On Tue, 21 May 2019 16:06:33 -0700, Alexei Starovoitov wrote:
> clean up explored_states to prep for introduction of hashtable
> No functional changes.
>
> Signed-off-by: Alexei Starovoitov
> ---
> kernel/bpf/verifier.c | 30 +-
> 1 file changed, 21 insertions(+), 9 d
- add more words about fallback (Boris);
- note that checksum validation is required (Alexei);
- note that drivers shouldn't pay attention to the TLS
device features.
Signed-off-by: Jakub Kicinski
Acked-by: Dave Watson
Acked-by: Alexei Starovoitov
---
Documentation/networking
Convert the TLS doc to RST. Use C code blocks for the code
samples, and mark hyperlinks.
Signed-off-by: Jakub Kicinski
Acked-by: Dave Watson
Acked-by: Alexei Starovoitov
---
Documentation/networking/index.rst| 1 +
Documentation/networking/{tls.txt => tls.rst} |
vendors navigate the TLS offload, and
help ensure different implementations stay aligned from
user perspective.
v2:
- address Alexei's and Boris'es commands on patch 3.
Jakub Kicinski (3):
Documentation: net: move device drivers docs to a submenu
Documentation: tls: RSTify the ktls doc
Some of the device drivers have really long document titles
making the networking table of contents hard to look through.
Place vendor drivers under a submenu.
Signed-off-by: Jakub Kicinski
Acked-by: Dave Watson
Acked-by: Alexei Starovoitov
---
.../networking/device_drivers/index.rst
cleaned
up even if the TLS device features got cleared after
connection state was installed.
Jakub Kicinski (3):
net/tls: avoid NULL-deref on resync during device removal
net/tls: fix state removal with feature flags off
net/tls: don't ignore netdev notifications if no TLS features
ne
e, in next release cycle
it should be printed when features are disabled, rather
than when connection dies, but for that we need a more
efficient method of finding connection of a given netdev
(a'la BPF offload code).
Fixes: 4799ac81e52a ("tls: Add rx inline crypto offload")
Sign
)
does not dereference the pointer, it just checks it against
other device pointer, so it should be pretty safe (perhaps
we can add a READ_ONCE/WRITE_ONCE there, if paranoid).
Fixes: 4799ac81e52a ("tls: Add rx inline crypto offload")
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der
eared.
Fixes: e8f69799810c ("net/tls: Add generic NIC offload infrastructure")
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
net/tls/tls_device.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
ind
On Thu, 09 May 2019 21:57:49 -0700, John Fastabend wrote:
> It is possible (via shutdown()) for TCP socks to go through TCP_CLOSE
> state via tcp_disconnect() without calling into close callback. This
> would allow a kTLS enabled socket to exist outside of ESTABLISHED
> state which is not supported
On Wed, 22 May 2019 14:53:50 +0200, Björn Töpel wrote:
> Shout out to all XDP driver hackers to check that the second patch
> doesn't break anything (especially Jakub). I've only been able to test
> on the Intel NICs.
Please test XDP offload on netdevsim, that's why we have it! :)
At the minimum p
On Wed, 22 May 2019 14:53:51 +0200, Björn Töpel wrote:
> From: Björn Töpel
>
> All XDP capable drivers need to implement the XDP_QUERY_PROG{,_HW}
> command of ndo_bpf. The query code is fairly generic. This commit
> refactors the query code up from the drivers to the netdev level.
>
> The struct
On Wed, 22 May 2019 11:25:02 +, Boris Pismenny wrote:
> > +Performance metrics
> > +===
> > +
> > +TLS offload can be characterized by the following basic metrics:
> > +
> > + * max connection count
> > + * connection installation rate
> > + * connection installation latency
> >
On Wed, 22 May 2019 22:54:44 +0200, Björn Töpel wrote:
> > > Now, the same commands give:
> > >
> > > # ip link set dev eth0 xdp obj foo.o sec main
> > > # ip link set dev eth0 xdpgeneric off
> > > Error: native and generic XDP can't be active at the same time.
