Currently when CONFIG_TLS_DEVICE is set each time kTLS
connection is opened and the offload is not successful
(either because the underlying device doesn't support
it or e.g. it's tables are full) a rate limited error
will be printed to the logs.
There is nothing wrong with failing TLS offload. SW
path will process the packets just fine, avoid the
noisy messages by demoting them from error to debug
level.
Signed-off-by: Jakub Kicinski <jakub.kicin...@netronome.com>
Reviewed-by: Reviewed-by: Simon Horman <simon.hor...@netronome.com>
---
net/tls/tls_device.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index 9f3bdbc1e593..9d67989ab7a7 100644
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -865,8 +865,8 @@ int tls_set_device_offload_rx(struct sock *sk, struct
tls_context *ctx)
}
if (!(netdev->features & NETIF_F_HW_TLS_RX)) {
- pr_err_ratelimited("%s: netdev %s with no TLS offload\n",
- __func__, netdev->name);
+ pr_debug_ratelimited("%s: netdev %s with no TLS offload\n",
+ __func__, netdev->name);
rc = -ENOTSUPP;
goto release_netdev;
}
@@ -895,8 +895,8 @@ int tls_set_device_offload_rx(struct sock *sk, struct
tls_context *ctx)
&ctx->crypto_recv.info,
tcp_sk(sk)->copied_seq);
if (rc) {
- pr_err_ratelimited("%s: The netdev has refused to offload this
socket\n",
- __func__);
+ pr_debug_ratelimited("%s: The netdev has refused to offload
this socket\n",
+ __func__);
goto free_sw_resources;
}
--
2.21.0
