On Tue, 2017-12-19 at 19:21 +0000, Ilya Lesokhin wrote: > > 1) tcp_ack() is already very expensive. > > > > I'm not sure how what we should do with that comment. We need > Some trigger to free TLS records. tcp_ack seemed like a reasonable > Trigger.
TLS records should be attached to skbs ? It seems more reasonable to free TLS when skb are freed, and not in general tcp_ack() path. > > > 2) Since you do not pass any state here, this looks very suspicious to > > me. > > > > The state we need is the acknowledged sequence and it located in the socket. > https://github.com/Mellanox/tls-offload/blob/tls_device_v3/net/tls/tls_device.c#L157 So it looks like TCP stack is bleeding all over the places ? So in the future, a change in TCP stack will have to make sure we do not break net/tls/... compilation. Not pretty.
