[net-next,00/13] nfp: tls: add basic TX offload

Message ID	20190605211143.29689-1-jakub.kicinski@netronome.com
Headers	show Return-Path: <netdev-owner@vger.kernel.org> From: Jakub Kicinski <jakub.kicinski@netronome.com> To: davem@davemloft.net Cc: netdev@vger.kernel.org, oss-drivers@netronome.com, alexei.starovoitov@gmail.com, Jakub Kicinski <jakub.kicinski@netronome.com> Subject: [PATCH net-next 00/13] nfp: tls: add basic TX offload Date: Wed, 5 Jun 2019 14:11:30 -0700 Message-Id: <20190605211143.29689-1-jakub.kicinski@netronome.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: netdev-owner@vger.kernel.org Precedence: bulk
Series	nfp: tls: add basic TX offload \| expand [net-next,00/13] nfp: tls: add basic TX offload [net-next,01/13] nfp: count all failed TX attempts as errors [net-next,02/13] nfp: make bar_lock a semaphore [net-next,03/13] nfp: parse the mailbox cmsg TLV [net-next,04/13] nfp: add support for sending control messages via mailbox [net-next,05/13] nfp: parse crypto opcode TLV [net-next,06/13] nfp: add tls init code [net-next,07/13] nfp: prepare for more TX metadata prepend [net-next,08/13] net/tls: split the TLS_DRIVER_STATE_SIZE and bump TX to 16 bytes [net-next,09/13] net/tls: simplify driver context retrieval [net-next,10/13] net/tls: export TLS per skb encryption [net-next,11/13] nfp: tls: add datapath support for TLS TX [net-next,12/13] nfp: tls: add/delete TLS TX connections [net-next,13/13] nfp: tls: add basic statistics

Message ID

20190605211143.29689-1-jakub.kicinski@netronome.com

Headers

From: Jakub Kicinski <jakub.kicinski@netronome.com>
To: davem@davemloft.net
Cc: netdev@vger.kernel.org, oss-drivers@netronome.com,
	alexei.starovoitov@gmail.com,
	Jakub Kicinski <jakub.kicinski@netronome.com>
Subject: [PATCH net-next 00/13] nfp: tls: add basic TX offload
Date: Wed,  5 Jun 2019 14:11:30 -0700
Message-Id: <20190605211143.29689-1-jakub.kicinski@netronome.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: netdev-owner@vger.kernel.org
Precedence: bulk

Series

nfp: tls: add basic TX offload | expand

Message

Jakub Kicinski June 5, 2019, 9:11 p.m. UTC

Hi!

This series adds initial TLS offload support to the nfp driver.
Only TX side is added for now.  We need minor adjustments to
the core tls code:
 - expose the per-skb fallback helper;
 - grow the driver context slightly;
 - add a helper to get to the driver state more easily.
We only support TX offload for now, and only if all packets
keep coming in order.  For retransmissions we use the
aforementioned software fallback, and in case there are
local drops we completely give up on given TCP stream.

This will obviously be improved soon, this patch set is the
minimal, functional yet easily reviewable chunk.

Dirk van der Merwe (3):
  net/tls: export TLS per skb encryption
  nfp: tls: add datapath support for TLS TX
  nfp: tls: add/delete TLS TX connections

Jakub Kicinski (10):
  nfp: count all failed TX attempts as errors
  nfp: make bar_lock a semaphore
  nfp: parse the mailbox cmsg TLV
  nfp: add support for sending control messages via mailbox
  nfp: parse crypto opcode TLV
  nfp: add tls init code
  nfp: prepare for more TX metadata prepend
  net/tls: split the TLS_DRIVER_STATE_SIZE and bump TX to 16 bytes
  net/tls: simplify driver context retrieval
  nfp: tls: add basic statistics

 drivers/net/ethernet/netronome/Kconfig        |   1 +
 drivers/net/ethernet/netronome/nfp/Makefile   |   6 +
 drivers/net/ethernet/netronome/nfp/ccm.c      |   3 -
 drivers/net/ethernet/netronome/nfp/ccm.h      |  48 +-
 drivers/net/ethernet/netronome/nfp/ccm_mbox.c | 591 ++++++++++++++++++
 .../ethernet/netronome/nfp/crypto/crypto.h    |  23 +
 .../net/ethernet/netronome/nfp/crypto/fw.h    |  82 +++
 .../net/ethernet/netronome/nfp/crypto/tls.c   | 429 +++++++++++++
 drivers/net/ethernet/netronome/nfp/nfp_net.h  |  48 +-
 .../ethernet/netronome/nfp/nfp_net_common.c   | 147 ++++-
 .../net/ethernet/netronome/nfp/nfp_net_ctrl.c |  15 +
 .../net/ethernet/netronome/nfp/nfp_net_ctrl.h |  21 +
 .../ethernet/netronome/nfp/nfp_net_ethtool.c  |  16 +-
 include/net/tls.h                             |  32 +-
 net/tls/tls_device_fallback.c                 |   6 +
 15 files changed, 1421 insertions(+), 47 deletions(-)
 create mode 100644 drivers/net/ethernet/netronome/nfp/ccm_mbox.c
 create mode 100644 drivers/net/ethernet/netronome/nfp/crypto/crypto.h
 create mode 100644 drivers/net/ethernet/netronome/nfp/crypto/fw.h
 create mode 100644 drivers/net/ethernet/netronome/nfp/crypto/tls.c

Comments

David Miller June 6, 2019, 9:13 p.m. UTC | #1

From: Jakub Kicinski <jakub.kicinski@netronome.com>
Date: Wed,  5 Jun 2019 14:11:30 -0700

> This series adds initial TLS offload support to the nfp driver.
> Only TX side is added for now.  We need minor adjustments to
> the core tls code:
>  - expose the per-skb fallback helper;
>  - grow the driver context slightly;
>  - add a helper to get to the driver state more easily.
> We only support TX offload for now, and only if all packets
> keep coming in order.  For retransmissions we use the
> aforementioned software fallback, and in case there are
> local drops we completely give up on given TCP stream.
> 
> This will obviously be improved soon, this patch set is the
> minimal, functional yet easily reviewable chunk.

Series applied, thanks Jakub.