> >
> > I'm not clear why thi
On Wed, 22 May 2019 14:57:33 -0700, John Fastabend wrote:
> Jakub Kicinski wrote:
> > On Thu, 09 May 2019 21:57:49 -0700, John Fastabend wrote:
>
> [...]
>
> >
> > Looks like David Beckett managed to trigger another nasty on the
> > release path :/
&
On Wed, 22 May 2019 22:37:16 +0100, Edward Cree wrote:
> * removed RFC tags
Why? There is still no upstream user for this (my previous
objections of this being only partially correct aside).
On Wed, 22 May 2019 12:50:51 -0700, Andrii Nakryiko wrote:
> Utilize new libbpf's btf_dump API to emit BTF as a C definitions.
>
> Signed-off-by: Andrii Nakryiko
> ---
> tools/bpf/bpftool/btf.c | 63 +++--
> 1 file changed, 60 insertions(+), 3 deletions(-)
>
On Wed, 22 May 2019 17:58:23 -0700, Andrii Nakryiko wrote:
> On Wed, May 22, 2019 at 5:25 PM Jakub Kicinski wrote:
> > On Wed, 22 May 2019 12:50:51 -0700, Andrii Nakryiko wrote:
> > > + * Copyright (C) 2019 Facebook
> > > + */
> > >
> > > #inclu
On Thu, 23 May 2019 09:19:49 -0400, Jamal Hadi Salim wrote:
> On 2019-05-22 6:20 p.m., Jakub Kicinski wrote:
> > On Wed, 22 May 2019 22:37:16 +0100, Edward Cree wrote:
> >> * removed RFC tags
> >
> > Why? There is still no upstream user for this (my previous
>
On Wed, 22 May 2019 21:43:43 -0700, Andrii Nakryiko wrote:
> On Wed, May 22, 2019 at 6:23 PM Jakub Kicinski wrote:
> > On Wed, 22 May 2019 17:58:23 -0700, Andrii Nakryiko wrote:
> > > On Wed, May 22, 2019 at 5:25 PM Jakub Kicinski wrote:
> > > > On Wed, 22 M
On Thu, 23 May 2019 17:21:49 +0100, Edward Cree wrote:
> On 22/05/2019 23:20, Jakub Kicinski wrote:
> > On Wed, 22 May 2019 22:37:16 +0100, Edward Cree wrote:
> >> * removed RFC tags
> > Why? There is still no upstream user for this
> Well, patch #2 updates driver
On Thu, 23 May 2019 17:40:08 +0100, Edward Cree wrote:
> On 23/05/2019 17:11, Jakub Kicinski wrote:
> > On Thu, 23 May 2019 09:19:49 -0400, Jamal Hadi Salim wrote:
> >> That would still work here, no? There will be some latency
> >> based on the frequency of har
On Thu, 23 May 2019 11:45:07 +0200, Jiri Pirko wrote:
> From: Jiri Pirko
>
> Introduce a function to be called from drivers during flash. It sends
> notification to userspace about flash update progress.
>
> Signed-off-by: Jiri Pirko
Reviewed-by: Jakub Kicinski
Very cool!
On Thu, 23 May 2019 11:45:10 +0200, Jiri Pirko wrote:
> From: Jiri Pirko
>
> Signed-off-by: Jiri Pirko
> ---
> drivers/net/netdevsim/dev.c | 35 +++
> 1 file changed, 35 insertions(+)
>
> diff --git a/drivers/net/netdevsim/dev.c b/drivers/net/netdevsim/dev.c
> i
On Thu, 23 May 2019 11:47:10 +0200, Jiri Pirko wrote:
> From: Jiri Pirko
>
> Listen to status notifications coming from kernel during flashing and
> put them on stdout to inform user about the status.
