From: Jakub Kicinski <kuba@kernel.org>
To: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
Cc: "Daniel Zahka" <daniel.zahka@gmail.com>,
"Donald Hunter" <donald.hunter@gmail.com>,
"David S. Miller" <davem@davemloft.net>,
"Eric Dumazet" <edumazet@google.com>,
"Paolo Abeni" <pabeni@redhat.com>,
"Simon Horman" <horms@kernel.org>,
"Jonathan Corbet" <corbet@lwn.net>,
"Andrew Lunn" <andrew+netdev@lunn.ch>,
"Saeed Mahameed" <saeedm@nvidia.com>,
"Leon Romanovsky" <leon@kernel.org>,
"Tariq Toukan" <tariqt@nvidia.com>,
"Boris Pismenny" <borisp@nvidia.com>,
"Kuniyuki Iwashima" <kuniyu@google.com>,
"Willem de Bruijn" <willemb@google.com>,
"David Ahern" <dsahern@kernel.org>,
"Neal Cardwell" <ncardwell@google.com>,
"Patrisious Haddad" <phaddad@nvidia.com>,
"Raed Salem" <raeds@nvidia.com>,
"Jianbo Liu" <jianbol@nvidia.com>,
"Dragos Tatulea" <dtatulea@nvidia.com>,
"Rahul Rameshbabu" <rrameshbabu@nvidia.com>,
"Stanislav Fomichev" <sdf@fomichev.me>,
"Toke Høiland-Jørgensen" <toke@redhat.com>,
"Alexander Lobakin" <aleksander.lobakin@intel.com>,
"Jacob Keller" <jacob.e.keller@intel.com>,
netdev@vger.kernel.org
Subject: Re: [PATCH v2 04/17] tcp: add datapath logic for PSP with inline key exchange
Date: Thu, 26 Jun 2025 07:07:59 -0700 [thread overview]
Message-ID: <20250626070759.08d41566@kernel.org> (raw)
In-Reply-To: <685c8ef72e61f_2a5da429434@willemb.c.googlers.com.notmuch>
On Wed, 25 Jun 2025 20:06:15 -0400 Willem de Bruijn wrote:
> > @@ -2068,7 +2074,8 @@ bool tcp_add_backlog(struct sock *sk, struct sk_buff *skb,
> > (TCPHDR_ECE | TCPHDR_CWR | TCPHDR_AE)) ||
> > !tcp_skb_can_collapse_rx(tail, skb) ||
> > thtail->doff != th->doff ||
> > - memcmp(thtail + 1, th + 1, hdrlen - sizeof(*th)))
> > + memcmp(thtail + 1, th + 1, hdrlen - sizeof(*th)) ||
> > + psp_skb_coalesce_diff(tail, skb))
> > goto no_coalesce;
>
> Since this is a "can these skbs be coalesced" condition check, move it
> inside tcp_skb_can_collapse_rx?
I think the idea was that once the packet is added to the socket rcv
queue we don't really care what exact PSP state it had. I must had
matched what the socket wanted if it got in. The decrypted bit is all
we care about. But packets in the backlog are not fully validated, yet,
so we need an exact comparison.
