From: Tariq Toukan <tariqt@nvidia.com>
To: "David S. Miller" <davem@davemloft.net>,
Jakub Kicinski <kuba@kernel.org>
Cc: netdev@vger.kernel.org, Saeed Mahameed <saeedm@nvidia.com>,
Moshe Shemesh <moshe@nvidia.com>,
Boris Pismenny <borisp@nvidia.com>,
Tariq Toukan <ttoukan.linux@gmail.com>,
Tariq Toukan <tariqt@nvidia.com>
Subject: [PATCH net V3] net: Disable NETIF_F_HW_TLS_TX when HW_CSUM is disabled
Date: Sun, 13 Dec 2020 16:39:29 +0200 [thread overview]
Message-ID: <20201213143929.26253-1-tariqt@nvidia.com> (raw)
With NETIF_F_HW_TLS_TX packets are encrypted in HW. This cannot be
logically done when HW_CSUM offload is off.
Fixes: 2342a8512a1e ("net: Add TLS TX offload features")
Signed-off-by: Tariq Toukan <tariqt@nvidia.com>
Reviewed-by: Boris Pismenny <borisp@nvidia.com>
---
Documentation/networking/tls-offload.rst | 8 +++++++-
net/core/dev.c | 5 +++++
2 files changed, 12 insertions(+), 1 deletion(-)
Hi,
Please queue to -stable >= v4.18.
Thanks.
v3:
- Describe expected behavior for already opened connections.
v2:
- Documented the change in tls-offload.rst.
diff --git a/Documentation/networking/tls-offload.rst b/Documentation/networking/tls-offload.rst
index 37773da2bee5..0f55c6d540f9 100644
--- a/Documentation/networking/tls-offload.rst
+++ b/Documentation/networking/tls-offload.rst
@@ -524,7 +524,13 @@ on TCP retransmissions to handle corner cases is not acceptable.
TLS device features
-------------------
-Drivers should ignore the changes to TLS the device feature flags.
+Drivers should ignore the changes to the TLS device feature flags.
These flags will be acted upon accordingly by the core ``ktls`` code.
TLS device feature flags only control adding of new TLS connection
offloads, old connections will remain active after flags are cleared.
+
+TLS encryption cannot be offloaded to devices without checksum calculation
+offload. Hence, TLS TX device feature flag requires NETIF_F_HW_CSUM being set.
+Disabling the latter implies clearing the former. Disabling TX checksum offload
+should not affect old connections, and drivers should make sure checksum
+calculation does not break for them.
diff --git a/net/core/dev.c b/net/core/dev.c
index 38412e70f761..bd06c270ad57 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -9602,6 +9602,11 @@ static netdev_features_t netdev_fix_features(struct net_device *dev,
}
}
+ if ((features & NETIF_F_HW_TLS_TX) && !(features & NETIF_F_HW_CSUM)) {
+ netdev_dbg(dev, "Dropping TLS TX HW offload feature since no CSUM feature.\n");
+ features &= ~NETIF_F_HW_TLS_TX;
+ }
+
return features;
}
--
2.21.0
next reply other threads:[~2020-12-13 14:41 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-13 14:39 Tariq Toukan [this message]
2020-12-15 3:40 ` [PATCH net V3] net: Disable NETIF_F_HW_TLS_TX when HW_CSUM is disabled patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201213143929.26253-1-tariqt@nvidia.com \
--to=tariqt@nvidia.com \
--cc=borisp@nvidia.com \
--cc=davem@davemloft.net \
--cc=kuba@kernel.org \
--cc=moshe@nvidia.com \
--cc=netdev@vger.kernel.org \
--cc=saeedm@nvidia.com \
--cc=ttoukan.linux@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.