Commit 318892ac authored by Jakub Kicinski's avatar Jakub Kicinski Committed by Daniel Borkmann
Browse files

net/tls: don't arm strparser immediately in tls_set_sw_offload() 



In tls_set_device_offload_rx() we prepare the software context
for RX fallback and proceed to add the connection to the device.
Unfortunately, software context prep includes arming strparser
so in case of a later error we have to release the socket lock
to call strp_done().

In preparation for not releasing the socket lock half way through
callbacks move arming strparser into a separate function.
Following patches will make use of that.

Signed-off-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: default avatarDirk van der Merwe <dirk.vandermerwe@netronome.com>
Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
parent 1d4126c4

include/net/tls.h

+1 −0
Original line number Diff line number Diff line
@@ -355,6 +355,7 @@ int tls_sk_attach(struct sock *sk, int optname, char __user *optval, 
		  unsigned int optlen);



int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx);

void tls_sw_strparser_arm(struct sock *sk, struct tls_context *ctx);

int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size);

int tls_sw_sendpage(struct sock *sk, struct page *page,

		    int offset, size_t size, int flags);

net/tls/tls_device.c

+1 −0
Original line number Diff line number Diff line
@@ -1045,6 +1045,7 @@ int tls_set_device_offload_rx(struct sock *sk, struct tls_context *ctx) 
	rc = tls_set_sw_offload(sk, ctx, 0);

	if (rc)

		goto release_ctx;

	tls_sw_strparser_arm(sk, ctx);



	rc = netdev->tlsdev_ops->tls_dev_add(netdev, sk, TLS_OFFLOAD_CTX_DIR_RX,

					     &ctx->crypto_recv.info,

net/tls/tls_main.c

+5 −3
Original line number Diff line number Diff line
@@ -526,6 +526,8 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval, 
		{

#endif

			rc = tls_set_sw_offload(sk, ctx, 1);

			if (rc)

				goto err_crypto_info;

			conf = TLS_SW;

		}

	} else {
@@ -537,13 +539,13 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval, 
		{

#endif

			rc = tls_set_sw_offload(sk, ctx, 0);

			if (rc)

				goto err_crypto_info;

			tls_sw_strparser_arm(sk, ctx);

			conf = TLS_SW;

		}

	}



	if (rc)

		goto err_crypto_info;



	if (tx)

		ctx->tx_conf = conf;

	else

net/tls/tls_sw.c

+12 −7
Original line number Diff line number Diff line
@@ -2160,6 +2160,18 @@ void tls_sw_write_space(struct sock *sk, struct tls_context *ctx) 
	}

}



void tls_sw_strparser_arm(struct sock *sk, struct tls_context *tls_ctx)

{

	struct tls_sw_context_rx *rx_ctx = tls_sw_ctx_rx(tls_ctx);



	write_lock_bh(&sk->sk_callback_lock);

	rx_ctx->saved_data_ready = sk->sk_data_ready;

	sk->sk_data_ready = tls_data_ready;

	write_unlock_bh(&sk->sk_callback_lock);



	strp_check_rcv(&rx_ctx->strp);

}



int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx)

{

	struct tls_context *tls_ctx = tls_get_ctx(sk);
@@ -2357,13 +2369,6 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) 
		cb.parse_msg = tls_read_size;



		strp_init(&sw_ctx_rx->strp, sk, &cb);



		write_lock_bh(&sk->sk_callback_lock);

		sw_ctx_rx->saved_data_ready = sk->sk_data_ready;

		sk->sk_data_ready = tls_data_ready;

		write_unlock_bh(&sk->sk_callback_lock);



		strp_check_rcv(&sw_ctx_rx->strp);

	}



	goto out;

CRA Git | Maintained and supported by SUSTech CRA and CCSE