summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-07-16samples/bpf: test_cgrp2_sock2: fix an off by oneDan Carpenter
"prog_cnt" is the number of elements which are filled out in prog_fd[] so the test should be >= instead of >. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Reviewed-by: David Ahern <dsahern@gmail.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2018-07-16samples: bpf: ensure that we don't load over MAX_PROGS programsDan Carpenter
I can't see that we check prog_cnt to ensure it doesn't go over MAX_PROGS. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2018-07-16sch_cake: Fix tin order when set through skb->priorityToke Høiland-Jørgensen
In diffserv mode, CAKE stores tins in a different order internally than the logical order exposed to userspace. The order remapping was missing in the handling of 'tc filter' priority mappings through skb->priority, resulting in bulk and best effort mappings being reversed relative to how they are displayed. Fix this by adding the missing mapping when reading skb->priority. Fixes: 83f8fd69af4f ("sch_cake: Add DiffServ handling") Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16cxgb4: collect ASIC LA dumps from ULP TXSurendra Mobiya
Signed-off-by: Surendra Mobiya <surendra@chelsio.com> Signed-off-by: Rahul Lakkireddy <rahul.lakkireddy@chelsio.com> Signed-off-by: Ganesh Goudar <ganeshgr@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16mlxsw: spectrum: Expose counters for various packet sizesJiri Pirko
Expose counters ASIC has in the group of RFC 2819 counters that count number of packets within specific size range. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16liquidio: fix hang when re-binding VF host drv after running DPDK VF driverRick Farrington
When configuring SLI_PKTn_OUTPUT_CONTROL, VF driver was assuming that IPTR mode was disabled by reset, which was not true. Since DPDK driver had set IPTR mode previously, the VF driver (which uses buf-ptr-only mode) was not properly handling DROQ packets (i.e. it saw zero-length packets). This represented an invalid hardware configuration which the driver could not handle. Signed-off-by: Rick Farrington <ricardo.farrington@cavium.com> Signed-off-by: Felix Manlunas <felix.manlunas@cavium.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: cavium: Drop dependency of NET_VENDOR_CAVIUM on PCIAlexander Sverdlin
Octeon Ethernet drivers work perfectly without PCI. Signed-off-by: Alexander Sverdlin <alexander.sverdlin@nokia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: mscc: simplify retrieving the tag type from the frame headerAntoine Tenart
The tag type in the frame extraction header is only a bit wide. There's no need to use GENMASK when retrieving the information. This patch simplify the code by dropping GENMASK and using BIT instead. Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com> Reviewed-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16cxgb4: do not return DUPLEX_UNKNOWN when link is downGanesh Goudar
We were returning DUPLEX_UNKNOWN in get_link_ksettings() when the link was down. Unfortunately, this causes a problem when "ethtool -s autoneg on" is issued for a link which is down because the ethtool code first reads the settings and then reapplies them with only the changes provided on the command line. Which results in us diving into set_link_ksettings() with DUPLEX_UNKNOWN which is not DUPLEX_FULL, so set_link_ksettings() throws an -EINVAL error. do not return DUPLEX_UNKNOWN to fix the issue. Signed-off-by: Casey Leedom <leedom@chelsio.com> Signed-off-by: Ganesh Goudar <ganeshgr@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: convert gro_count to bitmaskLi RongQing
gro_hash size is 192 bytes, and uses 3 cache lines, if there is few flows, gro_hash may be not fully used, so it is unnecessary to iterate all gro_hash in napi_gro_flush(), to occupy unnecessary cacheline. convert gro_count to a bitmask, and rename it as gro_bitmask, each bit represents a element of gro_hash, only flush a gro_hash element if the related bit is set, to speed up napi_gro_flush(). and update gro_bitmask only if it will be changed, to reduce cache update Suggested-by: Eric Dumazet <edumazet@google.com> Signed-off-by: Li RongQing <lirongqing@baidu.com> Cc: Stefano Brivio <sbrivio@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16bnxt_en: remove redundant debug register dma mem allocationYueHaibing
hwrm_dbg_resp_addr and hwrm_dbg_resp_dma_addr are never used and can be removed. Signed-off-by: YueHaibing <yuehaibing@huawei.com> Acked-by: Michael Chan <michael.chan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16liquidio: Use %pad printk format for dma_addr_t valuesHelge Deller
