On 11/4/2020 11:25 PM, Jakub Kicinski wrote:
On Wed, 4 Nov 2020 12:21:41 +0200 Tariq Toukan wrote:
With NETIF_F_HW_TLS_TX packets are encrypted in HW. This cannot be
logically done when HW_CSUM offload is off.
Right. Do you expect drivers to nack clearing NETIF_F_HW_TLS_TX when
there are active connections, then? I don't think NFP does. We either
gotta return -EBUSY when there are offloaded connections, or at least
clearly document the expected behavior.
As I see from code, today drivers and TLS stack allow clearing
NETIF_F_HW_TLS_TX without doing anything to change behavior in existing
sockets, so they continue to do HW offload. Only new sockets will be
affected.
I think the same behavior should apply when NETIF_F_HW_TLS_TX is cleared
implicitly (due to clearing HW_CSUM).
If the existing behavior is not expected, and we should force fallback
to SW kTLS for existing sockets, then I think this should be fixed
independently to this patch, as it introduces no new regression.
What do you think?
Fixes: 2342a8512a1e ("net: Add TLS TX offload features")
Signed-off-by: Tariq Toukan <tar...@nvidia.com>
Reviewed-by: Boris Pismenny <bor...@nvidia.com>
diff --git a/net/core/dev.c b/net/core/dev.c
index 82dc6b48e45f..5f72ea17d3f7 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -9588,6 +9588,11 @@ static netdev_features_t netdev_fix_features(struct
net_device *dev,
}
}
+ if ((features & NETIF_F_HW_TLS_TX) && !(features & NETIF_F_HW_CSUM)) {
+ netdev_dbg(dev, "Dropping TLS TX HW offload feature since no CSUM
feature.\n");
+ features &= ~NETIF_F_HW_TLS_TX;
+ }
