| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 16 Aug 2022 13:37:48 +0300
From: Leon Romanovsky <leon@...nel.org>
To: Steffen Klassert <steffen.klassert@...unet.com>,
"David S . Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Saeed Mahameed <saeedm@...dia.com>
Cc: Leon Romanovsky <leonro@...dia.com>,
Eric Dumazet <edumazet@...gle.com>, netdev@...r.kernel.org,
Paolo Abeni <pabeni@...hat.com>, Raed Salem <raeds@...dia.com>,
ipsec-devel <devel@...ux-ipsec.org>
Subject: [PATCH xfrm-next 00/26] mlx5 IPsec full offload part
From: Leon Romanovsky <leonro@...dia.com>
Hi,
This is supplementary part of "Extend XFRM core to allow full offload configuration"
series https://lore.kernel.org/all/cover.1660639789.git.leonro@nvidia.com
The series starts from very basic cleanup, continues with code alignment and
adds IPsec full offload logic to mlx5 driver.
Thanks
Leon Romanovsky (25):
net/mlx5: Delete esp_id field that is not used
net/mlx5: Add HW definitions for IPsec full offload
net/mlx5: Remove from FPGA IFC file not-needed definitions
net/mlx5e: Advertise IPsec full offload support
net/mlx5e: Store replay window in XFRM attributes
net/mlx5e: Remove extra layers of defines
net/mlx5e: Create symmetric IPsec RX and TX flow steering structs
net/mlx5e: Use mlx5 print routines for low level IPsec code
net/mlx5e: Remove accesses to priv for low level IPsec FS code
net/mlx5e: Validate that IPsec full offload can handle packets
net/mlx5e: Create Advanced Steering Operation object for IPsec
net/mlx5e: Create hardware IPsec full offload objects
net/mlx5e: Move IPsec flow table creation to separate function
net/mlx5e: Refactor FTE setup code to be more clear
net/mlx5e: Flatten the IPsec RX add rule path
net/mlx5e: Make clear what IPsec rx_err does
net/mlx5e: Group IPsec miss handles into separate struct
net/mlx5e: Generalize creation of default IPsec miss group and rule
net/mlx5e: Create IPsec policy offload tables
net/mlx5e: Add XFRM policy offload logic
net/mlx5e: Use same coding pattern for Rx and Tx flows
net/mlx5e: Configure IPsec full offload flow steering
net/mlx5e: Improve IPsec flow steering autogroup
net/mlx5e: Skip IPsec encryption for TX path without matching policy
net/mlx5e: Open mlx5 driver to accept IPsec full offload
Raed Salem (1):
net/mlx5e: Add statistics for Rx/Tx IPsec offloaded flows
.../net/ethernet/mellanox/mlx5/core/en/fs.h | 3 +-
.../mellanox/mlx5/core/en_accel/ipsec.c | 209 +++-
.../mellanox/mlx5/core/en_accel/ipsec.h | 93 +-
.../mellanox/mlx5/core/en_accel/ipsec_fs.c | 1066 ++++++++++++-----
.../mlx5/core/en_accel/ipsec_offload.c | 81 +-
.../mellanox/mlx5/core/en_accel/ipsec_stats.c | 52 +
.../ethernet/mellanox/mlx5/core/en_stats.c | 1 +
.../ethernet/mellanox/mlx5/core/en_stats.h | 1 +
.../net/ethernet/mellanox/mlx5/core/fs_core.c | 6 +-
include/linux/mlx5/fs.h | 5 +-
include/linux/mlx5/mlx5_ifc.h | 71 +-
include/linux/mlx5/mlx5_ifc_fpga.h | 24 -
12 files changed, 1223 insertions(+), 389 deletions(-)
--
2.37.2
Powered by blists - more mailing lists