Re: [PATCH net-next] openvswitch: Pass on secpath details for internal port rx.

From: patchwork-bot+netdevbpf
Date: Tue Nov 05 2024 - 20:51:19 EST

Next message: Sean Christopherson: "[PATCH v2] KVM: x86: Unconditionally set irr_pending when updating APICv state"
Previous message: patchwork-bot+netdevbpf: "Re: [PATCH v1 0/2] Add support for Synopsis DesignWare version 3.72a"
In reply to: Eelco Chaudron: "Re: [PATCH net-next] openvswitch: Pass on secpath details for internal port rx."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello:

This patch was applied to netdev/net-next.git (main)
by Jakub Kicinski <kuba@xxxxxxxxxx>:

On Fri, 1 Nov 2024 16:47:32 -0400 you wrote:
> Clearing the secpath for internal ports will cause packet drops when
> ipsec offload or early SW ipsec decrypt are used. Systems that rely
> on these will not be able to actually pass traffic via openvswitch.
>
> There is still an open issue for a flow miss packet - this is because
> we drop the extensions during upcall and there is no facility to
> restore such data (and it is non-trivial to add such functionality
> to the upcall interface). That means that when a flow miss occurs,
> there will still be packet drops. With this patch, when a flow is
> found then traffic which has an associated xfrm extension will
> properly flow.
>
> [...]

Here is the summary with links:
- [net-next] openvswitch: Pass on secpath details for internal port rx.
https://git.kernel.org/netdev/net-next/c/7d1c2d517f50

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html

Next message: Sean Christopherson: "[PATCH v2] KVM: x86: Unconditionally set irr_pending when updating APICv state"
Previous message: patchwork-bot+netdevbpf: "Re: [PATCH v1 0/2] Add support for Synopsis DesignWare version 3.72a"
In reply to: Eelco Chaudron: "Re: [PATCH net-next] openvswitch: Pass on secpath details for internal port rx."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]