On Sun, 15 Nov 2020 15:42:49 +0200 Tariq Toukan wrote: > This series opens TLS TX HW offload for bond interfaces. > This allows bond interfaces to benefit from capable slave devices. > > The first patch adds real_dev field in TLS context structure, and aligns > usages in TLS module and supporting drivers. > The second patch opens the offload for bond interfaces. > > For the configuration above, SW kTLS keeps picking the same slave > To keep simple track of the HW and SW TLS contexts, we bind each socket to > a specific slave for the socket's whole lifetime. This is logically valid > (and similar to the SW kTLS behavior) in the following bond configuration, > so we restrict the offload support to it: > > ((mode == balance-xor) or (mode == 802.3ad)) > and xmit_hash_policy == layer3+4.
This does not feel extremely clean, maybe you can convince me otherwise. Can we extend netdev_get_xmit_slave() and figure out the output dev (and if it's "stable") in a more generic way? And just feed that dev into TLS handling? All non-crypto upper SW devs should be safe to cross with .decrypted = 1 skbs, right?
