From: Jakub Kicinski <kuba@kernel.org>
To: Tariq Toukan <tariqt@nvidia.com>
Cc: "David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Paolo Abeni <pabeni@redhat.com>,
Boris Pismenny <borisp@nvidia.com>,
John Fastabend <john.fastabend@gmail.com>,
<netdev@vger.kernel.org>, Saeed Mahameed <saeedm@nvidia.com>,
Gal Pressman <gal@nvidia.com>,
Jay Vosburgh <j.vosburgh@gmail.com>,
Veaceslav Falico <vfalico@gmail.com>,
Andy Gospodarek <andy@greyhouse.net>
Subject: Re: [PATCH net-next] bond: Disable TLS features indication
Date: Tue, 25 Oct 2022 19:57:00 -0700 [thread overview]
Message-ID: <20221025195700.43926ad9@kernel.org> (raw)
In-Reply-To: <20221025105300.4718-1-tariqt@nvidia.com>
On Tue, 25 Oct 2022 13:53:00 +0300 Tariq Toukan wrote:
> Bond agnostically interacts with TLS device-offload requests via the
> .ndo_sk_get_lower_dev operation. Return value is true iff bond
> guarantees fixed mapping between the TLS connection and a lower netdev.
>
> Due to this nature, the bond TLS device offload features are not
> explicitly controllable in the bond layer. As of today, these are
> read-only values based on the evaluation of bond_sk_check(). However,
> this indication might be incorrect and misleading, when the feature bits
> are "fixed" by some dependency features. For example,
> NETIF_F_HW_TLS_TX/RX are forcefully cleared in case the corresponding
> checksum offload is disabled. But in fact the bond ability to still
> offload TLS connections to the lower device is not hurt.
>
> This means that these bits can not be trusted, and hence better become
> unused.
>
> This patch revives some old discussion [1] and proposes a much simpler
> solution: Clear the bond's TLS features bits. Everyone should stop
> reading them.
Acked-by: Jakub Kicinski <kuba@kernel.org>
next prev parent reply other threads:[~2022-10-26 2:59 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-25 10:53 [PATCH net-next] bond: Disable TLS features indication Tariq Toukan
2022-10-26 2:57 ` Jakub Kicinski [this message]
2022-10-27 10:50 ` patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221025195700.43926ad9@kernel.org \
--to=kuba@kernel.org \
--cc=andy@greyhouse.net \
--cc=borisp@nvidia.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=gal@nvidia.com \
--cc=j.vosburgh@gmail.com \
--cc=john.fastabend@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=saeedm@nvidia.com \
--cc=tariqt@nvidia.com \
--cc=vfalico@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).