| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <cover.1680162300.git.leonro@nvidia.com>
Date: Thu, 30 Mar 2023 11:02:21 +0300
From: Leon Romanovsky <leon@...nel.org>
To: Paolo Abeni <pabeni@...hat.com>, Jakub Kicinski <kuba@...nel.org>,
"David S . Miller" <davem@...emloft.net>
Cc: Leon Romanovsky <leonro@...dia.com>,
Saeed Mahameed <saeedm@...dia.com>,
linux-netdev <netdev@...r.kernel.org>,
Raed Salem <raeds@...dia.com>,
Eric Dumazet <edumazet@...gle.com>,
Herbert Xu <herbert@...dor.apana.org.au>,
Steffen Klassert <steffen.klassert@...unet.com>
Subject: [PATCH net-next 00/10] Improve IPsec limits, ESN and replay window in mlx5
From: Leon Romanovsky <leonro@...dia.com>
Hi,
This series overcomes existing hardware limitations in Mellanox ConnectX
devices around handling IPsec soft and hard limits.
In addition, the ESN logic is tied and added an interface to configure
replay window sequence numbers through existing iproute2 interface.
ip xfrm state ... [ replay-seq SEQ ] [ replay-oseq SEQ ]
[ replay-seq-hi SEQ ] [ replay-oseq-hi SEQ ]
Thanks
Leon Romanovsky (10):
net/mlx5e: Factor out IPsec ASO update function
net/mlx5e: Prevent zero IPsec soft/hard limits
net/mlx5e: Add SW implementation to support IPsec 64 bit soft and hard
limits
net/mlx5e: Overcome slow response for first IPsec ASO WQE
xfrm: don't require advance ESN callback for packet offload
net/mlx5e: Remove ESN callbacks if it is not supported
net/mlx5e: Set IPsec replay sequence numbers
net/mlx5e: Reduce contention in IPsec workqueue
net/mlx5e: Generalize IPsec work structs
net/mlx5e: Simulate missing IPsec TX limits hardware functionality
.../mellanox/mlx5/core/en_accel/ipsec.c | 329 +++++++++++++++---
.../mellanox/mlx5/core/en_accel/ipsec.h | 47 ++-
.../mellanox/mlx5/core/en_accel/ipsec_fs.c | 31 +-
.../mlx5/core/en_accel/ipsec_offload.c | 198 ++++++++---
net/xfrm/xfrm_device.c | 2 +-
5 files changed, 496 insertions(+), 111 deletions(-)
--
2.39.2
Powered by blists - more mailing lists