>
> Signed-off-by: Jiri Pirko
> +static int cmd_dev_flash_status_cb(const struct nlmsghdr *nl
On Thu, 23 May 2019 09:20:52 -0700, Andrii Nakryiko wrote:
> On Thu, May 23, 2019 at 3:54 AM Quentin Monnet wrote:
> >
> > libbpf has three levels of priority for output messages: warn, info,
> > debug. By default, debug output is not printed to the console.
> >
> > Add a new "--debug" (short name:
On Thu, 23 May 2019 13:42:20 -0700, Andrii Nakryiko wrote:
> Utilize new libbpf's btf_dump API to emit BTF as a C definitions.
>
> Signed-off-by: Andrii Nakryiko
Acked-by: Jakub Kicinski
Thanks!
On Fri, 24 May 2019 10:11:10 +0200, Jiri Pirko wrote:
> Thu, May 23, 2019 at 05:19:46PM CEST, [email protected] wrote:
> >On 5/23/19 3:45 AM, Jiri Pirko wrote:
> >> @@ -57,11 +58,13 @@ static int mlxfw_fsm_state_wait(struct mlxfw_dev
> >> *mlxfw_dev, u32 fwhandle,
> >>if (fsm_state_err != ML
On Fri, 24 May 2019 14:57:24 +0100, Edward Cree wrote:
> On 24/05/2019 14:09, Edward Cree wrote:
> > I'll put together an RFC patch, anyway
> Argh, there's a problem: an action doesn't have a (directly) associated
> block, and all the TC offload machinery nowadays is built around blocks.
> Since
ass the original len.
E.g. if lowat is at 80, len is 100 and we had 30 bytes on rx_list
target would currently be incorrectly calculated as 70, even though
we only need 50 more bytes to make up the 80.
Fixes: 692d7b5d1f91 ("tls: Fix recvmsg() to be able to peek across multiple
records&q
Set SO_RCVLOWAT and test it gets respected when gathering
data from multiple records.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
tools/testing/selftests/net/tls.c | 19 +++
1 file changed, 19 insertions(+)
diff --git a/tools/testing/selftests/net/tls.c
put the process to sleep, but
rather return the partial read.
Patches 2 and 4 add test cases for these bugs, both will cause
a sleep and test timeout before the fix.
Jakub Kicinski (4):
net/tls: fix lowat calculation if some data came from previous record
selftests/tls: test for lowat overshoot
uot;tls: Fix recvmsg() to be able to peek across multiple
records")
Reported-by: David Beckett
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
Tested-by: David Beckett
---
net/tls/tls_sw.c | 8 ++--
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/net/tls/
Add a test which sends 15 bytes of data, and then tries
to read 10 byes twice. Previously the second read would
sleep indifinitely, since the record was already decrypted
and there is only 5 bytes left, not full 10.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
tools
On Fri, 24 May 2019 18:27:39 +0100, Edward Cree wrote:
> On 24/05/2019 18:03, Jakub Kicinski wrote:
> > On Fri, 24 May 2019 14:57:24 +0100, Edward Cree wrote:
> >> Argh, there's a problem: an action doesn't have a (directly) associated
> >> block, and all
On Fri, 24 May 2019 12:18:32 +0200, Björn Töpel wrote:
> Maxim, this doesn't address the uapi concern we had on your v2.
> Please refer to Magnus' comment here [1].
>
> Please educate me why you cannot publish AF_XDP without the uapi change?
