On Tue, Dec 19, 2017 at 03:38:16PM +0000, Ilya Lesokhin wrote:
> Tuesday, December 19, 2017 5:12 PM, Marcelo Ricardo Leitner wrote:
>
> > > I'm not quite sure what you mean by "no net_device's are registered"
> > > Presumably you mean there is no device that implements the
> > > NETIF_F_HW_TLS_TX capability yet.
> >
> > Not really. Let me try again. This patchset is using the expression
> > "tls_device".
> > When I read that, I expect a new interface type, like a tunnel, that would
> > be
> > created on top of another interface that has the offloading capability.
> > That's
> > why I'm confused. IMHO "tls_offload" is a better fit. Makes sense?
> >
>
> We don't expose a new interface. An existing netdev does the offload.
>
> The xfrm layer also calls the offload layer xfrm_device and It also doesn't
> need to
> add another interface to offload ipsec to a netdev.
Hm right, there is xfrm_dev_init() and others, but there is also
XFRM_OFFLOAD as the config define and not XFRM_DEVICE.
>
> I thought about calling it tls_hw or tls_hw_offload.
> The problem is that the important distinction here is that the
> offload is done by a netdev.
> tls_sw can also use hw offload if you have the required
> memory to memory crypto engine and crypto_alloc_aead("gcm(aes)", 0, 0);
> decides on using it.
Now I can see the confusion in both ways, thanks.
And now I don't have a preference either.
Marcelo
