From: Ilya Lesokhin <ilyal@mellanox.com>
To: netdev@vger.kernel.org, davem@davemloft.net
Cc: davejwatson@fb.com, tom@herbertland.com,
hannes@stressinduktion.org, borisp@mellanox.com,
aviadye@mellanox.com, liranl@mellanox.com,
Ilya Lesokhin <ilyal@mellanox.com>
Subject: [PATCH v3 net-next 0/6] tls: Add generic NIC offload infrastructure
Date: Mon, 18 Dec 2017 13:10:27 +0200 [thread overview]
Message-ID: <20171218111033.13256-1-ilyal@mellanox.com> (raw)
Changes from v2:
- Fix sk use after free and possible netdev use after free
- tls device now keeps a refernce on the offloading netdev
- tls device registers to the netdev notifer.
Upon a NETDEV_DOWN event, offload is stopped and
the reference on the netdev is dropped.
- SW fallback support for skb->ip_summed != CHECKSUM_PARTIAL
- Merged TLS patches are no longer part of this series.
Changes from v1:
- Remove the binding of the socket to a specific netdev
through sk->sk_bound_dev_if.
Add a check in validate_xmit_skb to detect route changes
and call SW fallback code to do the crypto in software.
- tls_get_record now returns the tls record sequence number.
This is required to support connections with rcd_sn != iv.
- Bug fixes to the TLS code.
This patchset adds a generic infrastructure to offload TLS crypto to a
network devices.
patches 1-2 Export functions that we need
patch 3 adds infrastructue for offloaded socket fallback
patches 4-5 add new NDOs and capabilities.
patch 6 adds the TLS NIC offload infrastructure.
Github with mlx5e TLS offload support:
https://github.com/Mellanox/tls-offload/tree/tls_device_v3
Paper: https://www.netdevconf.org/1.2/papers/netdevconf-TLS.pdf
Ilya Lesokhin (6):
tcp: Add clean acked data hook
net: Rename and export copy_skb_header
net: Add SW fallback infrastructure for offloaded sockets
net: Add TLS offload netdev ops
net: Add TLS TX offload features
tls: Add generic NIC offload infrastructure.
include/linux/netdev_features.h | 2 +
include/linux/netdevice.h | 23 ++
include/linux/skbuff.h | 1 +
include/net/inet_connection_sock.h | 2 +
include/net/sock.h | 17 +
include/net/tls.h | 62 ++-
net/core/dev.c | 4 +
net/core/ethtool.c | 1 +
net/core/skbuff.c | 9 +-
net/ipv4/tcp_input.c | 3 +
net/tls/Kconfig | 9 +
net/tls/Makefile | 3 +
net/tls/tls_device.c | 800 +++++++++++++++++++++++++++++++++++++
net/tls/tls_device_fallback.c | 405 +++++++++++++++++++
net/tls/tls_main.c | 33 +-
15 files changed, 1363 insertions(+), 11 deletions(-)
create mode 100644 net/tls/tls_device.c
create mode 100644 net/tls/tls_device_fallback.c
--
2.15.0.317.g14c63a9
next reply other threads:[~2017-12-18 11:10 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-18 11:10 Ilya Lesokhin [this message]
2017-12-18 11:10 ` [PATCH v3 net-next 1/6] tcp: Add clean acked data hook Ilya Lesokhin
2017-12-19 19:13 ` Eric Dumazet
2017-12-19 19:21 ` Ilya Lesokhin
2017-12-19 19:28 ` Eric Dumazet
2017-12-19 19:43 ` Ilya Lesokhin
2017-12-18 11:10 ` [PATCH v3 net-next 2/6] net: Rename and export copy_skb_header Ilya Lesokhin
2017-12-18 11:10 ` [PATCH v3 net-next 3/6] net: Add SW fallback infrastructure for offloaded sockets Ilya Lesokhin
2017-12-18 19:18 ` Marcelo Ricardo Leitner
2017-12-19 7:51 ` Ilya Lesokhin
2017-12-19 15:05 ` Marcelo Ricardo Leitner
2017-12-19 19:12 ` Eric Dumazet
2017-12-19 19:15 ` Ilya Lesokhin
2017-12-18 11:10 ` [PATCH v3 net-next 4/6] net: Add TLS offload netdev ops Ilya Lesokhin
2017-12-18 11:10 ` [PATCH v3 net-next 5/6] net: Add TLS TX offload features Ilya Lesokhin
2017-12-18 11:10 ` [PATCH v3 net-next 6/6] tls: Add generic NIC offload infrastructure Ilya Lesokhin
2017-12-18 19:53 ` Marcelo Ricardo Leitner
2017-12-19 7:31 ` Ilya Lesokhin
2017-12-19 15:11 ` Marcelo Ricardo Leitner
2017-12-19 15:38 ` Ilya Lesokhin
2017-12-19 16:18 ` Marcelo Ricardo Leitner
2017-12-19 7:00 ` kbuild test robot
2017-12-19 7:01 ` kbuild test robot
2017-12-19 8:17 ` [RFC PATCH] tls: tls_sw_fallback() can be static kbuild test robot
2017-12-19 8:17 ` [PATCH v3 net-next 6/6] tls: Add generic NIC offload infrastructure kbuild test robot
2017-12-18 17:10 ` [PATCH v3 net-next 0/6] " Jiri Pirko
2017-12-19 10:30 ` Jiri Pirko
2017-12-20 8:28 ` Boris Pismenny
2017-12-20 10:08 ` Jiri Pirko
2017-12-20 10:15 ` Or Gerlitz
2017-12-20 10:31 ` Or Gerlitz
2017-12-20 16:12 ` David Miller
2017-12-20 16:23 ` Ilya Lesokhin
2017-12-20 16:36 ` David Miller
2017-12-20 19:12 ` Jiri Pirko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171218111033.13256-1-ilyal@mellanox.com \
--to=ilyal@mellanox.com \
--cc=aviadye@mellanox.com \
--cc=borisp@mellanox.com \
--cc=davejwatson@fb.com \
--cc=davem@davemloft.net \
--cc=hannes@stressinduktion.org \
--cc=liranl@mellanox.com \
--cc=netdev@vger.kernel.org \
--cc=tom@herbertland.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.