> It's an extension, right? If so, then existing XDP/AF_
On Sat, 25 May 2019 00:26:35 +0200, Jiri Pirko wrote:
> Fri, May 24, 2019 at 05:54:46PM CEST, [email protected] wrote:
> >On Fri, 24 May 2019 10:11:10 +0200, Jiri Pirko wrote:
> >> Thu, May 23, 2019 at 05:19:46PM CEST, [email protected] wrote:
> >> >On 5/23/19 3:45 AM, Jiri Pirko wro
On Tue, 28 May 2019 19:06:21 +0200, Björn Töpel wrote:
> On Wed, 22 May 2019 at 20:32, Jakub Kicinski wrote:
> > You should be able to just call install with the original flags, and
> > install handler should do the right maths again to direct it either to
> > drv or generic
On Tue, 28 May 2019 13:48:43 +0200, Jiri Pirko wrote:
> From: Jiri Pirko
>
> Introduce a function to be called from drivers during flash. It sends
> notification to userspace about flash update progress.
>
> Signed-off-by: Jiri Pirko
Reviewed-by: Jakub Kicinski
On Tue, 28 May 2019 13:48:46 +0200, Jiri Pirko wrote:
> From: Jiri Pirko
>
> Signed-off-by: Jiri Pirko
> ---
> v1->v2:
> - added debugfs toggle to enable/disable flash status notifications
Could you please add a selftest making use of netdevsim code?
Sorry, I must have liked the feature so muc
On Tue, 28 May 2019 10:46:44 -0700, Vedang Patel wrote:
> From: Vinicius Costa Gomes
>
> This adds the UAPI and the core bits necessary for userspace to
> request hardware offloading to be enabled.
>
> The future commits will enable hybrid or full offloading for taprio. This
> commit sets up the
On Wed, 29 May 2019 10:00:16 +0200, Jiri Pirko wrote:
> Tue, May 28, 2019 at 10:01:15PM CEST, [email protected] wrote:
> >On Tue, 28 May 2019 13:48:46 +0200, Jiri Pirko wrote:
> >> From: Jiri Pirko
> >>
> >> Signed-off-by: Jiri Pirko
> >> ---
> >> v1->v2:
> >> - added debugfs toggle
On Wed, 29 May 2019 17:06:49 +, Patel, Vedang wrote:
> > On May 28, 2019, at 3:45 PM, Jakub Kicinski
> > wrote:
> > On Tue, 28 May 2019 10:46:44 -0700, Vedang Patel wrote:
> >> From: Vinicius Costa Gomes
> >>
> >> This adds the UAPI
On Wed, 29 May 2019 20:05:16 +, Patel, Vedang wrote:
> [Sending the email again since the last one was rejected by netdev because it
> was html.]
>
> > On May 29, 2019, at 12:14 PM, Jakub Kicinski
> > wrote:
> >
> > On Wed, 29 May 2019 17:06:49 +, Pa
On Wed, 29 May 2019 12:49:55 +0300, [email protected] wrote:
> From: Arthur Kiyanovski
>
> This commit adds a mechanism for exposing different driver
> properties via ethtool's priv_flags.
>
> In this commit we:
>
> Add commands, structs and defines necessary for handling
> extra properties
>
any code which
would depend on the current behaviour.
Fixes: c46234ebb4d1 ("tls: RX path for ktls")
Reported-by: David Beckett
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
We probably want to hold off on stable with this one :)
---
net/ipv4/af_inet.c | 2 +-
On Thu, 30 May 2019 00:21:39 +, Patel, Vedang wrote:
> > On May 29, 2019, at 2:06 PM, Jakub Kicinski
> > wrote:
> > On Wed, 29 May 2019 20:05:16 +, Patel, Vedang wrote:
> >> [Sending the email again since the last one was rejected by netdev because
> >
On Tue, 21 May 2019 19:02:00 -0700, Jakub Kicinski wrote:
> When netdev with active kTLS sockets in unregistered
> notifier callback walks the offloaded sockets and
> cleans up offload state. RX data may still be processed,
> however, and if resync was requested prior to device
> r
This reverts commit 38030d7cb77963ba84cdbe034806e2b81245339f.
Unfortunately the RX resync may get called from soft IRQ,
so we can't take the rwsem to protect from the device
disappearing.
