From patchwork Fri Jul 19 17:29:14 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jakub Kicinski <jakub.kicinski@netronome.com>
X-Patchwork-Id: 1134219
X-Patchwork-Delegate: bpf@iogearbox.net
Return-Path: <bpf-owner@vger.kernel.org>
X-Original-To: incoming-bpf@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-bpf@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=vger.kernel.org
	(client-ip=209.132.180.67; helo=vger.kernel.org;
	envelope-from=bpf-owner@vger.kernel.org; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none)
	header.from=netronome.com
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=netronome-com.20150623.gappssmtp.com
	header.i=@netronome-com.20150623.gappssmtp.com
	header.b="WLVMRXhw"; dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 45qyhm2M5bz9s3Z
	for <incoming-bpf@patchwork.ozlabs.org>;
	Sat, 20 Jul 2019 03:31:04 +1000 (AEST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1728578AbfGSRbD (ORCPT
	<rfc822;incoming-bpf@patchwork.ozlabs.org>);
	Fri, 19 Jul 2019 13:31:03 -0400
Received: from mail-qk1-f194.google.com ([209.85.222.194]:39826 "EHLO
	mail-qk1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1728674AbfGSRbD (ORCPT <rfc822; bpf@vger.kernel.org>);
	Fri, 19 Jul 2019 13:31:03 -0400
Received: by mail-qk1-f194.google.com with SMTP id w190so23786484qkc.6
	for <bpf@vger.kernel.org>; Fri, 19 Jul 2019 10:31:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=netronome-com.20150623.gappssmtp.com; s=20150623;
	h=from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding;
	bh=PxpD30bpPCGGJ4F7YV8cDsC+X9IUdttLkhSct6iN3GE=;
	b=WLVMRXhw4bFFS5WOaJgEQ+OYwCP+1ouX5JjhRqiTGoW8i5cYkGT7j+QkTRfQT0HUBZ
	9pQrIvZnThYc4EpcvS53JFuIaC1dtZV56O/BSKd9Lc6nakKbmWQRG/O3eAkkgyBI0jP9
	FKxbILueNX9+nGDlAcgy+FmraRpLeoB8OOkpCUPTCxIIAUiGjm+jLllzWD/1tvLoRUAS
	dQgMIndbLlWcLoMQ3ZdKTy+gESLRMI/2CQDd/ZMEUn7/1KYnJqFcpbkSYLs0hb5mplAe
	kZi9Vh5aB5bgU6DPraWqtWtB65jiGLhz/JV8n9z1yCyNtDTi6UTpWeTncf0RosZVj5q5
	B7FQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references:mime-version:content-transfer-encoding;
	bh=PxpD30bpPCGGJ4F7YV8cDsC+X9IUdttLkhSct6iN3GE=;
	b=kOeaML/UH4NjlNQihyyv4ShHt7kO5Dx5wfSSodToBSwrqw/a4a4j0uKqpQkVsjrffm
	M9MGvSiQjujhIGrYcoi/1OsRcPkYGW3Hj2IOn0CKvFFVp80TQQs+lxZE1MpjpcLFqnbD
	tpHFzPFQWZcDLS634ogY0qJVDQwXSTP7bvlRt7K8yeOpFa1SicQax0ROvOXdut8Id7Z0
	+9Dr9pEaGuaUG2zUiODxBwxp7aknwlOqlkSAvpm2WPltUK1cq928ujqZjwtlEfjvzNYz
	YDceyobDEMTgv4m1bM9ccxHKWQoqoj+kh1/y7w5LrkHXXArkrsdnNInOu1hSazOeqqiM
	hk0g==
X-Gm-Message-State: APjAAAV3eW/zgXC5Fc+C2rBz4mEltI0/w68NzYPv0FZFm8iGZGKUbGTD
	1HIiC/0MVutdOYoCP5X2MQn6fQ==
X-Google-Smtp-Source: 
 APXvYqxulbRocYK9owq5U4idheIXNAMD7hqm01jKk/Uda1bP35Njt1tpPDu0lKN0KNeTbvB7QufVpA==
X-Received: by 2002:a37:f50f:: with SMTP id
	l15mr37721298qkk.326.1563557462184;
	Fri, 19 Jul 2019 10:31:02 -0700 (PDT)
Received: from jkicinski-Precision-T1700.netronome.com ([66.60.152.14])
	by smtp.gmail.com with ESMTPSA id
	y3sm15568509qtj.46.2019.07.19.10.31.00
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Fri, 19 Jul 2019 10:31:01 -0700 (PDT)
From: Jakub Kicinski <jakub.kicinski@netronome.com>
To: john.fastabend@gmail.com, alexei.starovoitov@gmail.com,
	daniel@iogearbox.net
Cc: edumazet@google.com, netdev@vger.kernel.org, bpf@vger.kernel.org,
	Jakub Kicinski <jakub.kicinski@netronome.com>,
	Dirk van der Merwe <dirk.vandermerwe@netronome.com>
Subject: [PATCH bpf v4 01/14] net/tls: don't arm strparser immediately in
	tls_set_sw_offload()
Date: Fri, 19 Jul 2019 10:29:14 -0700
Message-Id: <20190719172927.18181-2-jakub.kicinski@netronome.com>
X-Mailer: git-send-email 2.21.0
In-Reply-To: <20190719172927.18181-1-jakub.kicinski@netronome.com>
References: <20190719172927.18181-1-jakub.kicinski@netronome.com>
MIME-Version: 1.0
Sender: bpf-owner@vger.kernel.org
Precedence: bulk
List-ID: <bpf.vger.kernel.org>
X-Mailing-List: bpf@vger.kernel.org

