| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 6 Feb 2022 17:36:09 +0200
From: Ido Schimmel <idosch@...dia.com>
To: netdev@...r.kernel.org
Cc: davem@...emloft.net, kuba@...nel.org, petrm@...dia.com,
danieller@...dia.com, mlxsw@...dia.com,
Ido Schimmel <idosch@...dia.com>
Subject: [PATCH net-next 0/4] mlxsw: Add SIP and DIP mangling support
Danielle says:
On Spectrum-2 onwards, it is possible to overwrite SIP and DIP address
of an IPv4 or IPv6 packet in the ACL engine. That corresponds to pedit
munges of, respectively, ip src and ip dst fields, and likewise for ip6.
Offload these munges on the systems where they are supported.
Patchset overview:
Patch #1: introduces SIP_DIP_ACTION and its fields.
Patch #2-#3: adds the new pedit fields, and dispatches on them on
Spectrum-2 and above.
Patch #4 adds a selftest.
Danielle Ratson (4):
mlxsw: core_acl_flex_actions: Add SIP_DIP_ACTION
mlxsw: Support FLOW_ACTION_MANGLE for SIP and DIP IPv4 addresses
mlxsw: Support FLOW_ACTION_MANGLE for SIP and DIP IPv6 addresses
selftests: forwarding: Add a test for pedit munge SIP and DIP
.../mellanox/mlxsw/core_acl_flex_actions.c | 77 +++++++
.../mellanox/mlxsw/core_acl_flex_actions.h | 3 +
.../net/ethernet/mellanox/mlxsw/spectrum.h | 25 ++-
.../ethernet/mellanox/mlxsw/spectrum_acl.c | 91 +++++++-
.../ethernet/mellanox/mlxsw/spectrum_flower.c | 6 +
.../selftests/net/forwarding/pedit_ip.sh | 201 ++++++++++++++++++
6 files changed, 394 insertions(+), 9 deletions(-)
create mode 100755 tools/testing/selftests/net/forwarding/pedit_ip.sh
--
2.33.1
Powered by blists - more mailing lists