diff options
author | Jakub Kicinski <jakub.kicinski@netronome.com> | 2019-12-18 01:12:02 +0300 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2019-12-20 04:46:51 +0300 |
commit | 6a35ddc5445a8291ced6247a67977e110275acde (patch) | |
tree | b2c2051ccd1bd7c86c374db1d96ddf97ca3220bc /drivers/net/ethernet/netronome/nfp/crypto/fw.h | |
parent | 8d5a49e9e31ba1ddd34a54b2351d068a90c78707 (diff) | |
download | linux-6a35ddc5445a8291ced6247a67977e110275acde.tar.xz |
nfp: tls: implement the stream sync RX resync
The simple RX resync strategy controlled by the kernel does not
guarantee as good results as if the device helps by detecting
the potential record boundaries and keeping track of them.
We've called this strategy stream scan in the tls-offload doc.
Implement this strategy for the NFP. The device sends a request
for record boundary confirmation, which is then recorded in
per-TLS socket state and responded to once record is reached.
Because the device keeps track of records passing after the
request was sent the response is not as latency sensitive as
when kernel just tries to tell the device the information
about the next record.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'drivers/net/ethernet/netronome/nfp/crypto/fw.h')
-rw-r--r-- | drivers/net/ethernet/netronome/nfp/crypto/fw.h | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/drivers/net/ethernet/netronome/nfp/crypto/fw.h b/drivers/net/ethernet/netronome/nfp/crypto/fw.h index 67413d946c4a..8d1458896bcb 100644 --- a/drivers/net/ethernet/netronome/nfp/crypto/fw.h +++ b/drivers/net/ethernet/netronome/nfp/crypto/fw.h @@ -9,6 +9,14 @@ #define NFP_NET_CRYPTO_OP_TLS_1_2_AES_GCM_128_ENC 0 #define NFP_NET_CRYPTO_OP_TLS_1_2_AES_GCM_128_DEC 1 +struct nfp_net_tls_resync_req { + __be32 fw_handle[2]; + __be32 tcp_seq; + u8 l3_offset; + u8 l4_offset; + u8 resv[2]; +}; + struct nfp_crypto_reply_simple { struct nfp_ccm_hdr hdr; __be32 error; |