Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6d88207f authored by Ilya Lesokhin's avatar Ilya Lesokhin Committed by David S. Miller
Browse files

tls: Add function to update the TLS socket configuration 



The tx configuration is now stored in ctx->tx_conf.
And sk->sk_prot is updated trough a function
This will simplify things when we add rx
and support for different possible
tx and rx cross configurations.

Signed-off-by: default avatarIlya Lesokhin <ilyal@mellanox.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 61ef6da6

include/net/tls.h

+2 −0
Original line number Diff line number Diff line
@@ -83,6 +83,8 @@ struct tls_context { 


	void *priv_ctx;



	u8 tx_conf:2;



	u16 prepend_size;

	u16 tag_size;

	u16 overhead_size;

net/tls/tls_main.c

+32 −14
Original line number Diff line number Diff line
@@ -45,8 +45,18 @@ MODULE_AUTHOR("Mellanox Technologies"); 
MODULE_DESCRIPTION("Transport Layer Security Support");

MODULE_LICENSE("Dual BSD/GPL");



static struct proto tls_base_prot;

static struct proto tls_sw_prot;

enum {

	TLS_BASE_TX,

	TLS_SW_TX,

	TLS_NUM_CONFIG,

};



static struct proto tls_prots[TLS_NUM_CONFIG];



static inline void update_sk_prot(struct sock *sk, struct tls_context *ctx)

{

	sk->sk_prot = &tls_prots[ctx->tx_conf];

}



int wait_on_pending_writer(struct sock *sk, long *timeo)

{
@@ -340,8 +350,8 @@ static int do_tls_setsockopt_tx(struct sock *sk, char __user *optval, 
{

	struct tls_crypto_info *crypto_info, tmp_crypto_info;

	struct tls_context *ctx = tls_get_ctx(sk);

	struct proto *prot = NULL;

	int rc = 0;

	int tx_conf;



	if (!optval || (optlen < sizeof(*crypto_info))) {

		rc = -EINVAL;
@@ -396,11 +406,12 @@ static int do_tls_setsockopt_tx(struct sock *sk, char __user *optval, 


	/* currently SW is default, we will have ethtool in future */

	rc = tls_set_sw_offload(sk, ctx);

	prot = &tls_sw_prot;

	tx_conf = TLS_SW_TX;

	if (rc)

		goto err_crypto_info;



	sk->sk_prot = prot;

	ctx->tx_conf = tx_conf;

	update_sk_prot(sk, ctx);

	goto out;



err_crypto_info:
@@ -453,7 +464,9 @@ static int tls_init(struct sock *sk) 
	icsk->icsk_ulp_data = ctx;

	ctx->setsockopt = sk->sk_prot->setsockopt;

	ctx->getsockopt = sk->sk_prot->getsockopt;

	sk->sk_prot = &tls_base_prot;



	ctx->tx_conf = TLS_BASE_TX;

	update_sk_prot(sk, ctx);

out:

	return rc;

}
@@ -464,16 +477,21 @@ static struct tcp_ulp_ops tcp_tls_ulp_ops __read_mostly = { 
	.init			= tls_init,

};



static void build_protos(struct proto *prot, struct proto *base)

{

	prot[TLS_BASE_TX] = *base;

	prot[TLS_BASE_TX].setsockopt = tls_setsockopt;

	prot[TLS_BASE_TX].getsockopt = tls_getsockopt;



	prot[TLS_SW_TX] = prot[TLS_BASE_TX];

	prot[TLS_SW_TX].close		= tls_sk_proto_close;

	prot[TLS_SW_TX].sendmsg		= tls_sw_sendmsg;

	prot[TLS_SW_TX].sendpage	= tls_sw_sendpage;

}



static int __init tls_register(void)

{

	tls_base_prot			= tcp_prot;

	tls_base_prot.setsockopt	= tls_setsockopt;

	tls_base_prot.getsockopt	= tls_getsockopt;



	tls_sw_prot			= tls_base_prot;

	tls_sw_prot.sendmsg		= tls_sw_sendmsg;

	tls_sw_prot.sendpage            = tls_sw_sendpage;

	tls_sw_prot.close               = tls_sk_proto_close;

	build_protos(tls_prots, &tcp_prot);



	tcp_register_ulp(&tcp_tls_ulp_ops);