On Mon, Monday, December 18, 2017 9:54 PM, Marcelo Ricardo Leitner wrote: > On Mon, Dec 18, 2017 at 01:10:33PM +0200, Ilya Lesokhin wrote: > > This patch adds a generic infrastructure to offload TLS crypto to a > > network devices. It enables the kernel TLS socket to skip encryption > > and authentication operations on the transmit side of the data path. > > Leaving those computationally expensive operations to the NIC. > > I have a hard time understanding why this was named 'tls_device' if no > net_device's are registered. > I'm not quite sure what you mean by "no net_device's are registered" Presumably you mean there is no device that implements the NETIF_F_HW_TLS_TX capability yet. I'll just say that the IPSEC device offload infrastructure was also submitted https://github.com/torvalds/linux/commit/d77e38e612a017480157fe6d2c1422f42cb5b7e3 before the first implementation https://github.com/torvalds/linux/commit/bebb23e6cb02d2fc752905e39d09ff6152852c6c
And we did provide a link to an implementation https://github.com/Mellanox/tls-offload/tree/tls_device_v3 for people who want to take a look. Unfortunately it is not ready for upstream submission yet > > + percpu_down_read(&device_offload_lock); > > + netdev = get_netdev_for_sock(sk); > > + if (!netdev) { > > + pr_err("%s: netdev not found\n", __func__); > > _ratelimit? > Thanks, we will fix it in the future.
