index. This index may be associated with a port number meaning that if a
> packet matches an offloaded MAC address on the card, then the ingress
> port for that MAC can also be verified. In the case of shared MACs (e.g.
> on a linux bond) there may be situations where this index maps to only
> one of the ports that share the MAC.
>
> The idea of 'global' MAC indexes are supported that bypass the check on
> ingress port on the NFP. The patchset tracks shared MACs and assigns
> global indexes to these. It also ensures that port based indexes are
> re-applied if a single port becomes the only user of an offloaded MAC.
>
> Other patches in the set aim to tidy code without changing functionality.
> There is also a delete offload message introduced to ensure that MACs no
> longer in use in kernel space are removed from the firmware lookup tables.
Fred Lotter (1):
nfp: flower: increase cmesg reply timeout
John Hurley (7):
nfp: flower: tidy tunnel related private data
nfp: flower: ignore offload of VF and PF repr MAC addresses
nfp: flower: remove list infastructure from MAC offload
nfp: flower: ensure deletion of old offloaded MACs
nfp: flower: add infastructure for non-repr priv data
nfp: flower: ensure MAC cleanup on address change
nfp: flower: enable MAC address sharing for offloadable devs
Pieter Jansen van Vuuren (1):
nfp: flower: support multiple memory units for filter offloads
.../net/ethernet/netronome/nfp/flower/cmsg.c | 2 +-
.../net/ethernet/netronome/nfp/flower/cmsg.h | 3 +
.../net/ethernet/netronome/nfp/flower/main.c | 109 +++-
.../net/ethernet/netronome/nfp/flower/main.h | 89 ++-
.../net/ethernet/netronome/nfp/flower/match.c | 3 -
.../ethernet/netronome/nfp/flower/metadata.c | 27 +-
.../netronome/nfp/flower/tunnel_conf.c | 612 +++++++++++-------
7 files changed, 573 insertions(+), 272 deletions(-)
--
2.19.2
Powered by blists - more mailing lists