Use the existing %pad printk format to print dma_addr_t values. This avoids the following warnings when compiling on the parisc platform: warning: format '%llx' expects argument of type 'long long unsigned int', but argument 2 has type 'dma_addr_t {aka unsigned int}' [-Wformat=] Signed-off-by: Helge Deller <deller@gmx.de> Acked-by: Felix Manlunas <felix.manlunas@cavium.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: phy: realtek: add missing entry for RTL8211C to mdio_device_id tableHeiner Kallweit
Add missing entry for RTL8211C to mdio_device_id table. Signed-off-by: Heiner Kallweit <hkallweit1@gmail.com> Fixes: cf87915cb9f8 ("net: phy: realtek: add support for RTL8211C") Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: usb: hso: use swap macro in hso_kick_transmitGustavo A. R. Silva
Make use of the swap macro and remove unnecessary variable *temp*. This makes the code easier to read and maintain. Also, slightly refactor some code due to the removal of *temp*. This code was detected with the help of Coccinelle. Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16Merge branch 'phy-helpers'David S. Miller
Heiner Kallweit says: ==================== net: phy: add functionality to speed down PHY when waiting for WoL packet Some network drivers include functionality to speed down the PHY when suspending and just waiting for a WoL packet because this saves energy. This patch is based on our recent discussion about factoring out this functionality to phylib. First user will be the r8169 driver. v2: - add warning comment to phy_speed_down regarding usage of sync = false - remove sync parameter from phy_speed_up ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: phy: add phy_speed_down and phy_speed_upHeiner Kallweit
Some network drivers include functionality to speed down the PHY when suspending and just waiting for a WoL packet because this saves energy. This functionality is quite generic, therefore let's factor it out to phylib. Signed-off-by: Heiner Kallweit <hkallweit1@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: phy: add helper phy_config_anegHeiner Kallweit
This functionality will also be needed in subsequent patches of this series, therefore factor it out to a helper. Signed-off-by: Heiner Kallweit <hkallweit1@gmail.com> Reviewed-by: Andrew Lunn <andrew@lunn.ch> Reviewed-by: Florian Fainelli <f.fainelli@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16selftests: tls: add selftests for TLS socketsDave Watson
Add selftests for tls socket. Tests various iov and message options, poll blocking and nonblocking behavior, partial message sends / receives, and control message data. Tests should pass regardless of if TLS is enabled in the kernel or not, and print a warning message if not. Signed-off-by: Dave Watson <davejwatson@fb.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16Merge branch 'docs-Fix-failover-build-warnings'David S. Miller
Tobin C. Harding says: ==================== docs: Fix failover build warnings This is my first patch set to net-next. Please shout loud and clear if I've botched anything. Recently failover and net_failover modules were added to the mainline. Documentation was included in rst format but they were not added to the toctree in `networking/index.rst`. Also building docs for net_failover is currently emitting a few warnings. Patch 1 adds failover and net_failover to the index toctree Patch 2 fixes the build warnings for net_failover I haven't been super active on netdev list so if there is some reason I missed why these files are not in the index please do say so. Has there been any discussion on preferred order for the toctree index list? I just added them to the bottom of the list. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16docs: networking: Fix failover build warningsTobin C. Harding
Currently building the net_failover docs causes a bunch of warnings to be emitted. These warnings are all related to indentation and correctly highlight missing '::' (for code sections). It looks, from other rst files in Documentation, that the first column should be indented 2 spaces. Add '::' before code snippets and indent all snippets uniformly starting with 2 spaces. Cc: Jonathan Corbet <corbet@lwn.net> Signed-off-by: Tobin C. Harding <me@tobin.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16docs: networking: Add failover docs to indexTobin C. Harding
Currently we have rst format docs for the failover and net_failover modules however these docs are not linked to within the index. Add `failover` and `net_failover` to the networking documentation index. Signed-off-by: Tobin C. Harding <me@tobin.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16Merge branch 'hns3-next'David S. Miller