next prev parent reply other threads:[~2025-06-26 14:08 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-25 13:51 [PATCH v2 00/17] add basic PSP encryption for TCP connections Daniel Zahka
2025-06-25 13:51 ` [PATCH v2 01/17] psp: add documentation Daniel Zahka
2025-06-25 23:42 ` Willem de Bruijn
2025-06-26 11:55 ` Daniel Zahka
2025-06-26 13:49 ` Jakub Kicinski
2025-06-26 13:58 ` Willem de Bruijn
2025-06-25 13:51 ` [PATCH v2 02/17] psp: base PSP device support Daniel Zahka
2025-06-25 23:55 ` Willem de Bruijn
2025-06-26 14:00 ` Jakub Kicinski
2025-06-26 14:25 ` Willem de Bruijn
2025-06-26 15:11 ` Jakub Kicinski
2025-06-26 17:20 ` Willem de Bruijn
2025-06-26 23:57 ` Jakub Kicinski
2025-06-27 16:10 ` Willem de Bruijn
2025-06-25 13:51 ` [PATCH v2 03/17] net: modify core data structures for PSP datapath support Daniel Zahka
2025-06-25 13:51 ` [PATCH v2 04/17] tcp: add datapath logic for PSP with inline key exchange Daniel Zahka
2025-06-26 0:06 ` Willem de Bruijn
2025-06-26 14:07 ` Jakub Kicinski [this message]
2025-06-25 13:51 ` [PATCH v2 05/17] psp: add op for rotation of device key Daniel Zahka
2025-06-25 13:51 ` [PATCH v2 06/17] net: move sk_validate_xmit_skb() to net/core/dev.c Daniel Zahka
2025-06-25 13:51 ` [PATCH v2 07/17] net: tcp: allow tcp_timewait_sock to validate skbs before handing to device Daniel Zahka
2025-06-26 0:02 ` Willem de Bruijn
2025-06-25 13:51 ` [PATCH v2 08/17] net: psp: add socket security association code Daniel Zahka
2025-06-25 22:18 ` Jakub Kicinski
2025-06-25 23:01 ` Daniel Zahka
2025-06-26 2:09 ` Willem de Bruijn
2025-06-26 2:12 ` Willem de Bruijn
2025-06-26 12:37 ` Daniel Zahka
2025-06-26 3:31 ` Eric Dumazet
2025-06-25 13:51 ` [PATCH v2 09/17] net: psp: update the TCP MSS to reflect PSP packet overhead Daniel Zahka
2025-06-25 13:52 ` [PATCH v2 10/17] psp: track generations of device key Daniel Zahka
2025-06-26 0:20 ` Willem de Bruijn
2025-06-26 12:19 ` Daniel Zahka
2025-06-26 14:02 ` Willem de Bruijn
2025-06-25 13:52 ` [PATCH v2 11/17] net/mlx5e: Support PSP offload functionality Daniel Zahka
2025-06-25 13:52 ` [PATCH v2 12/17] net/mlx5e: Implement PSP operations .assoc_add and .assoc_del Daniel Zahka
2025-06-25 13:52 ` [PATCH v2 13/17] net/mlx5e: Implement PSP Tx data path Daniel Zahka
2025-06-26 1:54 ` Willem de Bruijn
2025-06-25 13:52 ` [PATCH v2 14/17] net/mlx5e: Add PSP steering in local NIC RX Daniel Zahka
2025-06-25 13:52 ` [PATCH v2 15/17] net/mlx5e: Configure PSP Rx flow steering rules Daniel Zahka
2025-06-25 13:52 ` [PATCH v2 16/17] net/mlx5e: Add Rx data path offload Daniel Zahka
2025-06-25 13:52 ` [PATCH v2 17/17] net/mlx5e: Implement PSP key_rotate operation Daniel Zahka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250626070759.08d41566@kernel.org \
--to=kuba@kernel.org \
--cc=aleksander.lobakin@intel.com \
--cc=andrew+netdev@lunn.ch \
--cc=borisp@nvidia.com \
--cc=corbet@lwn.net \
--cc=daniel.zahka@gmail.com \
--cc=davem@davemloft.net \
--cc=donald.hunter@gmail.com \
--cc=dsahern@kernel.org \
--cc=dtatulea@nvidia.com \
--cc=edumazet@google.com \
--cc=horms@kernel.org \
--cc=jacob.e.keller@intel.com \
--cc=jianbol@nvidia.com \
--cc=kuniyu@google.com \
--cc=leon@kernel.org \
--cc=ncardwell@google.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=phaddad@nvidia.com \
--cc=raeds@nvidia.com \
--cc=rrameshbabu@nvidia.com \
--cc=saeedm@nvidia.com \
--cc=sdf@fomichev.me \
--cc=tariqt@nvidia.com \
--cc=toke@redhat.com \
--cc=willemb@google.com \
--cc=willemdebruijn.kernel@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.