tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

net/tls: remove the dead inplace_crypto code

Looks like when BPF support was added by commit d3b18ad31f93
("tls: add bpf support to sk_msg handling") and
commit d829e9c4112b ("tls: convert to generic sk_msg interface")
it broke/removed the support for in-place crypto as added by
commit 4e6d47206c32 ("tls: Add support for inplace records
encryption").

The inplace_crypto member of struct tls_rec is dead, inited
to zero, and sometimes set to zero again. It used to be
set to 1 when record was allocated, but the skmsg code doesn't
seem to have been written with the idea of in-place crypto
in mind.

Since non trivial effort is required to bring the feature back
and we don't really have the HW to measure the benefit just
remove the left over support for now to avoid confusing readers.

Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Simon Horman <simon.horman@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Jakub Kicinski and committed by
David S. Miller 9e5ffed3 65190f77

+1 -6
-1
include/net/tls.h
··· 100 100 struct list_head list; 101 101 int tx_ready; 102 102 int tx_flags; 103 - int inplace_crypto; 104 103 105 104 struct sk_msg msg_plaintext; 106 105 struct sk_msg msg_encrypted;
+1 -5
net/tls/tls_sw.c
··· 710 710 } 711 711 712 712 i = msg_pl->sg.start; 713 - sg_chain(rec->sg_aead_in, 2, rec->inplace_crypto ? 714 - &msg_en->sg.data[i] : &msg_pl->sg.data[i]); 713 + sg_chain(rec->sg_aead_in, 2, &msg_pl->sg.data[i]); 715 714 716 715 i = msg_en->sg.end; 717 716 sk_msg_iter_var_prev(i); ··· 975 976 if (ret) 976 977 goto fallback_to_reg_send; 977 978 978 - rec->inplace_crypto = 0; 979 - 980 979 num_zc++; 981 980 copied += try_to_copy; 982 981 ··· 1173 1176 1174 1177 tls_ctx->pending_open_record_frags = true; 1175 1178 if (full_record || eor || sk_msg_full(msg_pl)) { 1176 - rec->inplace_crypto = 0; 1177 1179 ret = bpf_exec_tx_verdict(msg_pl, sk, full_record, 1178 1180 record_type, &copied, flags); 1179 1181 if (ret) {