| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20190605211143.29689-1-jakub.kicinski@netronome.com>
Date: Wed, 5 Jun 2019 14:11:30 -0700
From: Jakub Kicinski <jakub.kicinski@...ronome.com>
To: davem@...emloft.net
Cc: netdev@...r.kernel.org, oss-drivers@...ronome.com,
alexei.starovoitov@...il.com,
Jakub Kicinski <jakub.kicinski@...ronome.com>
Subject: [PATCH net-next 00/13] nfp: tls: add basic TX offload
Hi!
This series adds initial TLS offload support to the nfp driver.
Only TX side is added for now. We need minor adjustments to
the core tls code:
- expose the per-skb fallback helper;
- grow the driver context slightly;
- add a helper to get to the driver state more easily.
We only support TX offload for now, and only if all packets
keep coming in order. For retransmissions we use the
aforementioned software fallback, and in case there are
local drops we completely give up on given TCP stream.
This will obviously be improved soon, this patch set is the
minimal, functional yet easily reviewable chunk.
Dirk van der Merwe (3):
net/tls: export TLS per skb encryption
nfp: tls: add datapath support for TLS TX
nfp: tls: add/delete TLS TX connections
Jakub Kicinski (10):
nfp: count all failed TX attempts as errors
nfp: make bar_lock a semaphore
nfp: parse the mailbox cmsg TLV
nfp: add support for sending control messages via mailbox
nfp: parse crypto opcode TLV
nfp: add tls init code
nfp: prepare for more TX metadata prepend
net/tls: split the TLS_DRIVER_STATE_SIZE and bump TX to 16 bytes
net/tls: simplify driver context retrieval
nfp: tls: add basic statistics
drivers/net/ethernet/netronome/Kconfig | 1 +
drivers/net/ethernet/netronome/nfp/Makefile | 6 +
drivers/net/ethernet/netronome/nfp/ccm.c | 3 -
drivers/net/ethernet/netronome/nfp/ccm.h | 48 +-
drivers/net/ethernet/netronome/nfp/ccm_mbox.c | 591 ++++++++++++++++++
.../ethernet/netronome/nfp/crypto/crypto.h | 23 +
.../net/ethernet/netronome/nfp/crypto/fw.h | 82 +++
.../net/ethernet/netronome/nfp/crypto/tls.c | 429 +++++++++++++
drivers/net/ethernet/netronome/nfp/nfp_net.h | 48 +-
.../ethernet/netronome/nfp/nfp_net_common.c | 147 ++++-
.../net/ethernet/netronome/nfp/nfp_net_ctrl.c | 15 +
.../net/ethernet/netronome/nfp/nfp_net_ctrl.h | 21 +
.../ethernet/netronome/nfp/nfp_net_ethtool.c | 16 +-
include/net/tls.h | 32 +-
net/tls/tls_device_fallback.c | 6 +
15 files changed, 1421 insertions(+), 47 deletions(-)
create mode 100644 drivers/net/ethernet/netronome/nfp/ccm_mbox.c
create mode 100644 drivers/net/ethernet/netronome/nfp/crypto/crypto.h
create mode 100644 drivers/net/ethernet/netronome/nfp/crypto/fw.h
create mode 100644 drivers/net/ethernet/netronome/nfp/crypto/tls.c
--
2.21.0
Powered by blists - more mailing lists