lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 25 Oct 2022 19:57:00 -0700 From: Jakub Kicinski <kuba@...nel.org> To: Tariq Toukan <tariqt@...dia.com> Cc: "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Paolo Abeni <pabeni@...hat.com>, Boris Pismenny <borisp@...dia.com>, John Fastabend <john.fastabend@...il.com>, <netdev@...r.kernel.org>, Saeed Mahameed <saeedm@...dia.com>, Gal Pressman <gal@...dia.com>, Jay Vosburgh <j.vosburgh@...il.com>, Veaceslav Falico <vfalico@...il.com>, Andy Gospodarek <andy@...yhouse.net> Subject: Re: [PATCH net-next] bond: Disable TLS features indication On Tue, 25 Oct 2022 13:53:00 +0300 Tariq Toukan wrote: > Bond agnostically interacts with TLS device-offload requests via the > .ndo_sk_get_lower_dev operation. Return value is true iff bond > guarantees fixed mapping between the TLS connection and a lower netdev. > > Due to this nature, the bond TLS device offload features are not > explicitly controllable in the bond layer. As of today, these are > read-only values based on the evaluation of bond_sk_check(). However, > this indication might be incorrect and misleading, when the feature bits > are "fixed" by some dependency features. For example, > NETIF_F_HW_TLS_TX/RX are forcefully cleared in case the corresponding > checksum offload is disabled. But in fact the bond ability to still > offload TLS connections to the lower device is not hurt. > > This means that these bits can not be trusted, and hence better become > unused. > > This patch revives some old discussion [1] and proposes a much simpler > solution: Clear the bond's TLS features bits. Everyone should stop > reading them. Acked-by: Jakub Kicinski <kuba@...nel.org>
Powered by blists - more mailing lists