From patchwork Wed Sep 26 10:52:08 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vakul Garg X-Patchwork-Id: 975004 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=nxp.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=nxp.com header.i=@nxp.com header.b="jp4co4Wy"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 42KvtW15dnz9s89 for ; