lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 6 Feb 2022 17:36:09 +0200 From: Ido Schimmel <idosch@...dia.com> To: netdev@...r.kernel.org Cc: davem@...emloft.net, kuba@...nel.org, petrm@...dia.com, danieller@...dia.com, mlxsw@...dia.com, Ido Schimmel <idosch@...dia.com> Subject: [PATCH net-next 0/4] mlxsw: Add SIP and DIP mangling support Danielle says: On Spectrum-2 onwards, it is possible to overwrite SIP and DIP address of an IPv4 or IPv6 packet in the ACL engine. That corresponds to pedit munges of, respectively, ip src and ip dst fields, and likewise for ip6. Offload these munges on the systems where they are supported. Patchset overview: Patch #1: introduces SIP_DIP_ACTION and its fields. Patch #2-#3: adds the new pedit fields, and dispatches on them on Spectrum-2 and above. Patch #4 adds a selftest. Danielle Ratson (4): mlxsw: core_acl_flex_actions: Add SIP_DIP_ACTION mlxsw: Support FLOW_ACTION_MANGLE for SIP and DIP IPv4 addresses mlxsw: Support FLOW_ACTION_MANGLE for SIP and DIP IPv6 addresses selftests: forwarding: Add a test for pedit munge SIP and DIP .../mellanox/mlxsw/core_acl_flex_actions.c | 77 +++++++ .../mellanox/mlxsw/core_acl_flex_actions.h | 3 + .../net/ethernet/mellanox/mlxsw/spectrum.h | 25 ++- .../ethernet/mellanox/mlxsw/spectrum_acl.c | 91 +++++++- .../ethernet/mellanox/mlxsw/spectrum_flower.c | 6 + .../selftests/net/forwarding/pedit_ip.sh | 201 ++++++++++++++++++ 6 files changed, 394 insertions(+), 9 deletions(-) create mode 100755 tools/testing/selftests/net/forwarding/pedit_ip.sh -- 2.33.1
Powered by blists - more mailing lists