diff options
| author | Jakub Kicinski <jakub.kicinski@netronome.com> | 2019-06-11 07:40:10 +0300 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2019-06-11 22:22:27 +0300 |
| commit | 9ed431c1d7cf8c394aa7562ca6b84f3eeb8c78a8 (patch) | |
| tree | 540add3d2e40be7263d64cde02b30a0ca8dd7cbe /drivers/net/ethernet/netronome/nfp/crypto | |
| parent | 50180074099fcda752d9d56282d23242b126ebc9 (diff) | |
| download | linux-9ed431c1d7cf8c394aa7562ca6b84f3eeb8c78a8.tar.xz | |
nfp: tls: make use of kernel-driven TX resync
When TCP stream gets out of sync (driver stops receiving skbs
with expected TCP sequence numbers) request a TX resync from
the kernel.
We try to distinguish retransmissions from missed transmissions
by comparing the sequence number to expected - if it's further
than the expected one - we probably missed packets.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'drivers/net/ethernet/netronome/nfp/crypto')
| -rw-r--r-- | drivers/net/ethernet/netronome/nfp/crypto/crypto.h | 1 | ||||
| -rw-r--r-- | drivers/net/ethernet/netronome/nfp/crypto/tls.c | 21 |
2 files changed, 13 insertions, 9 deletions
diff --git a/drivers/net/ethernet/netronome/nfp/crypto/crypto.h b/drivers/net/ethernet/netronome/nfp/crypto/crypto.h index 591924ad920c..60372ddf69f0 100644 --- a/drivers/net/ethernet/netronome/nfp/crypto/crypto.h +++ b/drivers/net/ethernet/netronome/nfp/crypto/crypto.h @@ -13,7 +13,6 @@ struct nfp_net_tls_offload_ctx { */ u32 next_seq; - bool out_of_sync; }; #ifdef CONFIG_TLS_DEVICE diff --git a/drivers/net/ethernet/netronome/nfp/crypto/tls.c b/drivers/net/ethernet/netronome/nfp/crypto/tls.c index 93f87b7633b1..3ee829d69c04 100644 --- a/drivers/net/ethernet/netronome/nfp/crypto/tls.c +++ b/drivers/net/ethernet/netronome/nfp/crypto/tls.c @@ -390,25 +390,30 @@ nfp_net_tls_resync(struct net_device *netdev, struct sock *sk, u32 seq, struct nfp_net_tls_offload_ctx *ntls; struct nfp_crypto_req_update *req; struct sk_buff *skb; + gfp_t flags; - if (WARN_ON_ONCE(direction != TLS_OFFLOAD_CTX_DIR_RX)) - return; - - skb = nfp_net_tls_alloc_simple(nn, sizeof(*req), GFP_ATOMIC); + flags = direction == TLS_OFFLOAD_CTX_DIR_TX ? GFP_KERNEL : GFP_ATOMIC; + skb = nfp_net_tls_alloc_simple(nn, sizeof(*req), flags); if (!skb) return; - ntls = tls_driver_ctx(sk, TLS_OFFLOAD_CTX_DIR_RX); + ntls = tls_driver_ctx(sk, direction); req = (void *)skb->data; req->ep_id = 0; - req->opcode = NFP_NET_CRYPTO_OP_TLS_1_2_AES_GCM_128_DEC; + req->opcode = nfp_tls_1_2_dir_to_opcode(direction); memset(req->resv, 0, sizeof(req->resv)); memcpy(req->handle, ntls->fw_handle, sizeof(ntls->fw_handle)); req->tcp_seq = cpu_to_be32(seq); memcpy(req->rec_no, rcd_sn, sizeof(req->rec_no)); - nfp_ccm_mbox_post(nn, skb, NFP_CCM_TYPE_CRYPTO_UPDATE, - sizeof(struct nfp_crypto_reply_simple)); + if (direction == TLS_OFFLOAD_CTX_DIR_TX) { + nfp_net_tls_communicate_simple(nn, skb, "sync", + NFP_CCM_TYPE_CRYPTO_UPDATE); + ntls->next_seq = seq; + } else { + nfp_ccm_mbox_post(nn, skb, NFP_CCM_TYPE_CRYPTO_UPDATE, + sizeof(struct nfp_crypto_reply_simple)); + } } static const struct tlsdev_ops nfp_net_tls_ops = { |