| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20190409152318.11155-1-atul.gupta@chelsio.com>
Date: Tue, 9 Apr 2019 08:23:18 -0700
From: Atul Gupta <atul.gupta@...lsio.com>
To: herbert@...dor.apana.org.au, davem@...emloft.net,
linux-crypto@...r.kernel.org, netdev@...r.kernel.org,
dt@...lsio.com, atul.gupta@...lsio.com
Subject: [crypto 1/4] net/tls: connect routine for Inine TLS Client
Define tls_hw_connect to allow hardware setup Inline TLS
client before TLS handshake and key program.
Signed-off-by: Atul Gupta <atul.gupta@...lsio.com>
---
include/net/tls.h | 6 ++++++
net/tls/tls_main.c | 23 +++++++++++++++++++++++
2 files changed, 29 insertions(+)
diff --git a/include/net/tls.h b/include/net/tls.h
index a5a9385..655c17e 100644
--- a/include/net/tls.h
+++ b/include/net/tls.h
@@ -77,6 +77,9 @@
* void (*unhash)(struct tls_device *device, struct sock *sk);
* This function cleans listen state set by Inline TLS driver
*
+ * int (*connect)(struct tls_device *device, struct sock *sk,
+ * struct sockaddr *uaddr, int addr_len);
+ *
* void (*release)(struct kref *kref);
* Release the registered device and allocated resources
* @kref: Number of reference to tls_device
@@ -87,6 +90,8 @@ struct tls_device {
int (*feature)(struct tls_device *device);
int (*hash)(struct tls_device *device, struct sock *sk);
void (*unhash)(struct tls_device *device, struct sock *sk);
+ int (*connect)(struct tls_device *device, struct sock *sk,
+ struct sockaddr *uaddr, int addr_len);
void (*release)(struct kref *kref);
struct kref kref;
};
@@ -264,6 +269,7 @@ struct tls_context {
int __user *optlen);
int (*hash)(struct sock *sk);
void (*unhash)(struct sock *sk);
+ int (*connect)(struct sock *sk, struct sockaddr *uaddr, int addr_len);
};
struct tls_offload_context_rx {
diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c
index df921a2..eaf60ca 100644
--- a/net/tls/tls_main.c
+++ b/net/tls/tls_main.c
@@ -620,6 +620,28 @@ static void tls_hw_sk_destruct(struct sock *sk)
icsk->icsk_ulp_data = NULL;
}
+static int tls_hw_connect(struct sock *sk, struct sockaddr *uaddr,
+ int addr_len)
+{
+ struct tls_device *dev;
+ int err;
+
+ spin_lock_bh(&device_spinlock);
+ list_for_each_entry(dev, &device_list, dev_list) {
+ if (dev->connect) {
+ kref_get(&dev->kref);
+ spin_unlock_bh(&device_spinlock);
+ err = dev->connect(dev, sk, uaddr, addr_len);
+ kref_put(&dev->kref, dev->release);
+ spin_lock_bh(&device_spinlock);
+ if (!err)
+ break;
+ }
+ }
+ spin_unlock_bh(&device_spinlock);
+ return err;
+}
+
static int tls_hw_prot(struct sock *sk)
{
struct tls_context *ctx;
@@ -737,6 +759,7 @@ static void build_protos(struct proto prot[TLS_NUM_CONFIG][TLS_NUM_CONFIG],
prot[TLS_HW_RECORD][TLS_HW_RECORD] = *base;
prot[TLS_HW_RECORD][TLS_HW_RECORD].hash = tls_hw_hash;
prot[TLS_HW_RECORD][TLS_HW_RECORD].unhash = tls_hw_unhash;
+ prot[TLS_HW_RECORD][TLS_HW_RECORD].connect = tls_hw_connect;
prot[TLS_HW_RECORD][TLS_HW_RECORD].close = tls_sk_proto_close;
}
--
1.8.3.1
Powered by blists - more mailing lists