lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAOb+sWGK5ufBSBDkhXfwJTH+C9Jpa+0qCVvf=9RW1GQig9Vosw@mail.gmail.com>
Date: Tue, 15 Apr 2025 11:03:31 +0800
From: Chiachang Wang <chiachangwang@...gle.com>
To: netdev@...r.kernel.org, steffen.klassert@...unet.com, leonro@...dia.com
Cc: stanleyjhu@...gle.com, yumike@...gle.com
Subject: Re: [PATCH ipsec-next v5 0/2] Update offload configuration with SA

Hi Steffen,

I understand you may be occupied by other works. I would like to reach
out to you as this was uploaded for around a month.
May I know if you have any review comment for this patchset ?

Thank you.
Chiachang

Chiachang Wang <chiachangwang@...gle.com> 於 2025年3月13日 週四 上午10:36寫道:

>
> The current Security Association (SA) offload setting
> cannot be modified without removing and re-adding the
> SA with the new configuration. Although existing netlink
> messages allow SA migration, the offload setting will
> be removed after migration.
>
> This patchset enhances SA migration to include updating
> the offload setting. This is beneficial for devices that
> support IPsec session management.
>
> Chiachang Wang (2):
>   xfrm: Migrate offload configuration
>   xfrm: Refactor migration setup during the cloning process
>
>  include/net/xfrm.h     |  8 ++++++--
>  net/key/af_key.c       |  2 +-
>  net/xfrm/xfrm_policy.c |  4 ++--
>  net/xfrm/xfrm_state.c  | 24 ++++++++++++++++--------
>  net/xfrm/xfrm_user.c   | 15 ++++++++++++---
>  5 files changed, 37 insertions(+), 16 deletions(-)
>
> ---
> v4 -> v5:
>  - Remove redundant xfrm_migrate pointer validation in the
>    xfrm_state_clone_and_setup() method
> v3 -> v4:
>  - Change the target tree to ipsec-next
>  - Rebase commit to adopt updated xfrm_init_state()
>  - Remove redundant variable to rely on validiaty of pointer
>  - Refactor xfrm_migrate copy into xfrm_state_clone and rename the
>    method
> v2 -> v3:
>  - Update af_key.c to address kbuild error
> v1 -> v2:
>  - Revert "xfrm: Update offload configuration during SA update"
>    change as the patch can be protentially handled in the
>    hardware without the change.
>  - Address review feedback to correct the logic in the
>    xfrm_state_migrate in the migration offload configuration
>    change.
>  - Revise the commit message for "xfrm: Migrate offload configuration"
> --
> 2.49.0.rc1.451.g8f38331e32-goog
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