Salil Mehta says: ==================== Bug fixes and some minor changes to HNS3 driver This patch-set presents some fixes and minor changes to the HNS3 Ethernet Driver. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: hns3: Fix comments for hclge_get_ring_chain_from_mbxFuyun Liang
Actually, hclge_get_ring_chain_from_mbx is used to get ring type, tqp id, and int_gl index from mailbox message. So the comments is incorrect. This patch fixes it. Fixes: dde1a86e93ca ("net: hns3: Add mailbox support to PF driver") Signed-off-by: Fuyun Liang <liangfuyun1@huawei.com> Signed-off-by: Peng Li <lipeng321@huawei.com> Signed-off-by: Salil Mehta <salil.mehta@huawei.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: hns3: Fix for using wrong mask and shift in hclge_get_ring_chain_from_mbxFuyun Liang
HCLGE_INT_GL_IDX_M and HCLGE_INT_GL_IDX_S are used to set fireware cmd. When getting int_gl value from mailbox message, we should use HNAE3_RING_GL_IDX_M and HNAE3_RING_GL_IDX_S. Fixes: 79eee4108541 ("net: hns3: add int_gl_idx setup for VF") Signed-off-by: Fuyun Liang <liangfuyun1@huawei.com> Signed-off-by: Peng Li <lipeng321@huawei.com> Signed-off-by: Salil Mehta <salil.mehta@huawei.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: hns3: Fix for reset_level default assignment probelmYunsheng Lin
handle->reset_level is assigned to HNAE3_NONE_RESET when client is initialized, if a tx timeout happens right after initialization, then handle->reset_level is not resetted to HNAE3_FUNC_RESET in hclge_reset_event, which will cause reset event not properly handled problem. This patch fixes it by setting handle->reset_level properly when client is initialized. Fixes: 6d4c3981a8d8 ("net: hns3: Changes to make enet watchdog timeout func common for PF/VF") Signed-off-by: Yunsheng Lin <linyunsheng@huawei.com> Signed-off-by: Peng Li <lipeng321@huawei.com> Signed-off-by: Salil Mehta <salil.mehta@huawei.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: hns3: remove unnecessary ring configuration operation while resettingHuazhong Tan
The configuration of the ring will be used to reinitialize the ring after the hardware reset is completed. So we should not release and reacquire this configuration during reset. Fixes: bb6b94a896d4 ("net: hns3: Add reset interface implementation in client") Signed-off-by: Huazhong Tan <tanhuazhong@huawei.com> Signed-off-by: Peng Li <lipeng321@huawei.com> Signed-off-by: Salil Mehta <salil.mehta@huawei.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: hns3: Fix return value error in hns3_reset_notify_down_enetHuazhong Tan
When doing reset, netdev has not been brought up is not an error, it means that we do not need do the stop operation, so just return zero. Fixes: 76ad4f0ee747 ("net: hns3: Add support of HNS3 Ethernet Driver for hip08 SoC") Signed-off-by: Huazhong Tan <tanhuazhong@huawei.com> Signed-off-by: Peng Li <lipeng321@huawei.com> Signed-off-by: Salil Mehta <salil.mehta@huawei.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: hns3: Correct reset event status registerHuazhong Tan
According to hardware's description, driver should get reset event from VECTOR0_PF_OTHER_INT_ST(0x20800) instead of VECTOR0_PF_OTHER_INT_SRC(0x20700). Signed-off-by: Huazhong Tan <tanhuazhong@huawei.com> Signed-off-by: Peng Li <lipeng321@huawei.com> Signed-off-by: Salil Mehta <salil.mehta@huawei.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: hns3: Prevent to request reset frequentlyHuazhong Tan
Netdevice reset should not be requested frequently, a new one must wait a moment since there may be some work not completed. Signed-off-by: Huazhong Tan <tanhuazhong@huawei.com> Signed-off-by: Peng Li <lipeng321@huawei.com> Signed-off-by: Salil Mehta <salil.mehta@huawei.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: hns3: Reset net device with rtnl_lockHuazhong Tan
Since current locking was not covering certain code where netdev was being accessed or manipulated, this patch fixes it. Signed-off-by: Huazhong Tan <tanhuazhong@huawei.com> Signed-off-by: Peng Li <lipeng321@huawei.com> Signed-off-by: Salil Mehta <salil.mehta@huawei.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: hns3: Modify the order of initializing command queue registerHuazhong Tan
According to hardware's description, the head pointer register should be written before the tail pointer register while doing command queue initialization. Signed-off-by: Huazhong Tan <tanhuazhong@huawei.com> Signed-off-by: Peng Li <lipeng321@huawei.com> Signed-off-by: Salil Mehta <salil.mehta@huawei.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16Merge branch 'TLS-offload-rx-netdev-and-mlx5'David S. Miller
