forked from Minki/linux
tls: rx: don't store the decryption status in socket context
Similar justification to previous change, the information about decryption status belongs in the skb. Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
c3f6bb7413
commit
7dc59c33d6
@ -72,6 +72,7 @@ struct sk_skb_cb {
|
||||
u64 temp_reg;
|
||||
struct tls_msg {
|
||||
u8 control;
|
||||
u8 decrypted;
|
||||
} tls;
|
||||
};
|
||||
|
||||
|
@ -148,7 +148,6 @@ struct tls_sw_context_rx {
|
||||
|
||||
struct sk_buff *recv_pkt;
|
||||
u8 async_capable:1;
|
||||
u8 decrypted:1;
|
||||
atomic_t decrypt_pending;
|
||||
/* protect crypto_wait with decrypt_pending*/
|
||||
spinlock_t decrypt_compl_lock;
|
||||
|
@ -948,6 +948,7 @@ int tls_device_decrypted(struct sock *sk, struct tls_context *tls_ctx,
|
||||
struct sk_buff *skb, struct strp_msg *rxm)
|
||||
{
|
||||
struct tls_offload_context_rx *ctx = tls_offload_ctx_rx(tls_ctx);
|
||||
struct tls_msg *tlm = tls_msg(skb);
|
||||
int is_decrypted = skb->decrypted;
|
||||
int is_encrypted = !is_decrypted;
|
||||
struct sk_buff *skb_iter;
|
||||
@ -962,7 +963,7 @@ int tls_device_decrypted(struct sock *sk, struct tls_context *tls_ctx,
|
||||
tls_ctx->rx.rec_seq, rxm->full_len,
|
||||
is_encrypted, is_decrypted);
|
||||
|
||||
ctx->sw.decrypted |= is_decrypted;
|
||||
tlm->decrypted |= is_decrypted;
|
||||
|
||||
if (unlikely(test_bit(TLS_RX_DEV_DEGRADED, &tls_ctx->flags))) {
|
||||
if (likely(is_encrypted || is_decrypted))
|
||||
|
@ -1565,9 +1565,10 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb,
|
||||
struct tls_sw_context_rx *ctx = tls_sw_ctx_rx(tls_ctx);
|
||||
struct tls_prot_info *prot = &tls_ctx->prot_info;
|
||||
struct strp_msg *rxm = strp_msg(skb);
|
||||
struct tls_msg *tlm = tls_msg(skb);
|
||||
int pad, err = 0;
|
||||
|
||||
if (!ctx->decrypted) {
|
||||
if (!tlm->decrypted) {
|
||||
if (tls_ctx->rx_conf == TLS_HW) {
|
||||
err = tls_device_decrypted(sk, tls_ctx, skb, rxm);
|
||||
if (err < 0)
|
||||
@ -1575,7 +1576,7 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb,
|
||||
}
|
||||
|
||||
/* Still not decrypted after tls_device */
|
||||
if (!ctx->decrypted) {
|
||||
if (!tlm->decrypted) {
|
||||
err = decrypt_internal(sk, skb, dest, NULL, chunk, zc,
|
||||
async);
|
||||
if (err < 0) {
|
||||
@ -1599,7 +1600,7 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb,
|
||||
rxm->offset += prot->prepend_size;
|
||||
rxm->full_len -= prot->overhead_size;
|
||||
tls_advance_record_sn(sk, prot, &tls_ctx->rx);
|
||||
ctx->decrypted = 1;
|
||||
tlm->decrypted = 1;
|
||||
ctx->saved_data_ready(sk);
|
||||
} else {
|
||||
*zc = false;
|
||||
@ -2144,8 +2145,9 @@ static void tls_queue(struct strparser *strp, struct sk_buff *skb)
|
||||
{
|
||||
struct tls_context *tls_ctx = tls_get_ctx(strp->sk);
|
||||
struct tls_sw_context_rx *ctx = tls_sw_ctx_rx(tls_ctx);
|
||||
struct tls_msg *tlm = tls_msg(skb);
|
||||
|
||||
ctx->decrypted = 0;
|
||||
tlm->decrypted = 0;
|
||||
|
||||
ctx->recv_pkt = skb;
|
||||
strp_pause(strp);
|
||||
|
Loading…
Reference in New Issue
Block a user