AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2024-12-28 11:18:45 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
e8f6979981
linux_dsm_epyc7002/include/net
History
Ilya Lesokhin e8f6979981 net/tls: Add generic NIC offload infrastructure 
This patch adds a generic infrastructure to offload TLS crypto to a
network device. It enables the kernel TLS socket to skip encryption
and authentication operations on the transmit side of the data path.
Leaving those computationally expensive operations to the NIC.

The NIC offload infrastructure builds TLS records and pushes them to
the TCP layer just like the SW KTLS implementation and using the same
API.
TCP segmentation is mostly unaffected. Currently the only exception is
that we prevent mixed SKBs where only part of the payload requires
offload. In the future we are likely to add a similar restriction
following a change cipher spec record.

The notable differences between SW KTLS and NIC offloaded TLS
implementations are as follows:
1. The offloaded implementation builds "plaintext TLS record", those
records contain plaintext instead of ciphertext and place holder bytes
instead of authentication tags.
2. The offloaded implementation maintains a mapping from TCP sequence
number to TLS records. Thus given a TCP SKB sent from a NIC offloaded
TLS socket, we can use the tls NIC offload infrastructure to obtain
enough context to encrypt the payload of the SKB.
A TLS record is released when the last byte of the record is ack'ed,
this is done through the new icsk_clean_acked callback.

The infrastructure should be extendable to support various NIC offload
implementations.  However it is currently written with the
implementation below in mind:
The NIC assumes that packets from each offloaded stream are sent as
plaintext and in-order. It keeps track of the TLS records in the TCP
stream. When a packet marked for offload is transmitted, the NIC
encrypts the payload in-place and puts authentication tags in the
relevant place holders.

The responsibility for handling out-of-order packets (i.e. TCP
retransmission, qdisc drops) falls on the netdev driver.

The netdev driver keeps track of the expected TCP SN from the NIC's
perspective.  If the next packet to transmit matches the expected TCP
SN, the driver advances the expected TCP SN, and transmits the packet
with TLS offload indication.

If the next packet to transmit does not match the expected TCP SN. The
driver calls the TLS layer to obtain the TLS record that includes the
TCP of the packet for transmission. Using this TLS record, the driver
posts a work entry on the transmit queue to reconstruct the NIC TLS
state required for the offload of the out-of-order packet. It updates
the expected TCP SN accordingly and transmits the now in-order packet.
The same queue is used for packet transmission and TLS context
reconstruction to avoid the need for flushing the transmit queue before
issuing the context reconstruction request.