Boris Pismenny says: ==================== TLS offload rx, netdev & mlx5 The following series provides TLS RX inline crypto offload. v5->v4: - Remove the Kconfig to mutually exclude both IPsec and TLS v4->v3: - Remove the iov revert for zero copy send flow v2->v3: - Fix typo - Adjust cover letter - Fix bug in zero copy flows - Use network byte order for the record number in resync - Adjust the sequence provided in resync v1->v2: - Fix bisectability problems due to variable name changes - Fix potential uninitialized return value This series completes the generic infrastructure to offload TLS crypto to a network devices. It enables the kernel TLS socket to skip decryption and authentication operations for SKBs marked as decrypted on the receive side of the data path. Leaving those computationally expensive operations to the NIC. This infrastructure doesn't require a TCP offload engine. Instead, the NIC decrypts a packet's payload if the packet contains the expected TCP sequence number. The TLS record authentication tag remains unmodified regardless of decryption. If the packet is decrypted successfully and it contains an authentication tag, then the authentication check has passed. Otherwise, if the authentication fails, then the packet is provided unmodified and the KTLS layer is responsible for handling it. Out-Of-Order TCP packets are provided unmodified. As a result, in the slow path some of the SKBs are decrypted while others remain as ciphertext. The GRO and TCP layers must not coalesce decrypted and non-decrypted SKBs. At the worst case a received TLS record consists of both plaintext and ciphertext packets. These partially decrypted records must be reencrypted, only to be decrypted. The notable differences between SW KTLS and NIC offloaded TLS implementations are as follows: 1. Partial decryption - Software must handle the case of a TLS record that was only partially decrypted by HW. This can happen due to packet reordering. 2. Resynchronization - tls_read_size calls the device driver to resynchronize HW whenever it lost track of the TLS record framing in the TCP stream. The infrastructure should be extendable to support various NIC offload implementations. However it is currently written with the implementation below in mind: The NIC identifies packets that should be offloaded according to the 5-tuple and the TCP sequence number. If these match and the packet is decrypted and authenticated successfully, then a syndrome is provided to software. Otherwise, the packet is unmodified. Decrypted and non-decrypted packets aren't coalesced by the network stack, and the KTLS layer decrypts and authenticates partially decrypted records. The NIC provides an indication whenever a resync is required. The resync operation is triggered by the KTLS layer while parsing TLS record headers. Finally, we measure the performance obtained by running single stream iperf with two Intel(R) Xeon(R) CPU E5-2620 v3 @ 2.40GHz machines connected back-to-back with Innova TLS (40Gbps) NICs. We compare TCP (upper bound) and KTLS-Offload running both in Tx and Rx. The results show that the performance of offload is comparable to TCP. | Bandwidth (Gbps) | CPU Tx (%) | CPU rx (%) TCP | 28.8 | 5 | 12 KTLS-Offload-Tx-Rx | 28.6 | 7 | 14 Paper: https://netdevconf.org/2.2/papers/pismenny-tlscrypto-talk.pdf ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net/mlx5e: IPsec, fix byte count in CQEBoris Pismenny
This patch fixes the byte count indication in CQE for processed IPsec packets that contain a metadata header. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net/mlx5: Accel, add common metadata functionsBoris Pismenny
This patch adds common functions to handle mellanox metadata headers. These functions are used by IPsec and TLS to process FPGA metadata. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net/mlx5e: TLS, build TLS netdev from capabilitiesBoris Pismenny
This patch enables TLS Rx based on available HW capabilities. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net/mlx5e: TLS, add software statisticsBoris Pismenny
This patch adds software statistics for TLS to count important events. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net/mlx5e: TLS, add Innova TLS rx data pathBoris Pismenny
Implement the TLS rx offload data path according to the requirements of the TLS generic NIC offload infrastructure. Special metadata ethertype is used to pass information to the hardware. When hardware loses synchronization a special resync request metadata message is used to request resync. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: Ilya Lesokhin <ilyal@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net/mlx5e: TLS, add innova rx supportBoris Pismenny