Signed-off-by: Jakub Kicinski
---
net/tls/tls_device.c | 15 +--
1 file changed, 5 inser
2a ("tls: Add rx inline crypto offload")
Signed-off-by: Jakub Kicinski
---
include/net/tls.h| 4
net/tls/tls_device.c | 26 +-
2 files changed, 25 insertions(+), 5 deletions(-)
diff --git a/include/net/tls.h b/include/net/tls.h
index 39ea62f0c1f6..4a55ce6a3
Hi!
Take two of making sure we don't use a NULL netdev pointer
for RX resync. This time using a bit and an open coded
wait loop.
Posting as revert + new patch, hopefully this will make it
easier to backport to stable (unless third time is the charm,
and this one is buggy as well :().
On Fri, 31 May 2019 19:18:17 +, Saeed Mahameed wrote:
> On Fri, 2019-05-31 at 11:42 +0200, Björn Töpel wrote:
> > From: Björn Töpel
> >
> > All XDP capable drivers need to implement the XDP_QUERY_PROG{,_HW}
> > command of ndo_bpf. The query code is fairly generic. This commit
> > refactors th
On Fri, 31 May 2019 19:18:17 +, Saeed Mahameed wrote:
> > + if (!bpf_op || flags & XDP_FLAGS_SKB_MODE)
> > + mode = XDP_FLAGS_SKB_MODE;
> > +
> > + curr_mode = dev_xdp_current_mode(dev);
> > +
> > + if (!offload && curr_mode && (mode ^ curr_mode) &
> > + (XDP_FLAGS_DRV_MOD
On Fri, 31 May 2019 11:42:14 +0200, Björn Töpel wrote:
> diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
> index 44b47e9df94a..f3a875a52c6c 100644
> --- a/include/linux/netdevice.h
> +++ b/include/linux/netdevice.h
> @@ -1940,6 +1940,9 @@ struct net_device {
> #endif
> str
On Fri, 31 May 2019 15:58:41 -0700, Andrii Nakryiko wrote:
> On Fri, May 31, 2019 at 2:28 PM Stanislav Fomichev wrote:
> > On 05/31, Andrii Nakryiko wrote:
> > > This patch adds support for a new way to define BPF maps. It relies on
> > > BTF to describe mandatory and optional attributes of a ma
On Mon, 3 Jun 2019 11:04:36 +0200, Björn Töpel wrote:
> On Sat, 1 Jun 2019 at 21:57, Jakub Kicinski
> wrote:
> >
> > On Fri, 31 May 2019 19:18:17 +, Saeed Mahameed wrote:
> > > > + if (!bpf_op || flags & XDP_FLAGS_SKB_MODE)
> > &
On Mon, 3 Jun 2019 17:43:18 +0300, [email protected] wrote:
> * net: ena: ethtool: add extra properties retrieval via get_priv_flags (2/11):
> * replaced snprintf with strlcpy
> * dropped confusing error message
> * added more details to the commit message
I asked you to clearly state that yo
_SW, today. Soon we will introduce
code which can only be called for offloaded contexts.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
net/tls/tls_sw.c | 8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 96
In light of recent bugs, we should make a better effort of
checking return values. In theory none of the functions should
fail today.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
net/tls/tls_device.c | 20 ++--
1 file changed, 14 insertions(+), 6 deletions
nd in turn tls_sw_fallback() not generate a
warning in that case, and quietly proceed to drop such frames.
Make the exit path from tls_sw_fallback() drop monitor friendly,
for users to be able to troubleshoot dropped retransmissions.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
Doc
ctx->prot holds the same information as per-direction contexts.
Almost all code gets TLS version from this structure, convert
the last two stragglers, this way we can improve the cache
utilization by moving the per-direction data into cold cache lines.
Signed-off-by: Jakub Kicinski
Reviewed
All callers pass prot->version as the last parameter
of tls_advance_record_sn(), yet tls_advance_record_sn()
itself needs a pointer to prot. Pass prot from callers.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
include/net/tls.h| 10 +++---
net/tls/tls_devic
tls_context for
better cache utilization.
