tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

tls: rx: factor out device darg update

I already forgot to transform darg from input to output
semantics once on the NIC inline crypto fastpath. To
avoid this happening again create a device equivalent
of decrypt_internal(). A function responsible for decryption
and transforming darg.

While at it rename decrypt_internal() to a hopefully slightly
more meaningful name.

Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Jakub Kicinski and committed by
David S. Miller 8a958732 53d57999

+41 -19
+41 -19
net/tls/tls_sw.c
··· 1404 1404 return rc; 1405 1405 } 1406 1406 1407 + /* Decrypt handlers 1408 + * 1409 + * tls_decrypt_sg() and tls_decrypt_device() are decrypt handlers. 1410 + * They must transform the darg in/out argument are as follows: 1411 + * | Input | Output 1412 + * ------------------------------------------------------------------- 1413 + * zc | Zero-copy decrypt allowed | Zero-copy performed 1414 + * async | Async decrypt allowed | Async crypto used / in progress 1415 + */ 1416 + 1407 1417 /* This function decrypts the input skb into either out_iov or in out_sg 1408 - * or in skb buffers itself. The input parameter 'zc' indicates if 1418 + * or in skb buffers itself. The input parameter 'darg->zc' indicates if 1409 1419 * zero-copy mode needs to be tried or not. With zero-copy mode, either 1410 1420 * out_iov or out_sg must be non-NULL. In case both out_iov and out_sg are 1411 1421 * NULL, then the decryption happens inside skb buffers itself, i.e. 1412 - * zero-copy gets disabled and 'zc' is updated. 1422 + * zero-copy gets disabled and 'darg->zc' is updated. 1413 1423 */ 1414 - 1415 - static int decrypt_internal(struct sock *sk, struct sk_buff *skb, 1416 - struct iov_iter *out_iov, 1417 - struct scatterlist *out_sg, 1418 - struct tls_decrypt_arg *darg) 1424 + static int tls_decrypt_sg(struct sock *sk, struct sk_buff *skb, 1425 + struct iov_iter *out_iov, 1426 + struct scatterlist *out_sg, 1427 + struct tls_decrypt_arg *darg) 1419 1428 { 1420 1429 struct tls_context *tls_ctx = tls_get_ctx(sk); 1421 1430 struct tls_sw_context_rx *ctx = tls_sw_ctx_rx(tls_ctx); ··· 1565 1556 return err; 1566 1557 } 1567 1558 1559 + static int 1560 + tls_decrypt_device(struct sock *sk, struct tls_context *tls_ctx, 1561 + struct sk_buff *skb, struct tls_decrypt_arg *darg) 1562 + { 1563 + int err; 1564 + 1565 + if (tls_ctx->rx_conf != TLS_HW) 1566 + return 0; 1567 + 1568 + err = tls_device_decrypted(sk, tls_ctx, skb, strp_msg(skb)); 1569 + if (err <= 0) 1570 + return err; 1571 + 1572 + darg->zc = false; 1573 + darg->async = false; 1574 + return 1; 1575 + } 1576 + 1568 1577 static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb, 1569 1578 struct iov_iter *dest, 1570 1579 struct tls_decrypt_arg *darg) ··· 1592 1565 struct strp_msg *rxm = strp_msg(skb); 1593 1566 int pad, err; 1594 1567 1595 - if (tls_ctx->rx_conf == TLS_HW) { 1596 - err = tls_device_decrypted(sk, tls_ctx, skb, rxm); 1597 - if (err < 0) 1598 - return err; 1599 - if (err > 0) { 1600 - darg->zc = false; 1601 - darg->async = false; 1602 - goto decrypt_done; 1603 - } 1604 - } 1568 + err = tls_decrypt_device(sk, tls_ctx, skb, darg); 1569 + if (err < 0) 1570 + return err; 1571 + if (err) 1572 + goto decrypt_done; 1605 1573 1606 - err = decrypt_internal(sk, skb, dest, NULL, darg); 1574 + err = tls_decrypt_sg(sk, skb, dest, NULL, darg); 1607 1575 if (err < 0) { 1608 1576 if (err == -EBADMSG) 1609 1577 TLS_INC_STATS(sock_net(sk), LINUX_MIB_TLSDECRYPTERROR); ··· 1635 1613 { 1636 1614 struct tls_decrypt_arg darg = { .zc = true, }; 1637 1615 1638 - return decrypt_internal(sk, skb, NULL, sgout, &darg); 1616 + return tls_decrypt_sg(sk, skb, NULL, sgout, &darg); 1639 1617 } 1640 1618 1641 1619 static int tls_record_content_type(struct msghdr *msg, struct tls_msg *tlm,