[RFC 2.6.10 7/22] xfrm: Allow device drivers to force recalculation of offloads

From: David Dillow
Date: Thu Dec 30 2004 - 04:42:20 EST

Next message: David Dillow: "[RFC 2.6.10 6/22] xfrm: add a parameter to xfrm_prune_bundles()"
Previous message: David Dillow: "[RFC 2.6.10 8/22] skbuff: Add routines to manage applied offloads per skb"
In reply to: David Dillow: "[RFC 2.6.10 6/22] xfrm: add a parameter to xfrm_prune_bundles()"
Next in thread: David Dillow: "[RFC 2.6.10 8/22] skbuff: Add routines to manage applied offloads per skb"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

# This is a BitKeeper generated diff -Nru style patch.
#
# ChangeSet
# 2004/12/30 00:37:44-05:00 dave@xxxxxxxxxxxxxx
# Give device drivers a method to allow the use of crypto
# offload features for existing xfrm_states and bundles, as
# well as dynamically remove crypto offload capabilities.
#
# Signed-off-by: David Dillow <dave@xxxxxxxxxxxxxx>
#
# net/xfrm/xfrm_state.c
# 2004/12/30 00:37:26-05:00 dave@xxxxxxxxxxxxxx +39 -0
# When we've been informed of a new device that can offload
# xfrm crypto operations, go ahead and offload existing inbound
# xfrm_states to it.
#
# When we're removing crypto offload capabilities, remove every
# offload instance for that device.
#
# Signed-off-by: David Dillow <dave@xxxxxxxxxxxxxx>
#
# net/xfrm/xfrm_policy.c
# 2004/12/30 00:37:26-05:00 dave@xxxxxxxxxxxxxx +17 -0
# When adding/removing xfrm offload capable device, give the xfrm_state
# engine a chance to make the changes it needs, then flush any existing
# bundles that use the device so that future flows get a chance to use
# the offload features (for add), or resume using the software crypto
# routines (for remove).
#
# Signed-off-by: David Dillow <dave@xxxxxxxxxxxxxx>
#
# net/xfrm/xfrm_export.c
# 2004/12/30 00:37:26-05:00 dave@xxxxxxxxxxxxxx +2 -0
# Export the driver-visible API.
#
# Signed-off-by: David Dillow <dave@xxxxxxxxxxxxxx>
#
# include/net/xfrm.h
# 2004/12/30 00:37:26-05:00 dave@xxxxxxxxxxxxxx +4 -0
# Prototypes for the new routines.
#
# Signed-off-by: David Dillow <dave@xxxxxxxxxxxxxx>
#
diff -Nru a/include/net/xfrm.h b/include/net/xfrm.h
--- a/include/net/xfrm.h 2004-12-30 01:10:52 -05:00
+++ b/include/net/xfrm.h 2004-12-30 01:10:52 -05:00
@@ -833,6 +833,8 @@
extern struct xfrm_state *xfrm_find_acq_byseq(u32 seq);
extern void xfrm_state_delete(struct xfrm_state *x);
extern void xfrm_state_flush(u8 proto);
+extern void xfrm_state_accel_add(struct net_device *dev);
+extern void xfrm_state_accel_flush(struct net_device *dev);
extern int xfrm_replay_check(struct xfrm_state *x, u32 seq);
extern void xfrm_replay_advance(struct xfrm_state *x, u32 seq);
extern int xfrm_state_check(struct xfrm_state *x, struct sk_buff *skb);
@@ -888,6 +890,8 @@
extern int xfrm_sk_policy_insert(struct sock *sk, int dir, struct xfrm_policy *pol);
extern struct xfrm_policy *xfrm_sk_policy_lookup(struct sock *sk, int dir, struct flowi *fl);
extern int xfrm_flush_bundles(void);
+extern void xfrm_accel_add(struct net_device *dev);
+extern void xfrm_accel_flush(struct net_device *dev);

extern wait_queue_head_t km_waitq;
extern void km_state_expired(struct xfrm_state *x, int hard);
diff -Nru a/net/xfrm/xfrm_export.c b/net/xfrm/xfrm_export.c
--- a/net/xfrm/xfrm_export.c 2004-12-30 01:10:52 -05:00
+++ b/net/xfrm/xfrm_export.c 2004-12-30 01:10:52 -05:00
@@ -63,3 +63,5 @@
EXPORT_SYMBOL_GPL(skb_icv_walk);

EXPORT_SYMBOL_GPL(xfrm_state_offload_add);
+EXPORT_SYMBOL_GPL(xfrm_accel_add);
+EXPORT_SYMBOL_GPL(xfrm_accel_flush);
diff -Nru a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
--- a/net/xfrm/xfrm_policy.c 2004-12-30 01:10:52 -05:00
+++ b/net/xfrm/xfrm_policy.c 2004-12-30 01:10:52 -05:00
@@ -1121,6 +1121,23 @@
return 0;
}

+static int bundle_uses_dev(struct dst_entry *dst, void *dev)
+{
+ return (dst->dev == dev);
+}
+
+void xfrm_accel_add(struct net_device *dev)
+{
+ xfrm_state_accel_add(dev);
+ xfrm_prune_bundles(bundle_uses_dev, dev);
+}
+
+void xfrm_accel_flush(struct net_device *dev)
+{
+ xfrm_state_accel_flush(dev);
+ xfrm_prune_bundles(bundle_uses_dev, dev);
+}
+
/* Well... that's _TASK_. We need to scan through transformation
* list and figure out what mss tcp should generate in order to
* final datagram fit to mtu. Mama mia... :-)
diff -Nru a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
--- a/net/xfrm/xfrm_state.c 2004-12-30 01:10:52 -05:00
+++ b/net/xfrm/xfrm_state.c 2004-12-30 01:10:52 -05:00
@@ -998,6 +998,45 @@
xfrm_offload_release(old);
}

+static int try_new_accel(struct xfrm_state *x, int unused, void *data)
+{
+ struct net_device *dev = data;
+
+ if (x->dir == XFRM_STATE_DIR_IN)
+ dev->xfrm_state_add(dev, x);
+ return 0;
+}
+
+static int remove_stale_accel(struct xfrm_state *x, int unused, void *dev)
+{
+ struct xfrm_offload *xol, *entry = NULL;
+
+ spin_lock(&x->lock);
+ list_for_each_entry(xol, &x->offloads, bydev) {
+ if (xol->dev == dev) {
+ list_del(&xol->bydev);
+ entry = xol;
+ break;
+ }
+ }
+ spin_unlock(&x->lock);
+
+ if (entry)
+ xfrm_offload_release(entry);
+
+ return 0;
+}
+
+void xfrm_state_accel_add(struct net_device *dev)
+{
+ xfrm_state_walk(IPSEC_PROTO_ANY, try_new_accel, dev);
+}
+
+void xfrm_state_accel_flush(struct net_device *dev)
+{
+ xfrm_state_walk(IPSEC_PROTO_ANY, remove_stale_accel, dev);
+}
+
void __init xfrm_state_init(void)
{
int i;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Dillow: "[RFC 2.6.10 6/22] xfrm: add a parameter to xfrm_prune_bundles()"
Previous message: David Dillow: "[RFC 2.6.10 8/22] skbuff: Add routines to manage applied offloads per skb"
In reply to: David Dillow: "[RFC 2.6.10 6/22] xfrm: add a parameter to xfrm_prune_bundles()"
Next in thread: David Dillow: "[RFC 2.6.10 8/22] skbuff: Add routines to manage applied offloads per skb"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]