From: Jakub Kicinski Date: Fri, 22 Jul 2022 23:50:30 +0000 (-0700) Subject: tls: rx: device: keep the zero copy status with offload X-Git-Tag: v6.6.17~6916^2~57^2~3 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=d4e5db6452211467f668521f5a3bd3c3928918e1;p=platform%2Fkernel%2Flinux-rpi.git tls: rx: device: keep the zero copy status with offload The non-zero-copy path assumes a full skb with decrypted contents. This means the device offload would have to CoW the data. Try to keep the zero-copy status instead, copy the data to user space. Signed-off-by: Jakub Kicinski --- diff --git a/net/tls/tls.h b/net/tls/tls.h index 24bec1c..78c5d69 100644 --- a/net/tls/tls.h +++ b/net/tls/tls.h @@ -127,6 +127,7 @@ int tls_sw_fallback_init(struct sock *sk, struct tls_offload_context_tx *offload_ctx, struct tls_crypto_info *crypto_info); +struct sk_buff *tls_strp_msg_detach(struct tls_sw_context_rx *ctx); int tls_strp_msg_hold(struct sock *sk, struct sk_buff *skb, struct sk_buff_head *dst); diff --git a/net/tls/tls_strp.c b/net/tls/tls_strp.c index 9ccab79..40b1773 100644 --- a/net/tls/tls_strp.c +++ b/net/tls/tls_strp.c @@ -4,6 +4,15 @@ #include "tls.h" +struct sk_buff *tls_strp_msg_detach(struct tls_sw_context_rx *ctx) +{ + struct sk_buff *skb; + + skb = ctx->recv_pkt; + ctx->recv_pkt = NULL; + return skb; +} + int tls_strp_msg_hold(struct sock *sk, struct sk_buff *skb, struct sk_buff_head *dst) { diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index fe38b49a2..bd44868 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -1631,8 +1631,8 @@ tls_decrypt_sw(struct sock *sk, struct tls_context *tls_ctx, } static int -tls_decrypt_device(struct sock *sk, struct tls_context *tls_ctx, - struct tls_decrypt_arg *darg) +tls_decrypt_device(struct sock *sk, struct msghdr *msg, + struct tls_context *tls_ctx, struct tls_decrypt_arg *darg) { struct tls_sw_context_rx *ctx = tls_sw_ctx_rx(tls_ctx); struct tls_prot_info *prot = &tls_ctx->prot_info; @@ -1650,13 +1650,33 @@ tls_decrypt_device(struct sock *sk, struct tls_context *tls_ctx, if (pad < 0) return pad; - darg->zc = false; darg->async = false; darg->skb = tls_strp_msg(ctx); - ctx->recv_pkt = NULL; + /* ->zc downgrade check, in case TLS 1.3 gets here */ + darg->zc &= !(prot->version == TLS_1_3_VERSION && + tls_msg(darg->skb)->control != TLS_RECORD_TYPE_DATA); rxm = strp_msg(darg->skb); rxm->full_len -= pad; + + if (!darg->zc) { + /* Non-ZC case needs a real skb */ + darg->skb = tls_strp_msg_detach(ctx); + if (!darg->skb) + return -ENOMEM; + } else { + unsigned int off, len; + + /* In ZC case nobody cares about the output skb. + * Just copy the data here. Note the skb is not fully trimmed. + */ + off = rxm->offset + prot->prepend_size; + len = rxm->full_len - prot->overhead_size; + + err = skb_copy_datagram_msg(darg->skb, off, msg, len); + if (err) + return err; + } return 1; } @@ -1668,7 +1688,7 @@ static int tls_rx_one_record(struct sock *sk, struct msghdr *msg, struct strp_msg *rxm; int err; - err = tls_decrypt_device(sk, tls_ctx, darg); + err = tls_decrypt_device(sk, msg, tls_ctx, darg); if (!err) err = tls_decrypt_sw(sk, tls_ctx, msg, darg); if (err < 0)