| Message ID | 20201213143929.26253-1-tariqt@nvidia.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | ae0b04b238e283cafd906cdc3489cf5dc9a825cf |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | [net,V3] net: Disable NETIF_F_HW_TLS_TX when HW_CSUM is disabled | expand |
| Context | Check | Description |
|---|---|---|
| netdev/cover_letter | success | Link |
| netdev/fixes_present | success | Link |
| netdev/patch_count | success | Link |
| netdev/tree_selection | success | Clearly marked for net |
| netdev/subject_prefix | success | Link |
| netdev/source_inline | success | Was 0 now: 0 |
| netdev/verify_signedoff | success | Link |
| netdev/module_param | success | Was 0 now: 0 |
| netdev/build_32bit | success | Errors and warnings before: 10 this patch: 10 |
| netdev/kdoc | success | Errors and warnings before: 0 this patch: 0 |
| netdev/verify_fixes | success | Link |
| netdev/checkpatch | success | total: 0 errors, 0 warnings, 0 checks, 25 lines checked |
| netdev/build_allmodconfig_warn | success | Errors and warnings before: 10 this patch: 10 |
| netdev/header_inline | success | Link |
| netdev/stable | success | Stable not CCed |
Hello: This patch was applied to netdev/net-next.git (refs/heads/master): On Sun, 13 Dec 2020 16:39:29 +0200 you wrote: > With NETIF_F_HW_TLS_TX packets are encrypted in HW. This cannot be > logically done when HW_CSUM offload is off. > > Fixes: 2342a8512a1e ("net: Add TLS TX offload features") > Signed-off-by: Tariq Toukan <tariqt@nvidia.com> > Reviewed-by: Boris Pismenny <borisp@nvidia.com> > > [...] Here is the summary with links: - [net,V3] net: Disable NETIF_F_HW_TLS_TX when HW_CSUM is disabled https://git.kernel.org/netdev/net-next/c/ae0b04b238e2 You are awesome, thank you! -- Deet-doot-dot, I am a bot. https://korg.docs.kernel.org/patchwork/pwbot.html
diff --git a/Documentation/networking/tls-offload.rst b/Documentation/networking/tls-offload.rst index 37773da2bee5..0f55c6d540f9 100644 --- a/Documentation/networking/tls-offload.rst +++ b/Documentation/networking/tls-offload.rst @@ -524,7 +524,13 @@ on TCP retransmissions to handle corner cases is not acceptable. TLS device features ------------------- -Drivers should ignore the changes to TLS the device feature flags. +Drivers should ignore the changes to the TLS device feature flags. These flags will be acted upon accordingly by the core ``ktls`` code. TLS device feature flags only control adding of new TLS connection offloads, old connections will remain active after flags are cleared. + +TLS encryption cannot be offloaded to devices without checksum calculation +offload. Hence, TLS TX device feature flag requires NETIF_F_HW_CSUM being set. +Disabling the latter implies clearing the former. Disabling TX checksum offload +should not affect old connections, and drivers should make sure checksum +calculation does not break for them. diff --git a/net/core/dev.c b/net/core/dev.c index 38412e70f761..bd06c270ad57 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -9602,6 +9602,11 @@ static netdev_features_t netdev_fix_features(struct net_device *dev, } } + if ((features & NETIF_F_HW_TLS_TX) && !(features & NETIF_F_HW_CSUM)) { + netdev_dbg(dev, "Dropping TLS TX HW offload feature since no CSUM feature.\n"); + features &= ~NETIF_F_HW_TLS_TX; + } + return features; }
With NETIF_F_HW_TLS_TX packets are encrypted in HW. This cannot be logically done when HW_CSUM offload is off. Fixes: 2342a8512a1e ("net: Add TLS TX offload features") Signed-off-by: Tariq Toukan <tariqt@nvidia.com> Reviewed-by: Boris Pismenny <borisp@nvidia.com> --- Documentation/networking/tls-offload.rst | 8 +++++++- net/core/dev.c | 5 +++++ 2 files changed, 12 insertions(+), 1 deletion(-) Hi, Please queue to -stable >= v4.18. Thanks. v3: - Describe expected behavior for already opened connections. v2: - Documented the change in tls-offload.rst.