Signed-off-by: Ilya Lesokhin <ilyal@mellanox.com>
Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-05-01 09:42:47 -04:00
..
9p 9p: Implement show_options 2017-07-11 06:08:58 -04:00
bluetooth Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth 2018-04-08 17:19:15 -04:00
caif caif: reduce stack size with KASAN 2018-01-19 14:02:12 -05:00
iucv net: annotate ->poll() instances 2017-11-27 16:20:04 -05:00
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-04-01 19:49:34 -04:00
netns ipv6: sr: Compute flowlabel for outer IPv6 header of seg6 encap mode 2018-04-25 13:02:15 -04:00
nfc
phonet net: phonet: mark phonet_protocol as const 2017-10-07 23:15:08 +01:00
sctp sctp: remove sctp_transport_pmtu_check 2018-04-27 14:35:23 -04:00
tc_act net/sched: act_csum: don't use spinlock in the fast path 2018-01-23 19:51:46 -05:00
6lowpan.h
act_api.h net/sched: remove tcf_idr_cleanup() 2018-03-23 21:52:19 -04:00
addrconf.h ipv6: Count interface receive statistics on the ingress netdev 2018-04-17 13:39:51 -04:00
af_ieee802154.h
af_rxrpc.h rxrpc, afs: Use debug_ids rather than pointers in traces 2018-03-27 23:03:00 +01:00
af_unix.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
af_vsock.h VSOCK: use TCP state constants for sk_state 2017-10-05 18:44:17 -07:00
ah.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
arp.h ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY 2018-01-15 14:53:43 -05:00
atmclip.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ax25.h net: Make ax25_ptr depend on CONFIG_AX25 2018-02-14 11:55:33 -05:00
ax88796.h net-next: ax88796: add interrupt status callback to platform data 2018-04-19 16:11:11 -04:00
bond_3ad.h
bond_alb.h
bond_options.h bonding: Prevent duplicate userspace notification 2017-05-27 18:51:41 -04:00
bonding.h bonding: remove rtmsg_ifinfo called after bond_lower_state_changed 2017-10-25 10:54:39 +09:00
busy_poll.h net: fix compilation when busy poll is not enabled 2017-08-11 14:59:24 -07:00
calipso.h net, calipso: convert calipso_doi.refcount from atomic_t to refcount_t 2017-07-04 22:35:16 +01:00
cfg80211-wext.h
cfg80211.h nl80211: Add control_port_over_nl80211 to mesh_setup 2018-03-29 14:01:27 +02:00
cfg802154.h
checksum.h
cipso_ipv4.h net, ipv4: convert cipso_v4_doi.refcount from atomic_t to refcount_t 2017-07-04 01:29:04 -07:00
cls_cgroup.h
codel_impl.h
codel_qdisc.h
codel.h
compat.h net: remove compat_sys_*() prototypes from net/compat.h 2018-04-02 20:16:17 +02:00
datalink.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dcbevent.h
dcbnl.h
devlink.h devlink: convert occ_get op to separate registration 2018-04-08 12:45:57 -04:00
dn_dev.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dn_fib.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dn_neigh.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dn_nsp.h net/decnet: Convert timers to use timer_setup() 2017-10-18 12:39:36 +01:00
dn_route.h decnet: Move dn_next into decnet route structure. 2017-11-30 09:54:25 -05:00
dn.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-11-04 09:26:51 +09:00
dsa.h net: dsa: Allow providing PHY statistics from CPU port 2018-04-27 11:53:03 -04:00
dsfield.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dst_cache.h net: core: dst_cache_set_ip6: Rename 'addr' parameter to 'saddr' for consistency 2018-03-05 12:52:45 -05:00
dst_metadata.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-11-04 09:26:51 +09:00
dst_ops.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dst.h net: core: dst: Add kernel-doc for 'net' parameter 2018-03-05 12:52:45 -05:00
erspan.h net: erspan: fix metadata extraction 2018-02-06 11:32:48 -05:00
esp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ethoc.h inet: whitespace cleanup 2018-02-28 11:43:28 -05:00
fib_notifier.h net: Add extack to fib_notifier_info 2017-11-01 11:50:43 +09:00
fib_rules.h net: fib_rules: add extack support 2018-04-23 10:21:24 -04:00
firewire.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
flow_dissector.h tipc: improve link resiliency when rps is activated 2017-11-11 15:36:05 +09:00
flow.h net: Remove unused get_hash_from_flow functions 2018-03-04 13:04:23 -05:00
fou.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fq_impl.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-10-30 21:09:24 +09:00
fq.h fq: support filtering a given tin 2017-10-11 09:49:34 +02:00
garp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gen_stats.h net: sched: add support for TCQ_F_NOLOCK subqueues to sch_mq 2017-12-08 13:32:26 -05:00
genetlink.h genetlink: fix genlmsg_nlhdr() 2017-11-16 10:49:00 +09:00
geneve.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gre.h net: GRE: Add is_gretap_dev, is_ip6gretap_dev 2018-02-27 14:46:26 -05:00
gro_cells.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gtp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gue.h fou: fix some member types in guehdr 2017-12-11 14:10:06 -05:00
hwbm.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
icmp.h
ieee80211_radiotap.h mac80211: support reporting A-MPDU EOF bit value/known 2018-02-22 21:13:02 +01:00
ieee802154_netdev.h
if_inet6.h net/ipv6: Remove aca_idev 2018-04-19 15:40:13 -04:00
ife.h net: sched: ife: handle malformed tlv length 2018-04-22 21:12:00 -04:00
ila.h
inet6_connection_sock.h
inet6_hashtables.h net: ipv6: add second dif to inet6 socket lookups 2017-08-07 11:39:22 -07:00
inet_common.h net: Introduce __inet_bind() and __inet6_bind 2018-03-31 02:15:43 +02:00
inet_connection_sock.h tcp: Add clean acked data hook 2018-05-01 09:42:46 -04:00
inet_ecn.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-11-04 09:26:51 +09:00
inet_frag.h inet: frags: reorganize struct netns_frags 2018-03-31 23:25:39 -04:00
inet_hashtables.h inet: Add a 2nd listener hashtable (port+addr) 2017-12-03 10:18:28 -05:00
inet_sock.h udp: generate gso with UDP_SEGMENT 2018-04-26 15:08:04 -04:00
inet_timewait_sock.h soreuseport: initialise timewait reuseport field 2018-04-07 22:32:32 -04:00
inetpeer.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ip6_checksum.h
