From patchwork Mon Feb 19 08:57:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Hopps X-Patchwork-Id: 13562386 X-Patchwork-Delegate: kuba@kernel.org Received: from smtp.chopps.org (smtp.chopps.org [54.88.81.56]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 2FA9221370 for ; Mon, 19 Feb 2024 08:59:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=54.88.81.56 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708333159; cv=none; b=RbKHogbl1AeU0ViDaIKD8hWOonrQ8t/6aiLLzfYpfBjYHEof+A93f1L1txqhtzmuxF5MKDJo0tm/Gvd6G2RAW4XMzfLfzx/+rv0JzYvK1PTrMkNfM1gGKl5JsW+c4WLA5C1wSjBwsf+vTzc+xQNiXtmB769dOv7Ie9w61GoHVZA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708333159; c=relaxed/simple; bh=6FS/fbNN/tHhIDj3fH21651wxGdye8HLe5yHHALl1vo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=pSBdZEvvhBDdrV+38SN+vugT7m+xV7LY1T+D5LNZQmOKiYAB4MavNI4QA59R0Sq9o9QL13UbTbVTRElKAaLIlkXH0wKyLUxCXShtm9NoFFN13fZBMN9UzQ/xVpCYH5yDaGagR672gAe8Y4laAp+YF4R2Slq6sWf93aGbEVW0tV0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=chopps.org; spf=fail smtp.mailfrom=chopps.org; arc=none smtp.client-ip=54.88.81.56 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=chopps.org Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=chopps.org Received: from labnh.int.chopps.org (172-222-091-149.res.spectrum.com [172.222.91.149]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (Client did not present a certificate) by smtp.chopps.org (Postfix) with ESMTPSA id 562B47D119; Mon, 19 Feb 2024 08:59:17 +0000 (UTC) From: Christian Hopps To: devel@linux-ipsec.org Cc: Steffen Klassert , netdev@vger.kernel.org, Christian Hopps , Christian Hopps Subject: [PATCH ipsec-next v1 1/8] iptfs: config: add CONFIG_XFRM_IPTFS Date: Mon, 19 Feb 2024 03:57:28 -0500 Message-ID: <20240219085735.1220113-2-chopps@chopps.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240219085735.1220113-1-chopps@chopps.org> References: <20240219085735.1220113-1-chopps@chopps.org> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org From: Christian Hopps Add new Kconfig option to enable IP-TFS (RFC9347) functionality. Signed-off-by: Christian Hopps --- net/xfrm/Kconfig | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/net/xfrm/Kconfig b/net/xfrm/Kconfig index d7b16f2c23e9..f0157702718f 100644 --- a/net/xfrm/Kconfig +++ b/net/xfrm/Kconfig @@ -135,6 +135,22 @@ config NET_KEY_MIGRATE If unsure, say N. +config XFRM_IPTFS + tristate "IPsec IP-TFS/AGGFRAG (RFC 9347) encapsulation support" + depends on XFRM + help + Information on the IP-TFS/AGGFRAG encapsulation can be found + in RFC 9347. This feature supports demand driven (i.e., + non-constant send rate) IP-TFS to take advantage of the + AGGFRAG ESP payload encapsulation. This payload type + supports aggregation and fragmentation of the inner IP + packet stream which in turn yields higher small-packet + bandwidth as well as reducing MTU/PMTU issues. Congestion + control is unimplementated as the send rate is demand driven + rather than constant. + + If unsure, say N. + config XFRM_ESPINTCP bool