公开(公告)号：US20180159860A1

公开(公告)日：2018-06-07

申请号：US15888498

申请日：2018-02-05

Applicant: Solarflare Communications, Inc.

Inventor： Steven Leslie Pope ,  David James Riddoch ,  Ching Yu ,  Derek Edward Roberts

IPC: H04L29/06 ,  H04L12/861 ,  H04L12/863 ,  H04L12/879

CPC classification number: H04L63/10 ,  H04L47/50 ,  H04L49/90 ,  H04L49/901 ,  H04L49/9031 ,  H04L49/9063

Abstract: Roughly described, a network interface device receiving data packets from a computing device for transmission onto a network, the data packets having a certain characteristic, transmits the packet only if the sending queue has authority to send packets having that characteristic. The data packet characteristics can include transport protocol number, source and destination port numbers, source and destination IP addresses, for example. Authorizations can be programmed into the NIC by a kernel routine upon establishment of the transmit queue, based on the privilege level of the process for which the queue is being established. In this way, a user process can use an untrusted user-level protocol stack to initiate data transmission onto the network, while the NIC protects the remainder of the system or network from certain kinds of compromise.

公开(公告)号：US09912665B2

公开(公告)日：2018-03-06

申请号：US13765579

申请日：2013-02-12

Applicant: SOLARFLARE COMMUNICATIONS, INC.

Inventor： Steve L. Pope ,  David J. Riddoch ,  Ching Yu ,  Derek Roberts

IPC: G06F15/16 ,  H04L29/06 ,  H04L12/861 ,  H04L12/879 ,  H04L12/863

CPC classification number: H04L63/10 ,  H04L47/50 ,  H04L49/90 ,  H04L49/901 ,  H04L49/9031 ,  H04L49/9063

Abstract: Roughly described, a network interface device receiving data packets from a computing device for transmission onto a network, the data packets having a certain characteristic, transmits the packet only if the sending queue has authority to send packets having that characteristic. The data packet characteristics can include transport protocol number, source and destination port numbers, source and destination IP addresses, for example. Authorizations can be programmed into the NIC by a kernel routine upon establishment of the transmit queue, based on the privilege level of the process for which the queue is being established. In this way, a user process can use an untrusted user-level protocol stack to initiate data transmission onto the network, while the NIC protects the remainder of the system or network from certain kinds of compromise.

公开(公告)号：US09594842B2

公开(公告)日：2017-03-14

申请号：US14611105

申请日：2015-01-30

Applicant: SOLARFLARE COMMUNICATIONS, INC.

Inventor： Steven L. Pope ,  Derek Roberts ,  David J. Riddoch ,  Ching Yu ,  John Mingyung Chiang ,  Der-Ren Chu

IPC: G06F17/30 ,  H04L12/747 ,  H04L12/741 ,  H04L12/861 ,  H04L29/06 ,  H04L29/08 ,  H04L12/851 ,  H04L12/863

CPC classification number: G06F17/30867 ,  G06F17/30864 ,  H04L45/742 ,  H04L45/745 ,  H04L47/2441 ,  H04L47/621 ,  H04L49/90 ,  H04L67/10 ,  H04L69/16 ,  H04L69/161 ,  H04L69/162 ,  H04L69/163 ,  H04L69/164 ,  H04L69/22 ,  Y10S707/922

Abstract: Roughly described, a network interface device is assigned a maximum extent-of-search. A hash function is applied to the header information of each incoming packet, to generate a hash code for the packet. The hash code designates a particular subset of the table within which the particular header information should be found, and an iterative search is made within that subset. If the search locates a matching entry before the search limit is exceeded, then the incoming data packet is delivered to the receive queue identified in the matching entry. But if the search reaches the search limit before a matching entry is located, then device delivers the packet to a default queue, such as a kernel queue, in the host computer system. The kernel is then responsible for delivering the packet to the correct endpoint.

Abstract translation: 大致描述了网络接口设备被分配最大的搜索范围。 散列函数被应用于每个输入分组的报头信息，以产生分组的哈希码。 哈希代码指定在其中应当找到特定头部信息的表的特定子集，并且在该子集内进行迭代搜索。 如果搜索在超出搜索限制之前找到匹配的条目，则传入数据包将被传递到匹配条目中标识的接收队列。 但是，如果在找到匹配的条目之前搜索达到搜索限制，则设备会将数据包传递到主机系统中的默认队列（如内核队列）。 然后，内核负责将数据包传递到正确的端点。