lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <cover.1681388425.git.leonro@nvidia.com>
Date:   Thu, 13 Apr 2023 15:29:18 +0300
From:   Leon Romanovsky <leon@...nel.org>
To:     "David S. Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>
Cc:     Leon Romanovsky <leonro@...dia.com>,
        Steffen Klassert <steffen.klassert@...unet.com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        netdev@...r.kernel.org, Saeed Mahameed <saeedm@...dia.com>,
        Raed Salem <raeds@...dia.com>, Emeel Hakim <ehakim@...dia.com>,
        Simon Horman <simon.horman@...igine.com>
Subject: [PATCH net-next v1 00/10] Support tunnel mode in mlx5 IPsec packet offload

From: Leon Romanovsky <leonro@...dia.com>

Changelog:
v1:
 * Added Simon's ROB tags
 * Changed some hard coded values to be defines
 * Dropped custom MAC header struct in favor of struct ethhdr
 * Fixed missing returned error
 * Changed "void *" casting to "struct ethhdr *" casting
v0: https://lore.kernel.org/all/cover.1681106636.git.leonro@nvidia.com

---------------------------------------------------------------------
Hi,

This series extends mlx5 to support tunnel mode in its IPsec packet
offload implementation.

Thanks

---------------------------------------------------------------------
I would like to ask to apply it directly to netdev tree as PR is not
really needed here.
---------------------------------------------------------------------

Leon Romanovsky (10):
  net/mlx5e: Add IPsec packet offload tunnel bits
  net/mlx5e: Check IPsec packet offload tunnel capabilities
  net/mlx5e: Configure IPsec SA tables to support tunnel mode
  net/mlx5e: Prepare IPsec packet reformat code for tunnel mode
  net/mlx5e: Support IPsec RX packet offload in tunnel mode
  net/mlx5e: Support IPsec TX packet offload in tunnel mode
  net/mlx5e: Listen to ARP events to update IPsec L2 headers in tunnel
    mode
  net/mlx5: Allow blocking encap changes in eswitch
  net/mlx5e: Create IPsec table with tunnel support only when encap is
    disabled
  net/mlx5e: Accept tunnel mode for IPsec packet offload

 .../mellanox/mlx5/core/en_accel/ipsec.c       | 202 ++++++++++++++-
 .../mellanox/mlx5/core/en_accel/ipsec.h       |  11 +-
 .../mellanox/mlx5/core/en_accel/ipsec_fs.c    | 239 +++++++++++++++---
 .../mlx5/core/en_accel/ipsec_offload.c        |   6 +
 .../net/ethernet/mellanox/mlx5/core/eswitch.h |  14 +
 .../mellanox/mlx5/core/eswitch_offloads.c     |  48 ++++
 include/linux/mlx5/mlx5_ifc.h                 |   8 +-
 7 files changed, 481 insertions(+), 47 deletions(-)

-- 
2.39.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