On Tue, Jun 06, 2017 at 03:01:51PM -0400, David Miller wrote: > From: Alexei Starovoitov <alexei.starovoi...@gmail.com> > Date: Tue, 6 Jun 2017 11:55:33 -0700 > > > If in the future mlx will make it into the nic in a way that > > encryption shares all memory management logic and there is no fpga > > at all then it indeed will be similar to tc offload. Right now it's > > not and needs different sw architecture. > > If the visible effect is identical, I fundamentally disagree with you. > > I don't care if there is a frog sitting on the PHY that transforms > the packets, it's all the same if the visible behavior is identical.
that frog is a good example why we disagree. I need to check the pulse of that frog and last time it ate. In production I cannot have magical creatures do stuff for me. I need to monitor all components, debug and mitigate the issues. If encryption is done by the nic, I get all the monitoring and debugging as part of the standard tools. When it's a frog hidden by the nic, I cannot do much when the fire erupts, hence frog and production environment don't mix. To move things forward... how about marking the whole thing CONFIG_EXPERIMENTAL instead of revert? Right now it's effectively non-production==experimental code and I want to make it clear.