Jakub Kicinski (8):
net/tls: fully initialize the msg wrapper skb
net/tls: check return values from skb_copy_bits() and skb_store_bits()
net/tls: remove false positive warning
net/tls: don't look for decrypted frames on non-offloaded sockets
net/tls:
tls_device_decrypted() is only called from decrypt_skb_update(),
when ctx->decrypted == false, there is no need to re-check the bit.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
net/tls/tls_device.c | 4
1 file changed, 4 deletions(-)
diff --git a/net/
ssarily re-encrypting
the message, as skb->decrypted is not set for the wrapper skb.
Try to be conservative and copy all fields of old skb
strparser's user may reasonably need.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
Reviewed-by: Simon Horman
---
include/linux/skbuf
struct tls_context is slightly badly laid out. If we reorder things
right we can save 16 bytes (320 -> 304) but also make all fast path
data fit into two cache lines (one read only and one read/write,
down from four cache lines).
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Me
On Mon, 3 Jun 2019 22:27:28 +, Woodhouse, David wrote:
> On Mon, 2019-06-03 at 14:32 -0700, Jakub Kicinski wrote:
> > On Mon, 3 Jun 2019 17:43:18 +0300, [email protected] wrote:
> > > * net: ena: ethtool: add extra properties retrieval via get_priv_flags
> > >
On Mon, 3 Jun 2019 14:54:53 -0700, Andrii Nakryiko wrote:
> On Sun, Jun 2, 2019 at 5:33 PM Jakub Kicinski wrote:
> > On Fri, 31 May 2019 15:58:41 -0700, Andrii Nakryiko wrote:
> > > On Fri, May 31, 2019 at 2:28 PM Stanislav Fomichev
> > > wrote:
> > &g
On Tue, 04 Jun 2019 07:57:48 +0100, David Woodhouse wrote:
> On Tue, 2019-06-04 at 02:15 +, Bshara, Nafea wrote:
> > On Jun 3, 2019, at 6:52 PM, Andrew Lunn wrote:
> > > > Any "SmartNIC" vendor has temptation of uAPI-level hand off to the
> > > > firmware (including my employer), we all run pr
On Tue, 4 Jun 2019 15:40:43 +0200, Jiri Pirko wrote:
> From: Jiri Pirko
>
> Signed-off-by: Jiri Pirko
Reviewed-by: Jakub Kicinski
On Tue, 4 Jun 2019 15:40:44 +0200, Jiri Pirko wrote:
> From: Jiri Pirko
>
> Utilizes the devlink flash code.
>
> Suggested-by: Jakub Kicinski
> Signed-off-by: Jiri Pirko
Acked-by: Jakub Kicinski
All looks good too me now, thanks Jiri!
On Tue, 04 Jun 2019 11:23:57 -0700 (PDT), David Miller wrote:
> From: Jakub Kicinski
> Date: Fri, 31 May 2019 20:11:59 -0700
>
> > Take two of making sure we don't use a NULL netdev pointer
> > for RX resync. This time using a bit and an open coded
> > wait
Hi!
Take two of making sure we don't use a NULL netdev pointer
for RX resync. This time using a bit and an open coded
wait loop.
v2:
- fix build warning (DaveM).
Jakub Kicinski (2):
Revert "net/tls: avoid NULL-deref on resync during device removal"
net/tls: replace th
This reverts commit 38030d7cb77963ba84cdbe034806e2b81245339f.
Unfortunately the RX resync may get called from soft IRQ,
so we can't take the rwsem to protect from the device
disappearing.
