From: Leon Romanovsky <leon@kernel.org>
To: "David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>
Cc: Steffen Klassert <steffen.klassert@secunet.com>,
Paul Blakey <paulb@nvidia.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
netdev@vger.kernel.org, Saeed Mahameed <saeedm@nvidia.com>,
Raed Salem <raeds@nvidia.com>
Subject: Re: [GIT PULL] Extend packet offload to fully support libreswan
Date: Tue, 21 Mar 2023 09:18:30 +0200 [thread overview]
Message-ID: <20230321071830.GN36557@unreal> (raw)
In-Reply-To: <20230320094722.1009304-1-leon@kernel.org>
On Mon, Mar 20, 2023 at 11:47:22AM +0200, Leon Romanovsky wrote:
> The following patches are an outcome of Raed's work to add packet
> offload support to libreswan [1].
>
> The series includes:
> * Priority support to IPsec policies
> * Statistics per-SA (visible through "ip -s xfrm state ..." command)
> * Support to IKE policy holes
> * Fine tuning to acquire logic.
>
> Thanks
>
> [1] https://github.com/libreswan/libreswan/pull/986
> Link: https://lore.kernel.org/all/cover.1678714336.git.leon@kernel.org
> Signed-off-by: Leon Romanovsky <leon@kernel.org>
>
> ----------------------------------------------------------------
>
> The following changes since commit eeac8ede17557680855031c6f305ece2378af326:
>
> Linux 6.3-rc2 (2023-03-12 16:36:44 -0700)
>
> are available in the Git repository at:
>
> https://git.kernel.org/pub/scm/linux/kernel/git/mellanox/linux.git/ tags/ipsec-libreswan-mlx5
>
> for you to fetch changes up to 5a6cddb89b51d99a7702e63829644a5860dd9c41:
>
> net/mlx5e: Update IPsec per SA packets/bytes count (2023-03-20 11:29:52 +0200)
>
> ----------------------------------------------------------------
> Paul Blakey (3):
> net/mlx5: fs_chains: Refactor to detach chains from tc usage
> net/mlx5: fs_core: Allow ignore_flow_level on TX dest
> net/mlx5e: Use chains for IPsec policy priority offload
>
> Raed Salem (6):
> xfrm: add new device offload acquire flag
> xfrm: copy_to_user_state fetch offloaded SA packets/bytes statistics
> net/mlx5e: Allow policies with reqid 0, to support IKE policy holes
> net/mlx5e: Support IPsec acquire default SA
> net/mlx5e: Use one rule to count all IPsec Tx offloaded traffic
> net/mlx5e: Update IPsec per SA packets/bytes count
>
> drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c | 71 ++++--
> drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.h | 13 +-
> drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_fs.c | 528 +++++++++++++++++++++++++++++++++++----------
> drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_offload.c | 32 ++-
> drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 20 +-
> drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c | 6 +-
> drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 5 +-
> drivers/net/ethernet/mellanox/mlx5/core/lib/fs_chains.c | 89 ++++----
> drivers/net/ethernet/mellanox/mlx5/core/lib/fs_chains.h | 9 +-
> include/net/xfrm.h | 5 +
> net/xfrm/xfrm_state.c | 1 +
> net/xfrm/xfrm_user.c | 2 +
> 12 files changed, 553 insertions(+), 228 deletions(-)
Hi,
I see that this PR is marked as "Needs ACK" in patchworks:
https://patchwork.kernel.org/project/netdevbpf/patch/20230320094722.1009304-1-leon@kernel.org/
Steffen already acked on XFRM patches:
https://lore.kernel.org/netdev/ZBgjsw8exj1c46lW@gauss3.secunet.de/
https://lore.kernel.org/netdev/ZBgj07C1o39NFJW5@gauss3.secunet.de/
https://git.kernel.org/pub/scm/linux/kernel/git/mellanox/linux.git/commit/?h=ipsec-libreswan-mlx5&id=c9fa320b00cff04980b8514d497068e59a8ee131
https://git.kernel.org/pub/scm/linux/kernel/git/mellanox/linux.git/commit/?h=ipsec-libreswan-mlx5&id=e0aeb9b90acf6ee7c2d11141522ffbb5481734d3
and mlx5 ipsec is my responsibility.
So who should extra ack on this series?
Thanks
next prev parent reply other threads:[~2023-03-21 7:19 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-20 9:47 [GIT PULL] Extend packet offload to fully support libreswan Leon Romanovsky
2023-03-21 7:18 ` Leon Romanovsky [this message]
2023-03-21 19:37 ` Jakub Kicinski
2023-03-22 5:58 ` Leon Romanovsky
2023-03-23 5:10 ` patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230321071830.GN36557@unreal \
--to=leon@kernel.org \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=herbert@gondor.apana.org.au \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=paulb@nvidia.com \
--cc=raeds@nvidia.com \
--cc=saeedm@nvidia.com \
--cc=steffen.klassert@secunet.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.