lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 26 Feb 2019 12:49:05 +0000
From:   Vakul Garg <vakul.garg@....com>
To:     Boris Pismenny <borisp@...lanox.com>,
        "aviadye@...lanox.com" <aviadye@...lanox.com>,
        "davejwatson@...com" <davejwatson@...com>,
        "john.fastabend@...il.com" <john.fastabend@...il.com>,
        "daniel@...earbox.net" <daniel@...earbox.net>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>
CC:     "eranbe@...lanox.com" <eranbe@...lanox.com>
Subject: RE: [PATCH net 2/4] tls: Fix write space handling



> -----Original Message-----
> From: Boris Pismenny <borisp@...lanox.com>
> Sent: Tuesday, February 26, 2019 5:43 PM
> To: aviadye@...lanox.com; davejwatson@...com;
> john.fastabend@...il.com; daniel@...earbox.net; Vakul Garg
> <vakul.garg@....com>; netdev@...r.kernel.org
> Cc: eranbe@...lanox.com; borisp@...lanox.com
> Subject: [PATCH net 2/4] tls: Fix write space handling
> 
> TLS device cannot use the sw context. This patch returns the original
> tls device write space handler and moves the sw/device specific portions
> to the relevant files.
> 
> Fixes: a42055e8d2c3 ("net/tls: Add support for async encryption of records
> for performance")
> Signed-off-by: Boris Pismenny <borisp@...lanox.com>
> Reviewed-by: Eran Ben Elisha <eranbe@...lanox.com>
> ---
>  include/net/tls.h    |  3 +++
>  net/tls/tls_device.c | 16 ++++++++++++++++
>  net/tls/tls_main.c   | 17 +++++++++--------
>  net/tls/tls_sw.c     | 15 +++++++++++++++
>  4 files changed, 43 insertions(+), 8 deletions(-)
> 
> diff --git a/include/net/tls.h b/include/net/tls.h
> index a528a082da73..9d7c53737b13 100644
> --- a/include/net/tls.h
> +++ b/include/net/tls.h
> @@ -519,6 +519,9 @@ static inline bool tls_sw_has_ctx_tx(const struct sock
> *sk)
>  	return !!tls_sw_ctx_tx(ctx);
>  }
> 
> +int tls_sw_write_space(struct sock *sk, struct tls_context *ctx);
> +int tls_device_write_space(struct sock *sk, struct tls_context *ctx);
> +
>  static inline struct tls_offload_context_rx *
>  tls_offload_ctx_rx(const struct tls_context *tls_ctx)
>  {
> diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
> index 3e5e8e021a87..e8988b3f3236 100644
> --- a/net/tls/tls_device.c
> +++ b/net/tls/tls_device.c
> @@ -546,6 +546,22 @@ static int tls_device_push_pending_record(struct
> sock *sk, int flags)
>  	return tls_push_data(sk, &msg_iter, 0, flags,
> TLS_RECORD_TYPE_DATA);
>  }
> 
> +int tls_device_write_space(struct sock *sk, struct tls_context *ctx)
> +{
> +	int rc = 0;
> +
> +	if (!sk->sk_write_pending && tls_is_partially_sent_record(ctx)) {
> +		gfp_t sk_allocation = sk->sk_allocation;
> +
> +		sk->sk_allocation = GFP_ATOMIC;
> +		rc = tls_push_partial_record(sk, ctx,
> +					     MSG_DONTWAIT |
> MSG_NOSIGNAL);
> +		sk->sk_allocation = sk_allocation;
> +	}
> +
> +	return rc;
> +}
> +
>  void handle_device_resync(struct sock *sk, u32 seq, u64 rcd_sn)
>  {
>  	struct tls_context *tls_ctx = tls_get_ctx(sk);
> diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c
> index 7e05af75536d..11c1980a75cb 100644
> --- a/net/tls/tls_main.c
> +++ b/net/tls/tls_main.c
> @@ -212,7 +212,7 @@ int tls_push_partial_record(struct sock *sk, struct
> tls_context *ctx,
>  static void tls_write_space(struct sock *sk)
>  {
>  	struct tls_context *ctx = tls_get_ctx(sk);
> -	struct tls_sw_context_tx *tx_ctx = tls_sw_ctx_tx(ctx);
> +	int rc;
> 
>  	/* If in_tcp_sendpages call lower protocol write space handler
>  	 * to ensure we wake up any waiting operations there. For example
> @@ -223,14 +223,15 @@ static void tls_write_space(struct sock *sk)
>  		return;
>  	}
> 
> -	/* Schedule the transmission if tx list is ready */
> -	if (is_tx_ready(tx_ctx) && !sk->sk_write_pending) {
> -		/* Schedule the transmission */
> -		if (!test_and_set_bit(BIT_TX_SCHEDULED, &tx_ctx-
> >tx_bitmask))
> -			schedule_delayed_work(&tx_ctx->tx_work.work, 0);
> -	}
> +#ifdef CONFIG_TLS_DEVICE
> +	if (ctx->tx_conf == TLS_HW)
> +		rc = tls_device_write_space(sk, ctx);
> +	else
> +#endif
> +		rc = tls_sw_write_space(sk, ctx);
> 
> -	ctx->sk_write_space(sk);
> +	if (!rc)

Why do we need to check 'rc'?

If it is required, then ' ctx->sk_write_space(sk)' can move to tls_device_write_space()
since  tls_sw_write_space() always returns '0'.

> +		ctx->sk_write_space(sk);
>  }
> 
>  static void tls_ctx_free(struct tls_context *ctx)
> diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
> index 1cc830582fa8..4afa67b00aaf 100644
> --- a/net/tls/tls_sw.c
> +++ b/net/tls/tls_sw.c
> @@ -2126,6 +2126,21 @@ static void tx_work_handler(struct work_struct
> *work)
>  	release_sock(sk);
>  }
> 
> +int tls_sw_write_space(struct sock *sk, struct tls_context *ctx)
> +{
> +	struct tls_sw_context_tx *tx_ctx = tls_sw_ctx_tx(ctx);
> +
> +	/* Schedule the transmission if tx list is ready */
> +	if (is_tx_ready(tx_ctx) && !sk->sk_write_pending) {
> +		/* Schedule the transmission */
> +		if (!test_and_set_bit(BIT_TX_SCHEDULED,
> +				      &tx_ctx->tx_bitmask))
> +			schedule_delayed_work(&tx_ctx->tx_work.work, 0);
> +	}
> +
> +	return 0;
> +}
> +
>  int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx)
>  {
>  	struct tls_context *tls_ctx = tls_get_ctx(sk);
> --
> 2.12.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