In tls_set_device_offload_rx() we prepare the software context
for RX fallback and proceed to add the connection to the device.
Unfortunately, software context prep includes arming strparser
so in case of a later error we have to release the socket lock
to call strp_done().

In preparation for not releasing the socket lock half way through
callbacks move arming strparser into a separate function.
Following patches will make use of that.

Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com>
---
 include/net/tls.h    |  1 +
 net/tls/tls_device.c |  1 +
 net/tls/tls_main.c   |  8 +++++---
 net/tls/tls_sw.c     | 19 ++++++++++++-------
 4 files changed, 19 insertions(+), 10 deletions(-)

diff --git a/include/net/tls.h b/include/net/tls.h
index 584609174fe0..43f551cd508b 100644
--- a/include/net/tls.h
+++ b/include/net/tls.h
@@ -355,6 +355,7 @@ int tls_sk_attach(struct sock *sk, int optname, char __user *optval,
 		  unsigned int optlen);
 
 int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx);
+void tls_sw_strparser_arm(struct sock *sk, struct tls_context *ctx);
 int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size);
 int tls_sw_sendpage(struct sock *sk, struct page *page,
 		    int offset, size_t size, int flags);
diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index 7c0b2b778703..4d67d72f007c 100644
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -1045,6 +1045,7 @@ int tls_set_device_offload_rx(struct sock *sk, struct tls_context *ctx)
 	rc = tls_set_sw_offload(sk, ctx, 0);
 	if (rc)
 		goto release_ctx;
+	tls_sw_strparser_arm(sk, ctx);
 
 	rc = netdev->tlsdev_ops->tls_dev_add(netdev, sk, TLS_OFFLOAD_CTX_DIR_RX,
 					     &ctx->crypto_recv.info,
diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c
index 4674e57e66b0..85a9d7d57b32 100644
--- a/net/tls/tls_main.c
+++ b/net/tls/tls_main.c
@@ -526,6 +526,8 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval,
 		{
 #endif
 			rc = tls_set_sw_offload(sk, ctx, 1);
+			if (rc)
+				goto err_crypto_info;
 			conf = TLS_SW;
 		}
 	} else {
@@ -537,13 +539,13 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval,
 		{
 #endif
 			rc = tls_set_sw_offload(sk, ctx, 0);
+			if (rc)
+				goto err_crypto_info;
+			tls_sw_strparser_arm(sk, ctx);
 			conf = TLS_SW;
 		}
 	}
 
-	if (rc)
-		goto err_crypto_info;
-
 	if (tx)
 		ctx->tx_conf = conf;
 	else
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 53b4ad94e74a..f58a8ffc2a9c 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -2160,6 +2160,18 @@ void tls_sw_write_space(struct sock *sk, struct tls_context *ctx)
 	}
 }
 
+void tls_sw_strparser_arm(struct sock *sk, struct tls_context *tls_ctx)
+{
+	struct tls_sw_context_rx *rx_ctx = tls_sw_ctx_rx(tls_ctx);
+
+	write_lock_bh(&sk->sk_callback_lock);
+	rx_ctx->saved_data_ready = sk->sk_data_ready;
+	sk->sk_data_ready = tls_data_ready;
+	write_unlock_bh(&sk->sk_callback_lock);
+
+	strp_check_rcv(&rx_ctx->strp);
+}
+
 int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx)
 {
 	struct tls_context *tls_ctx = tls_get_ctx(sk);
@@ -2357,13 +2369,6 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx)
 		cb.parse_msg = tls_read_size;
 
 		strp_init(&sw_ctx_rx->strp, sk, &cb);
-
-		write_lock_bh(&sk->sk_callback_lock);
-		sw_ctx_rx->saved_data_ready = sk->sk_data_ready;
-		sk->sk_data_ready = tls_data_ready;
-		write_unlock_bh(&sk->sk_callback_lock);
-
-		strp_check_rcv(&sw_ctx_rx->strp);
 	}
 
 	goto out;