diff mbox series

[net] net: Disable NETIF_F_HW_TLS_RX when RXCSUM is disabled

Message ID 20210117151538.9411-1-tariqt@nvidia.com (mailing list archive)
State Accepted
Delegated to: Netdev Maintainers
Headers show
Series [net] net: Disable NETIF_F_HW_TLS_RX when RXCSUM is disabled | expand

Checks

Context Check Description
netdev/cover_letter success Link
netdev/fixes_present success Link
netdev/patch_count success Link
netdev/tree_selection success Clearly marked for net
netdev/subject_prefix success Link
netdev/cc_maintainers warning 11 maintainers not CCed: andriin@fb.com ilyal@mellanox.com ap420073@gmail.com ast@kernel.org corbet@lwn.net xiyou.wangcong@gmail.com linux-doc@vger.kernel.org bjorn@kernel.org daniel@iogearbox.net jiri@mellanox.com edumazet@google.com
netdev/source_inline success Was 0 now: 0
netdev/verify_signedoff success Link
netdev/module_param success Was 0 now: 0
netdev/build_32bit success Errors and warnings before: 10 this patch: 10
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/verify_fixes success Link
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 17 lines checked
netdev/build_allmodconfig_warn success Errors and warnings before: 10 this patch: 10
netdev/header_inline success Link
netdev/stable success Stable not CCed

Commit Message

Tariq Toukan Jan. 17, 2021, 3:15 p.m. UTC 
With NETIF_F_HW_TLS_RX packets are decrypted in HW. This cannot be
logically done when RXCSUM offload is off.

Fixes: 14136564c8ee ("net: Add TLS RX offload feature")
Signed-off-by: Tariq Toukan <tariqt@nvidia.com>
Reviewed-by: Boris Pismenny <borisp@nvidia.com>
---
 Documentation/networking/tls-offload.rst | 3 +++
 net/core/dev.c                           | 5 +++++
 2 files changed, 8 insertions(+)

Hi,

Please queue to -stable >= v4.19.

Thanks,
Tariq

Comments

Jakub Kicinski Jan. 20, 2021, midnight UTC | #1 
On Sun, 17 Jan 2021 17:15:38 +0200 Tariq Toukan wrote:
> With NETIF_F_HW_TLS_RX packets are decrypted in HW. This cannot be
> logically done when RXCSUM offload is off.
> 
> Fixes: 14136564c8ee ("net: Add TLS RX offload feature")
> Signed-off-by: Tariq Toukan <tariqt@nvidia.com>
> Reviewed-by: Boris Pismenny <borisp@nvidia.com>

Applied, but it's not 100% equivalent to Tx. For Rx we _can_
efficiently fall back to SW.
diff mbox series

Patch

diff --git a/Documentation/networking/tls-offload.rst b/Documentation/networking/tls-offload.rst
index 9af3334d9ad0..5f0dea3d571e 100644
--- a/Documentation/networking/tls-offload.rst
+++ b/Documentation/networking/tls-offload.rst
@@ -534,3 +534,6 @@  offload. Hence, TLS TX device feature flag requires TX csum offload being set.
 Disabling the latter implies clearing the former. Disabling TX checksum offload
 should not affect old connections, and drivers should make sure checksum
 calculation does not break for them.
+Similarly, device-offloaded TLS decryption implies doing RXCSUM. If the user
+does not want to enable RX csum offload, TLS RX device feature is disabled
+as well.
diff --git a/net/core/dev.c b/net/core/dev.c
index c360bb5367e2..a979b86dbacd 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -9672,6 +9672,11 @@  static netdev_features_t netdev_fix_features(struct net_device *dev,
 		}
 	}
 
+	if ((features & NETIF_F_HW_TLS_RX) && !(features & NETIF_F_RXCSUM)) {
+		netdev_dbg(dev, "Dropping TLS RX HW offload feature since no RXCSUM feature.\n");
+		features &= ~NETIF_F_HW_TLS_RX;
+	}
+
 	return features;
 }