From: Tariq Toukan <ttoukan.linux@gmail.com>
To: Jakub Kicinski <kuba@kernel.org>, Tariq Toukan <tariqt@nvidia.com>
Cc: "David S. Miller" <davem@davemloft.net>,
Boris Pismenny <borisp@nvidia.com>,
netdev@vger.kernel.org, Moshe Shemesh <moshe@nvidia.com>,
Jay Vosburgh <j.vosburgh@gmail.com>,
Veaceslav Falico <vfalico@gmail.com>,
Andy Gospodarek <andy@greyhouse.net>,
John Fastabend <john.fastabend@gmail.com>,
Daniel Borkmann <daniel@iogearbox.net>,
Jarod Wilson <jarod@redhat.com>, Ivan Vecera <ivecera@redhat.com>
Subject: Re: [PATCH net-next V2 5/8] net/bonding: Implement TLS TX device offload
Date: Sun, 17 Jan 2021 13:04:41 +0200 [thread overview]
Message-ID: <b096ce67-f777-576e-4be5-840fb37101dc@gmail.com> (raw)
In-Reply-To: <20210116185425.17636415@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com>
On 1/17/2021 4:54 AM, Jakub Kicinski wrote:
> On Thu, 14 Jan 2021 20:01:32 +0200 Tariq Toukan wrote:
>> As the bond interface is being bypassed by the TLS module, interacting
>> directly against the slaves, there is no way for the bond interface to
>> disable its device offload capabilities, as long as the mode/policy
>> config allows it.
>> Hence, the feature flag is not directly controllable, but just reflects
>> the current offload status based on the logic under bond_sk_check().
>
> In that case why set it in ->hw_features ?
> IIRC features set only in ->features but not ->hw_features show up to
> userspace as "fixed" which I gather is what we want here, no?
>
On one hand, by showing "off [Fixed]" we might hide the fact that bond
driver now does support the TLS offload feature, you simply need to
choose the proper mode/xmit_policy.
On the other hand, as the feature flag toggling has totally no impact, I
don't see a point in opening it for toggling.
So yeah, I'll fix.
>> +#if IS_ENABLED(CONFIG_TLS_DEVICE)
>> + bond_dev->hw_features |= BOND_TLS_FEATURES;
>> + if (bond_sk_check(bond))
>> + bond_dev->features |= BOND_TLS_FEATURES;
>> +#endif
next prev parent reply other threads:[~2021-01-17 11:05 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-14 18:01 [PATCH net-next V2 0/8] TLS device offload for Bond Tariq Toukan
2021-01-14 18:01 ` [PATCH net-next V2 1/8] net: netdevice: Add operation ndo_sk_get_slave Tariq Toukan
2021-01-17 2:51 ` Jakub Kicinski
2021-01-17 10:55 ` Tariq Toukan
2021-01-14 18:01 ` [PATCH net-next V2 2/8] net/bonding: Take IP hash logic into a helper Tariq Toukan
2021-01-14 18:01 ` [PATCH net-next V2 3/8] net/bonding: Implement ndo_sk_get_slave Tariq Toukan
2021-01-14 18:01 ` [PATCH net-next V2 4/8] net/bonding: Take update_features call out of XFRM funciton Tariq Toukan
2021-01-14 18:01 ` [PATCH net-next V2 5/8] net/bonding: Implement TLS TX device offload Tariq Toukan
2021-01-17 2:54 ` Jakub Kicinski
2021-01-17 11:04 ` Tariq Toukan [this message]
2021-01-14 18:01 ` [PATCH net-next V2 6/8] net/bonding: Declare TLS RX device offload support Tariq Toukan
2021-01-14 18:01 ` [PATCH net-next V2 7/8] net/tls: Device offload to use lowest netdevice in chain Tariq Toukan
2021-01-14 18:01 ` [PATCH net-next V2 8/8] net/tls: Except bond interface from some TLS checks Tariq Toukan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b096ce67-f777-576e-4be5-840fb37101dc@gmail.com \
--to=ttoukan.linux@gmail.com \
--cc=andy@greyhouse.net \
--cc=borisp@nvidia.com \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=ivecera@redhat.com \
--cc=j.vosburgh@gmail.com \
--cc=jarod@redhat.com \
--cc=john.fastabend@gmail.com \
--cc=kuba@kernel.org \
--cc=moshe@nvidia.com \
--cc=netdev@vger.kernel.org \
--cc=tariqt@nvidia.com \
--cc=vfalico@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).