diff options
author | Sabrina Dubroca <sd@queasysnail.net> | 2023-10-09 23:50:48 +0300 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2023-10-13 13:26:10 +0300 |
commit | 1a074f7618e8b82a7cebf45df6e005d2284446ce (patch) | |
tree | e87977b94d9aeea66d5e61670a8a42dff3520452 /net/tls | |
parent | a9937816edde95575fb777703b82f85b1d6cd5b1 (diff) | |
download | linux-1a074f7618e8b82a7cebf45df6e005d2284446ce.tar.xz |
tls: also use init_prot_info in tls_set_device_offload
Most values are shared. Nonce size turns out to be equal to IV size
for all offloadable ciphers.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/tls')
-rw-r--r-- | net/tls/tls.h | 4 | ||||
-rw-r--r-- | net/tls/tls_device.c | 14 | ||||
-rw-r--r-- | net/tls/tls_sw.c | 14 |
3 files changed, 18 insertions, 14 deletions
diff --git a/net/tls/tls.h b/net/tls/tls.h index 16830aa2d6ec..756ed6cbc3df 100644 --- a/net/tls/tls.h +++ b/net/tls/tls.h @@ -142,6 +142,10 @@ void update_sk_prot(struct sock *sk, struct tls_context *ctx); int wait_on_pending_writer(struct sock *sk, long *timeo); void tls_err_abort(struct sock *sk, int err); +int init_prot_info(struct tls_prot_info *prot, + const struct tls_crypto_info *crypto_info, + const struct tls_cipher_desc *cipher_desc, + int mode); int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx); void tls_update_rx_zc_capable(struct tls_context *tls_ctx); void tls_sw_strparser_arm(struct sock *sk, struct tls_context *ctx); diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c index 0981496c6294..3d73dd97e903 100644 --- a/net/tls/tls_device.c +++ b/net/tls/tls_device.c @@ -1076,20 +1076,14 @@ int tls_set_device_offload(struct sock *sk, struct tls_context *ctx) goto release_netdev; } + rc = init_prot_info(prot, crypto_info, cipher_desc, TLS_HW); + if (rc) + goto release_netdev; + iv = crypto_info_iv(crypto_info, cipher_desc); rec_seq = crypto_info_rec_seq(crypto_info, cipher_desc); - prot->version = crypto_info->version; - prot->cipher_type = crypto_info->cipher_type; - prot->prepend_size = TLS_HEADER_SIZE + cipher_desc->iv; - prot->tag_size = cipher_desc->tag; - prot->overhead_size = prot->prepend_size + prot->tag_size; - prot->iv_size = cipher_desc->iv; - prot->salt_size = cipher_desc->salt; - memcpy(ctx->tx.iv + cipher_desc->salt, iv, cipher_desc->iv); - - prot->rec_seq_size = cipher_desc->rec_seq; memcpy(ctx->tx.rec_seq, rec_seq, cipher_desc->rec_seq); start_marker_record = kmalloc(sizeof(*start_marker_record), GFP_KERNEL); diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index b8e89bbb4a49..0995d3d14f4b 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -2620,9 +2620,10 @@ static struct tls_sw_context_rx *init_ctx_rx(struct tls_context *ctx) return sw_ctx_rx; } -static int init_prot_info(struct tls_prot_info *prot, - const struct tls_crypto_info *crypto_info, - const struct tls_cipher_desc *cipher_desc) +int init_prot_info(struct tls_prot_info *prot, + const struct tls_crypto_info *crypto_info, + const struct tls_cipher_desc *cipher_desc, + int mode) { u16 nonce_size = cipher_desc->nonce; @@ -2635,6 +2636,11 @@ static int init_prot_info(struct tls_prot_info *prot, prot->tail_size = 0; } + if (mode == TLS_HW) { + prot->aad_size = 0; + prot->tail_size = 0; + } + /* Sanity-check the sizes for stack allocations. */ if (nonce_size > TLS_MAX_IV_SIZE || prot->aad_size > TLS_MAX_AAD_SIZE) return -EINVAL; @@ -2696,7 +2702,7 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) goto free_priv; } - rc = init_prot_info(prot, crypto_info, cipher_desc); + rc = init_prot_info(prot, crypto_info, cipher_desc, TLS_SW); if (rc) goto free_priv; |