Merge branch 'net-atlantic-MACSec-support-for-AQC-devices'
Igor Russkikh says:
====================
net: atlantic: MACSec support for AQC devices
This patchset introduces MACSec HW offloading support in
Marvell(Aquantia) AQC atlantic driver.
This implementation is a joint effort of Marvell developers on top of
the work started by Antoine Tenart.
v2:
* clean up the generated code (removed useless bit operations);
* use WARN_ONCE to avoid log spam;
* use put_unaligned_be64;
* removed trailing \0 and length limit for format strings;
v1: https://patchwork.ozlabs.org/cover/
1259998/
RFC v2: https://patchwork.ozlabs.org/cover/
1252204/
RFC v1: https://patchwork.ozlabs.org/cover/
1238082/
Several patches introduce backward-incompatible changes and are
subject for discussion/drop:
1) patch 0007:
multicast/broadcast when offloading is needed to handle ARP requests,
because they have broadcast destination address;
With this patch we also match and encrypt/decrypt packets between macsec
hw and realdev based on device's mac address.
This can potentially be used to support multiple macsec offloaded
interfaces on top of one realdev.
However in some environments this could lead to problems, e.g. the
'bridge over macsec' configuration will expect the packets with unknown
src MAC should come through macsec.
The patch is questionable, we've used it because our current hw setup
and requirements both assume that the decryption is done based on mac
address match only.
This could be changed by encrypting/decripting all the traffic (except
control).
2) patch 0009:
real_dev features are now propagated to macsec device (when HW
offloading is enabled), otherwise feature set might lead to HW
reconfiguration during MACSec configuration.
Also, HW offloaded macsec should be able to keep LRO LSO features,
since they are transparent for macsec engine (at least in our hardware).
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
projects / linux-2.6-microblaze.git / commit