From mboxrd@z Thu Jan 1 00:00:00 1970 From: Boris Pismenny Subject: RE: [PATCH v3 net-next 0/6] tls: Add generic NIC offload infrastructure Date: Wed, 20 Dec 2017 08:28:03 +0000 Message-ID: References: <20171218111033.13256-1-ilyal@mellanox.com> <20171218171010.GB6823@nanopsycho> <20171219103010.GC1928@nanopsycho> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Cc: "netdev@vger.kernel.org" , "davem@davemloft.net" , "davejwatson@fb.com" , "tom@herbertland.com" , "hannes@stressinduktion.org" , Aviad Yehezkel , "Liran Liss" To: Jiri Pirko , Ilya Lesokhin Return-path: Received: from mail-eopbgr50086.outbound.protection.outlook.com ([40.107.5.86]:2513 "EHLO EUR03-VE1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S932185AbdLTI2G (ORCPT ); Wed, 20 Dec 2017 03:28:06 -0500 In-Reply-To: <20171219103010.GC1928@nanopsycho> Content-Language: en-US Sender: netdev-owner@vger.kernel.org List-ID: > Tue, Dec 19, 2017 at 01:10:10AM CET, jiri@resnulli.us wrote: >=20 > Mon, Dec 18, 2017 at 06:10:10PM CET, jiri@resnulli.us wrote: > >Mon, Dec 18, 2017 at 12:10:27PM CET, ilyal@mellanox.com wrote: > >>Changes from v2: > >>- Fix sk use after free and possible netdev use after free > >>- tls device now keeps a refernce on the offloading netdev > >>- tls device registers to the netdev notifer. > >> Upon a NETDEV_DOWN event, offload is stopped and > >> the reference on the netdev is dropped. > >>- SW fallback support for skb->ip_summed !=3D CHECKSUM_PARTIAL > >>- Merged TLS patches are no longer part of this series. > >> > >>Changes from v1: > >>- Remove the binding of the socket to a specific netdev > >> through sk->sk_bound_dev_if. > >> Add a check in validate_xmit_skb to detect route changes > >> and call SW fallback code to do the crypto in software. > >>- tls_get_record now returns the tls record sequence number. > >> This is required to support connections with rcd_sn !=3D iv. > >>- Bug fixes to the TLS code. > >> > >>This patchset adds a generic infrastructure to offload TLS crypto to a > >>network devices. > >> > >>patches 1-2 Export functions that we need patch 3 adds infrastructue > >>for offloaded socket fallback patches 4-5 add new NDOs and > >>capabilities. > >>patch 6 adds the TLS NIC offload infrastructure. > >> > >>Github with mlx5e TLS offload support: > >>https://emea01.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2F > git > >>hub.com%2FMellanox%2Ftls- > offload%2Ftree%2Ftls_device_v3&data=3D02%7C01%7 > >>Cborisp%40mellanox.com%7C5aebe81262554f40221908d546cb7c37%7Ca6 > 52971c7d > >>2e4d9ba6a4d149256f461b%7C0%7C0%7C636492762141202894&sdata=3DgYY > DEmspNfBs > >>aQhefcEojl456L9eWqZnEEI7iPCT0NA%3D&reserved=3D0 > > > >I don't get it. You are pushing infra but not the actual driver part > >who is consuming the infra? Why? >=20 > Okay. Since the driver that uses the API introduced by this patchset is > missing, this patchset should be marked as RFC. >=20 > Dave, I see that you were about to apply v2. I'm sure you missed this. > Thanks. Isn't this a chicken and egg problem, where something must come first, driver or infra. Unless we combine the infra patches with mlx5 driver code and submit both in a single pull request. Here, we assumed that the infra goes first, and we will submit the driver soon after. We could submit the driver first instead. Dave, would you prefer to get the driver patches that use this infra before the infra?