ip6_fib.h net/ipv6: Make from in rt6_info rcu protected 2018-04-21 16:06:14 -04:00
ip6_route.h net/ipv6: Remove compare of fib6_idev from rt6_duplicate_nexthop 2018-04-19 15:40:13 -04:00
ip6_tunnel.h ip6_gre: add erspan v2 support 2017-12-15 12:34:00 -05:00
ip_fib.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-03-23 11:31:58 -04:00
ip_tunnels.h vxlan: add ttl inherit support 2018-04-17 13:53:13 -04:00
ip_vs.h netfilter: ipvs: Remove useless ipvsh param of frag_safe_skb_hp 2018-01-08 18:01:02 +01:00
ip.h udp: generate gso with UDP_SEGMENT 2018-04-26 15:08:04 -04:00
ipcomp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ipconfig.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ipv6.h udp: generate gso with UDP_SEGMENT 2018-04-26 15:08:04 -04:00
ipx.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
iw_handler.h net: Spelling s/stucture/structure/ 2018-03-27 09:51:23 +02:00
kcm.h
l3mdev.h
lapb.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
lib80211.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
llc_c_ac.h net: LLC: Convert timers to use timer_setup() 2017-10-25 12:06:25 +09:00
llc_c_ev.h
llc_c_st.h
llc_conn.h llc: delete timers synchronously in llc_sk_free() 2018-04-22 14:55:03 -04:00
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h net, llc: convert llc_sap.refcnt from atomic_t to refcount_t 2017-07-04 22:35:15 +01:00
lwtunnel.h net: Move ipv4 set_lwt_redirect helper to lwtunnel 2018-02-14 14:43:32 -05:00
mac80211.h We have a fair number of patches, but many of them are from the 2018-03-29 16:23:26 -04:00
mac802154.h
mip6.h
mld.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mpls_iptunnel.h
mpls.h
mrp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ncsi.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ndisc.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
neighbour.h neighbour: support for NTF_EXT_LEARNED flag 2018-04-25 13:19:59 -04:00
net_namespace.h net: Introduce net_rwsem to protect net_namespace_list 2018-03-29 13:47:53 -04:00
net_ratelimit.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
netevent.h net/ipv6: Add support for path selection using hash of 5-tuple 2018-03-04 13:04:23 -05:00
netlabel.h net: convert netlbl_lsm_cache.refcount from atomic_t to refcount_t 2017-07-01 07:39:09 -07:00
netlink.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
netprio_cgroup.h
netrom.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nexthop.h net: fix rtnh_ok() 2018-04-07 22:32:31 -04:00
nl802154.h
nsh.h openvswitch: enable NSH support 2017-11-08 16:12:33 +09:00
p8022.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
page_pool.h xdp: allow page_pool as an allocator type in xdp_return_frame 2018-04-17 10:50:29 -04:00
ping.h
pkt_cls.h net: sch: prio: Add offload ability for grafting a child 2018-02-28 12:06:01 -05:00
pkt_sched.h net: remove prototype of qdisc_lookup_class() 2018-01-16 14:56:54 -05:00
pptp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
protocol.h IPv4: early demux can return an error code 2017-10-01 03:55:47 +01:00
psample.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
psnap.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
raw.h net: ipv4: add second dif to raw socket lookups 2017-08-07 11:39:21 -07:00
rawv6.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
red.h net_sched: red: Avoid illegal values 2017-12-05 14:37:13 -05:00
regulatory.h cfg80211: read wmm rules from regulatory database 2018-03-29 11:11:40 +02:00
request_sock.h tcp: socket option to set TCP fast open key 2017-10-20 13:21:36 +01:00
rose.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
route.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-03-23 11:31:58 -04:00
rsi_91x.h Bluetooth: btrsi: add new rsi bluetooth driver 2018-03-13 18:37:02 +02:00
rtnetlink.h rtnetlink: remove __rtnl_register 2017-12-04 11:32:53 -05:00
sch_generic.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-04-01 19:49:34 -04:00
scm.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
secure_seq.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
seg6_hmac.h
seg6.h ipv6: sr: add support for ip4ip6 encapsulation 2017-08-25 17:10:23 -07:00
slhc_vj.h slip: Check if rstate is initialized before uncompressing 2018-04-11 10:33:46 -04:00
smc.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
snmp.h
sock_reuseport.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sock.h net: Add Software fallback infrastructure for socket dependent offloads 2018-05-01 09:42:46 -04:00
Space.h net/mac89x0: Convert to platform_driver 2018-03-01 21:21:36 -05:00
stp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
strparser.h strparser: Use delayed work instead of timer for msg timeout 2017-10-25 10:37:11 +09:00
switchdev.h net: bridge: Add/del switchdev object on host join/leave 2017-11-10 13:41:40 +09:00
tcp_states.h tcp: remove the hardcode in the definition of TCPF Macro 2018-02-21 15:06:05 -05:00
tcp.h tcp: Add clean acked data hook 2018-05-01 09:42:46 -04:00
timewait_sock.h
tipc.h tipc: improve link resiliency when rps is activated 2017-11-11 15:36:05 +09:00
tls.h net/tls: Add generic NIC offload infrastructure 2018-05-01 09:42:47 -04:00
transp_v6.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tso.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tun_proto.h vxlan: factor out VXLAN-GPE next protocol 2017-08-29 15:16:52 -07:00
udp_tunnel.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
udp.h udp: add gso segment cmsg 2018-04-26 15:08:51 -04:00
udplite.h udplite: fix partial checksum initialization 2018-02-16 15:57:42 -05:00
vsock_addr.h
vxlan.h vxlan: add ttl inherit support 2018-04-17 13:53:13 -04:00
wext.h lift handling of SIOCIW... out of dev_ioctl() 2018-01-24 19:13:45 -05:00
wimax.h
x25.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
x25device.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xdp.h xdp: transition into using xdp_frame for return API 2018-04-17 10:50:29 -04:00
xfrm.h xfrm: Register xfrm_dev_notifier in appropriate place 2018-03-30 10:59:23 -04:00