| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20230329100557.40890e35@kernel.org>
Date: Wed, 29 Mar 2023 10:05:57 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Dima Chumak <dchumak@...dia.com>
Cc: "David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Paolo Abeni <pabeni@...hat.com>, Jiri Pirko <jiri@...nulli.us>,
Leon Romanovsky <leon@...nel.org>,
Saeed Mahameed <saeedm@...dia.com>, netdev@...r.kernel.org
Subject: Re: [PATCH net-next 0/4] devlink: Add port function attributes to
enable/disable IPsec crypto and packet offloads
On Wed, 29 Mar 2023 09:42:51 +0200 Dima Chumak wrote:
> > Is it fine grained? How many keys can each VF allocate?
>
> When I referred to "fine grained" control, I was talking about the
> different types of IPsec offload (crypto and packet offload) in the
> software stack. Specifically, the ip xfrm command has sub-commands for
> "state" and "policy" that have an "offload" parameter. With ip xfrm
> state, both crypto and packet offload types are supported, while ip xfrm
> policy can only be offloaded in packet mode.
>
> The goal is to provide a similar level of granularity for controlling VF
> IPsec offload capabilities, which would be consistent with the software
> model. This will allow users to decide if they want both types of
> offload enabled for a VF, just one of them, or none at all (which is the
> default).
Ack, please add a reference or explanation somewhere and fix
the posting.
Powered by blists - more mailing lists