From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ilya Lesokhin <ilyal@mellanox.com>
Subject: [PATCH v3 net-next 0/6] tls: Add generic NIC offload infrastructure
Date: Mon, 18 Dec 2017 13:10:27 +0200
Message-ID: <20171218111033.13256-1-ilyal@mellanox.com>
Cc: davejwatson@fb.com, tom@herbertland.com,
        hannes@stressinduktion.org, borisp@mellanox.com,
        aviadye@mellanox.com, liranl@mellanox.com,
        Ilya Lesokhin <ilyal@mellanox.com>
To: netdev@vger.kernel.org, davem@davemloft.net
Return-path: <netdev-owner@vger.kernel.org>
Received: from mail-il-dmz.mellanox.com ([193.47.165.129]:55102 "EHLO
        mellanox.co.il" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org
        with ESMTP id S1757211AbdLRLKr (ORCPT
        <rfc822;netdev@vger.kernel.org>); Mon, 18 Dec 2017 06:10:47 -0500
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

Changes from v2:
- Fix sk use after free and possible netdev use after free
- tls device now keeps a refernce on the offloading netdev
- tls device registers to the netdev notifer. 
  Upon a NETDEV_DOWN event, offload is stopped and
  the reference on the netdev is dropped.
- SW fallback support for skb->ip_summed != CHECKSUM_PARTIAL 
- Merged TLS patches are no longer part of this series.

Changes from v1:
- Remove the binding of the socket to a specific netdev 
  through sk->sk_bound_dev_if.
  Add a check in validate_xmit_skb to detect route changes
  and call SW fallback code to do the crypto in software.
- tls_get_record now returns the tls record sequence number.
  This is required to support connections with rcd_sn != iv.
- Bug fixes to the TLS code.

This patchset adds a generic infrastructure to offload TLS crypto to a
network devices.

patches 1-2 Export functions that we need
patch 3 adds infrastructue for offloaded socket fallback
patches 4-5 add new NDOs and capabilities.
patch 6 adds the TLS NIC offload infrastructure.

Github with mlx5e TLS offload support:
https://github.com/Mellanox/tls-offload/tree/tls_device_v3

Paper: https://www.netdevconf.org/1.2/papers/netdevconf-TLS.pdf

Ilya Lesokhin (6):
  tcp: Add clean acked data hook
  net: Rename and export copy_skb_header
  net: Add SW fallback infrastructure for offloaded sockets
  net: Add TLS offload netdev ops
  net: Add TLS TX offload features
  tls: Add generic NIC offload infrastructure.

 include/linux/netdev_features.h    |   2 +
 include/linux/netdevice.h          |  23 ++
 include/linux/skbuff.h             |   1 +
 include/net/inet_connection_sock.h |   2 +
 include/net/sock.h                 |  17 +
 include/net/tls.h                  |  62 ++-
 net/core/dev.c                     |   4 +
 net/core/ethtool.c                 |   1 +
 net/core/skbuff.c                  |   9 +-
 net/ipv4/tcp_input.c               |   3 +
 net/tls/Kconfig                    |   9 +
 net/tls/Makefile                   |   3 +
 net/tls/tls_device.c               | 800 +++++++++++++++++++++++++++++++++++++
 net/tls/tls_device_fallback.c      | 405 +++++++++++++++++++
 net/tls/tls_main.c                 |  33 +-
 15 files changed, 1363 insertions(+), 11 deletions(-)
 create mode 100644 net/tls/tls_device.c
 create mode 100644 net/tls/tls_device_fallback.c

-- 
2.15.0.317.g14c63a9