www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Steffen Klassert <steffen.klassert@secunet.com>
	Sat, 13 Jul 2024 09:14:04 +0000 (11:14 +0200)
committer	Steffen Klassert <steffen.klassert@secunet.com>
	Sat, 13 Jul 2024 09:14:04 +0000 (11:14 +0200)
commit	d5b60c6517d227b044674718a993caae19080f7b
tree	4ea6ca4711e34aa7695c69e4c020c5f9ec8deae0	tree
parent	f531d13bdfe3f4f084aaa8acae2cb0f02295f5ae	commit \| diff
parent	447bc4b1906f100e65c662528b7ae4e1dc2e9b80	commit \| diff

Merge  branch 'Support IPsec crypto offload for IPv6 ESP and IPv4 UDP-encapsulated ESP data paths'

Mike Yu says:

====================
Currently, IPsec crypto offload is enabled for GRO code path. However, there
are other code paths where the XFRM stack is involved; for example, IPv6 ESP
packets handled by xfrm6_esp_rcv() in ESP layer, and IPv4 UDP-encapsulated
ESP packets handled by udp_rcv() in UDP layer.

This patchset extends the crypto offload support to cover these two cases.
This is useful for devices with traffic accounting (e.g., Android), where GRO
can lead to inaccurate accounting on the underlying network. For example, VPN
traffic might not be counted on the wifi network interface wlan0 if the packets
are handled in GRO code path before entering the network stack for accounting.

Below is the RX data path scenario the crypto offload can be applied to.

  +-----------+   +-------+
  | HW Driver |-->| wlan0 |--------+
  +-----------+   +-------+        |
                                   v
                             +---------------+   +------+
                     +------>| Network Stack |-->| Apps |
                     |       +---------------+   +------+
                     |             |
                     |             v
                 +--------+   +------------+
                 | ipsec1 |<--| XFRM Stack |
                 +--------+   +------------+
====================

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>