Add the mlx5 implementation of the TLS Rx routines to add/del TLS contexts, also add the tls_dev_resync_rx routine to work with the TLS inline Rx crypto offload infrastructure. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: Ilya Lesokhin <ilyal@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net/mlx5: Accel, add TLS rx offload routinesBoris Pismenny
In Innova TLS, TLS contexts are added or deleted via a command message over the SBU connection. The HW then sends a response message over the same connection. Complete the implementation for Innova TLS (FPGA-based) hardware by adding support for rx inline crypto offload. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: Ilya Lesokhin <ilyal@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net/mlx5e: TLS, refactor variable namesBoris Pismenny
For symmetry, we rename mlx5e_tls_offload_context to mlx5e_tls_offload_context_tx before we add mlx5e_tls_offload_context_rx. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Reviewed-by: Aviad Yehezkel <aviadye@mellanox.com> Reviewed-by: Tariq Toukan <tariqt@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16tls: Fix zerocopy_from_iter iov handlingBoris Pismenny
zerocopy_from_iter iterates over the message, but it doesn't revert the updates made by the iov iteration. This patch fixes it. Now, the iov can be used after calling zerocopy_from_iter. Fixes: 3c4d75591 ("tls: kernel TLS support") Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16tls: Add rx inline crypto offloadBoris Pismenny
This patch completes the generic infrastructure to offload TLS crypto to a network device. It enables the kernel to skip decryption and authentication of some skbs marked as decrypted by the NIC. In the fast path, all packets received are decrypted by the NIC and the performance is comparable to plain TCP. This infrastructure doesn't require a TCP offload engine. Instead, the NIC only decrypts packets that contain the expected TCP sequence number. Out-Of-Order TCP packets are provided unmodified. As a result, at the worst case a received TLS record consists of both plaintext and ciphertext packets. These partially decrypted records must be reencrypted, only to be decrypted. The notable differences between SW KTLS Rx and this offload are as follows: 1. Partial decryption - Software must handle the case of a TLS record that was only partially decrypted by HW. This can happen due to packet reordering. 2. Resynchronization - tls_read_size calls the device driver to resynchronize HW after HW lost track of TLS record framing in the TCP stream. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16tls: Fill software context without allocationBoris Pismenny
This patch allows tls_set_sw_offload to fill the context in case it was already allocated previously. We will use it in TLS_DEVICE to fill the RX software context. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16tls: Split tls_sw_release_resources_rxBoris Pismenny
This patch splits tls_sw_release_resources_rx into two functions one which releases all inner software tls structures and another that also frees the containing structure. In TLS_DEVICE we will need to release the software structures without freeeing the containing structure, which contains other information. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16tls: Split decrypt_skb to two functionsBoris Pismenny
Previously, decrypt_skb also updated the TLS context. Now, decrypt_skb only decrypts the payload using the current context, while decrypt_skb_update also updates the state. Later, in the tls_device Rx flow, we will use decrypt_skb directly. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16tls: Refactor tls_offload variable namesBoris Pismenny
For symmetry, we rename tls_offload_context to tls_offload_context_tx before we add tls_offload_context_rx. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16tcp: Don't coalesce decrypted and encrypted SKBsBoris Pismenny
Prevent coalescing of decrypted and encrypted SKBs in GRO and TCP layer. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: Ilya Lesokhin <ilyal@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: Add TLS rx resync NDOBoris Pismenny
Add new netdev tls op for resynchronizing HW tls context Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: Add TLS RX offload featureIlya Lesokhin
This patch adds a netdev feature to configure TLS RX inline crypto offload. Signed-off-by: Ilya Lesokhin <ilyal@mellanox.com> Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-16net: Add decrypted field to skbBoris Pismenny
The decrypted bit is propogated to cloned/copied skbs. This will be used later by the inline crypto receive side offload of tls. Signed-off-by: Boris Pismenny <borisp@mellanox.com> Signed-off-by: Ilya Lesokhin <ilyal@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>