[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20200308.211641.1162682781638307360.davem@davemloft.net>
Date: Sun, 08 Mar 2020 21:16:41 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: rohitm@...lsio.com
Cc: borisp@...lanox.com, netdev@...r.kernel.org,
herbert@...dor.apana.org.au, kuba@...nel.org, secdev@...lsio.com,
varun@...lsio.com
Subject: Re: [PATCH net-next v4 0/6] cxgb4/chcr: ktls tx ofld support on T6
adapter
From: Rohit Maheshwari <rohitm@...lsio.com>
Date: Sat, 7 Mar 2020 20:06:02 +0530
> This series of patches add support for kernel tls offload in Tx direction,
> over Chelsio T6 NICs. SKBs marked as decrypted will be treated as tls plain
> text packets and then offloaded to encrypt using network device (chelsio T6
> adapter).
>
> This series is broken down as follows:
>
> Patch 1 defines a new macro and registers tls_dev_add and tls_dev_del
> callbacks. When tls_dev_add gets called we send a connection request to
> our hardware and to make HW understand about tls offload. Its a partial
> connection setup and only ipv4 part is done.
>
> Patch 2 handles the HW response of the connection request and then we
> request to update TCB and handle it's HW response as well. Also we save
> crypto key locally. Only supporting TLS_CIPHER_AES_GCM_128_KEY_SIZE.
>
> Patch 3 handles tls marked skbs (decrypted bit set) and sends it to ULD for
> crypto handling. This code has a minimal portion of tx handler, to handle
> only one complete record per skb.
>
> Patch 4 hanldes partial end part of records. Also added logic to handle
> multiple records in one single skb. It also adds support to send out tcp
> option(/s) if exists in skb. If a record is partial but has end part of a
> record, we'll fetch complete record and then only send it to HW to generate
> HASH on complete record.
>
> Patch 5 handles partial first or middle part of record, it uses AES_CTR to
> encrypt the partial record. If we are trying to send middle record, it's
> start should be 16 byte aligned, so we'll fetch few earlier bytes from the
> record and then send it to HW for encryption.
>
> Patch 6 enables ipv6 support and also includes ktls startistics.
>
> v1->v2:
> - mark tcb state to close in tls_dev_del.
> - u_ctx is now picked from adapter structure.
> - clear atid in case of failure.
> - corrected ULP_CRYPTO_KTLS_INLINE value.
> - optimized tcb update using control queue.
> - state machine handling when earlier states received.
> - chcr_write_cpl_set_tcb_ulp function is shifted to patch3.
> - un-necessary updating left variable.
>
> v2->v3:
> - add empty line after variable declaration.
> - local variable declaration in reverse christmas tree ordering.
>
> v3->v4:
> - replaced kfree_skb with dev_kfree_skb_any.
> - corrected error message reported by kbuild test robot <lkp@...el.com>
> - mss calculation logic.
> - correct place for Alloc skb check.
> - Replaced atomic_t with atomic64_t
> - added few more statistics counters.
Series applied, thank you.
Powered by blists - more mailing lists