Signed-off-by: Jakub Kicinski
---
net/tls/tls_device.c | 15 +--
1 file changed, 5 inser
2a ("tls: Add rx inline crypto offload")
Signed-off-by: Jakub Kicinski
---
include/net/tls.h| 4
net/tls/tls_device.c | 27 +--
2 files changed, 25 insertions(+), 6 deletions(-)
diff --git a/include/net/tls.h b/include/net/tls.h
index 39ea62f0c1f6..4a55ce6a3
On Tue, 4 Jun 2019 14:35:24 -0700, Stanislav Fomichev wrote:
> Support sockopt prog type and cgroup hooks in the bpftool.
>
> Signed-off-by: Stanislav Fomichev
Acked-by: Jakub Kicinski
Currently if we need to modify the head of the skb and allocation
fails we would free the skb and not increment the error counter.
Make sure all errors are counted.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
drivers/net/ethernet/netronome/nfp/nfp_net_common.c | 12
Parse the mailbox TLV. When control message queue is not available
we can fall back to passing the control messages via the vNIC
mailbox.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
drivers/net/ethernet/netronome/nfp/nfp_net_ctrl.c | 4
drivers/net/ethernet
reviewable chunk.
Dirk van der Merwe (3):
net/tls: export TLS per skb encryption
nfp: tls: add datapath support for TLS TX
nfp: tls: add/delete TLS TX connections
Jakub Kicinski (10):
nfp: count all failed TX attempts as errors
nfp: make bar_lock a semaphore
nfp: parse the mailbox cmsg
ff-by: Jakub Kicinski
---
.../net/ethernet/netronome/nfp/crypto/tls.c | 6 +++-
drivers/net/ethernet/netronome/nfp/nfp_net.h | 23 --
.../ethernet/netronome/nfp/nfp_net_common.c | 31 +++
.../ethernet/netronome/nfp/nfp_net_ethtool.c | 16 --
4 files change
Parse TLV containing a bitmask of supported crypto operations.
The TLV contains a capability bitmask (supported operations)
and enabled bitmask. Each operation describes the crypto
protocol quite exhaustively (protocol, AEAD, direction).
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der
keep the hardware state intact and perform the
out of order encryption entirely on the host.
To achieve this, export the already existing software encryption
fallback path so drivers could access this.
Signed-off-by: Dirk van der Merwe
Reviewed-by: Jakub Kicinski
---
include/net/tls.h
FW may prefer to handle some communication via a mailbox
or the vNIC may simply not have a control queue (VFs).
Add a way of exchanging ccm-compatible messages via a
mailbox.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
drivers/net/ethernet/netronome/nfp/Makefile | 1
ALIGN in
TLS_OFFLOAD_CONTEXT_SIZE_RX/TX would reserve this extra space, anyway.)
With that we can add a common accessor to the core.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
include/net/tls.h | 28 ++--
1 file changed, 22 insertions(+), 6
Subsequent patches will add support for more TX metadata fields.
Prepare for this by handling an additional double word - firmware
handle as metadata type 7.
Signed-off-by: Dirk van der Merwe
Signed-off-by: Jakub Kicinski
---
.../ethernet/netronome/nfp/nfp_net_common.c | 44
still fit
into the same number of cache lines but on RX side we would be 8
bytes over.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
include/net/tls.h | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/include/net/tls.h b/include/net/tls.h
index 0a
-by: Jakub Kicinski
---
.../net/ethernet/netronome/nfp/crypto/tls.c | 300 +-
drivers/net/ethernet/netronome/nfp/nfp_net.h | 5 +-
2 files changed, 303 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/netronome/nfp/crypto/tls.c
b/drivers/net/ethernet/netronome
Add FW ABI defines and code for basic init of TLS offload.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
drivers/net/ethernet/netronome/Kconfig| 1 +
drivers/net/ethernet/netronome/nfp/Makefile | 5 +
drivers/net/ethernet/netronome/nfp/ccm.h | 4
We will need to release the bar lock from a workqueue
so move from a mutex to a semaphore. This lock should
not be too hot. Unfortunately semaphores don't have
lockdep support.
