[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
|
|
Subscribe / Log in / New account

tls: Add generic NIC offload infrastructure

From:  Ilya Lesokhin <ilyal-AT-mellanox.com>
To:  netdev-AT-vger.kernel.org, davem-AT-davemloft.net
Subject:  [PATCH v2 net-next 00/12] tls: Add generic NIC offload infrastructure
Date:  Wed, 8 Nov 2017 15:38:25 +0200
Message-ID:  <1510148317-84661-1-git-send-email-ilyal@mellanox.com>
Cc:  davejwatson-AT-fb.com, tom-AT-herbertland.com, hannes-AT-stressinduktion.org, aviadye-AT-mellanox.com, liranl-AT-mellanox.com, Ilya Lesokhin <ilyal-AT-mellanox.com>

Changes from v1:
- Remove the binding of the socket to a specific netdev 
  through sk->sk_bound_dev_if.
  Add a check in validate_xmit_skb to detect route changes
  and call SW fallback code to do the crypto in software.
- tls_get_record now returns the tls record sequence number.
  This is required to support connections with rcd_sn != iv.
- Bug fixes to the TLS code.

This patchset adds a generic infrastructure to offload TLS crypto to a
network devices.

Patches 1-6 refactor and fix various issues in the TLS code
Patches 7-8 Export functions that we need
patch 9 adds infrastructue for offloaded socket fallback
patches 10-11 add new NDOs and capabilities.
patch 12 adds the TLS NIC offload infrastructure.

Github with mlx5e TLS offload support:
https://github.com/Mellanox/tls-offload/tree/tls_device_v2

Paper: https://www.netdevconf.org/1.2/papers/netdevconf-TLS.pdf

Ilya Lesokhin (12):
  tls: Use kzalloc for aead_request allocation
  tls: Add function to update the TLS socket configuration
  tls: Fix TLS ulp context leak, when TLS_TX setsockopt is not used.
  tls: Move tls_make_aad to header to allow sharing
  tls: Avoid copying crypto_info again after cipher_type check.
  tls: don't override sk_write_space if tls_set_sw_offload fails.
  tcp: Add clean acked data hook
  net: Rename and export copy_skb_header
  net: Add SW fallback infrastructure for offloaded sockets
  net: Add TLS offload netdev ops
  net: Add TLS TX offload features
  tls: Add generic NIC offload infrastructure.

 include/linux/netdev_features.h    |   2 +
 include/linux/netdevice.h          |  21 ++
 include/linux/skbuff.h             |   1 +
 include/net/inet_connection_sock.h |   2 +
 include/net/sock.h                 |  17 +
 include/net/tls.h                  |  74 +++-
 net/core/dev.c                     |   4 +
 net/core/ethtool.c                 |   1 +
 net/core/skbuff.c                  |   9 +-
 net/ipv4/tcp_input.c               |   3 +
 net/tls/Kconfig                    |   9 +
 net/tls/Makefile                   |   3 +
 net/tls/tls_device.c               | 692 +++++++++++++++++++++++++++++++++++++
 net/tls/tls_device_fallback.c      | 382 ++++++++++++++++++++
 net/tls/tls_main.c                 | 122 ++++---
 net/tls/tls_sw.c                   |  24 +-
 16 files changed, 1297 insertions(+), 69 deletions(-)
 create mode 100644 net/tls/tls_device.c
 create mode 100644 net/tls/tls_device_fallback.c

-- 
1.8.3.1

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds