net: Disable NETIF_F_HW_TLS_RX when RXCSUM is disabled

Tariq Toukan · kuba-moo · commit a3eb4e9d4c92 · 2021-01-19T15:58:05.000-08:00
With NETIF_F_HW_TLS_RX packets are decrypted in HW. This cannot be logically done when RXCSUM offload is off. Fixes: 1413656 ("net: Add TLS RX offload feature") Signed-off-by: Tariq Toukan <tariqt@nvidia.com> Reviewed-by: Boris Pismenny <borisp@nvidia.com> Link: https://lore.kernel.org/r/20210117151538.9411-1-tariqt@nvidia.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
diff --git a/Documentation/networking/tls-offload.rst b/Documentation/networking/tls-offload.rst
@@ -534,3 +534,6 @@ offload. Hence, TLS TX device feature flag requires TX csum offload being set.
 Disabling the latter implies clearing the former. Disabling TX checksum offload
 should not affect old connections, and drivers should make sure checksum
 calculation does not break for them.
+Similarly, device-offloaded TLS decryption implies doing RXCSUM. If the user
+does not want to enable RX csum offload, TLS RX device feature is disabled
+as well.
diff --git a/net/core/dev.c b/net/core/dev.c
@@ -9672,6 +9672,11 @@ static netdev_features_t netdev_fix_features(struct net_device *dev,
 		}
 	}
 
+	if ((features & NETIF_F_HW_TLS_RX) && !(features & NETIF_F_RXCSUM)) {
+		netdev_dbg(dev, "Dropping TLS RX HW offload feature since no RXCSUM feature.\n");
+		features &= ~NETIF_F_HW_TLS_RX;
+	}
+
 	return features;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -9672,6 +9672,11 @@ static netdev_features_t netdev_fix_features(struct net_device *dev,`
`9672`	`9672`	`}`
`9673`	`9673`	`}`
`9674`	`9674`
	`9675`	`+ if ((features & NETIF_F_HW_TLS_RX) && !(features & NETIF_F_RXCSUM)) {`
	`9676`	`+ netdev_dbg(dev, "Dropping TLS RX HW offload feature since no RXCSUM feature.\n");`
	`9677`	`+ features &= ~NETIF_F_HW_TLS_RX;`
	`9678`	`+ }`
	`9679`	`+`
`9675`	`9680`	`return features;`
`9676`	`9681`	`}`
`9677`	`9682`