Signed-off-by: Jakub Kicinski
Reviewed-by: Dirk van der Merwe
---
drivers/net/ethernet/netronome/nfp/nfp_
van der Merwe
Signed-off-by: Jakub Kicinski
---
.../ethernet/netronome/nfp/crypto/crypto.h| 7 +++
drivers/net/ethernet/netronome/nfp/nfp_net.h | 2 +
.../ethernet/netronome/nfp/nfp_net_common.c | 56 +++
3 files changed, 65 insertions(+)
diff --git a/drivers/net/ethernet
./tools/include/linux/types.h:69:8: note: originally defined here
struct list_head {
^
Try to detect this situation, and print a helpful warning.
Signed-off-by: Jakub Kicinski
Reviewed-by: Quentin Monnet
---
This has been rotting in my tree, time to take it or leave it
On Wed, 5 Jun 2019 17:39:22 +0200, Davide Caratti wrote:
> currently, only getsockopt(TCP_ULP) can be invoked to know if a ULP is on
> top of a TCP socket. Extend idiag_get_aux() and idiag_get_aux_size(),
> introduced by commit b37e88407c1d ("inet_diag: allow protocols to provide
> additional data
On Wed, 5 Jun 2019 17:39:23 +0200, Davide Caratti wrote:
> When an application configures kernel TLS on top of a TCP socket, it's
> now possible for inet_diag_handler to collect information regarding the
> protocol version and the cipher, in case INET_DIAG_INFO is requested.
>
> Signed-off-by: Da
./tools/include/linux/types.h:69:8: note: originally defined here
struct list_head {
^
Try to detect this situation, and print a helpful warning.
v2: just use HOSTCC (Jiong).
Signed-off-by: Jakub Kicinski
Reviewed-by: Quentin Monnet
---
samples/bpf/Makefile | 9 ++
Hi Samih!
Please don't top post on Linux kernel mailing lists.
On Thu, 6 Jun 2019 10:23:40 +, Jubran, Samih wrote:
> As of today there are no flags exposed by ENA NIC device, however, we
> are planning to use them in the near future. We want to provide
> customers with extra methods to identi
On Thu, 6 Jun 2019 21:40:19 +, Bshara, Nafea wrote:
> On 6/6/19, 10:16 AM, "Jakub Kicinski" wrote:
>
> Hi Samih!
>
> Please don't top post on Linux kernel mailing lists.
>
> On Thu, 6 Jun 2019 10:23:40 +, Jubran, Samih wrote:
&g
On Thu, 6 Jun 2019 22:57:21 +, Bshara, Nafea wrote:
> > Having said that, it's entirely unclear to me what the user scenario is
> > here. You say "which two devices related", yet you only have one bit,
> > so it can indicate that there is another device, not _which_ device is
> > related. Inf
On Thu, 6 Jun 2019 10:50:56 -0700, Vedang Patel wrote:
> Currently, we are seeing non-critical packets being transmitted outside of
> their timeslice. We can confirm that the packets are being dequeued at the
> right time. So, the delay is induced in the hardware side. The most likely
> reason is
On Thu, 6 Jun 2019 23:21:25 +, Bshara, Nafea wrote:
> > On Jun 6, 2019, at 4:08 PM, Jakub Kicinski
> > wrote:
> > On Thu, 6 Jun 2019 22:57:21 +, Bshara, Nafea wrote:
> >>> Having said that, it's entirely unclear to me what the user scenario is
>
On Thu, 6 Jun 2019 23:27:36 +, Alexei Starovoitov wrote:
> On 6/6/19 4:02 PM, Andrii Nakryiko wrote:
> >> struct {
> >> int type;
> >> int max_entries;
> >> } my_map __attribute__((map(int,struct my_value))) = {
> >> .type = BPF_MAP_TYPE_ARRAY,
> >> .max_entr
1 - 100 of 8661 matches
Mail list logo
