On Thu, Oct 27, 2022 at 11:37:15AM +0200, Benny Lønstrup Ammitzbøll wrote: > Valid point, so maybe the default should be to use HW offload if the > interface supports it. However, a user may be interested in measuring the > performance gain obtained with a HW offload solution (I at least need this > in my testing) in which case the parameter is useful. In Wi-Fi cases, such a change would be done as a driver-specific configuration (e.g., nohwcrypt=1 module parameter for ath9k), i.e., there is no dynamic kernel interface for setting that when configuring encryption parameters for a specific connection. I guess someone thought this would be needed for MACsec for some reason.. I cannot really think of a real use case for that apart from either testing something or working around implementation issues (that really should be addressed by fixing those issues). I'm not against adding a test parameter for this, but it should be clearly documented as such and the default value should be to behave in the most reasonable manner for production use cases (which, I'd assume, would be to use all available hardware offloads for encryption/decryption of frames). -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap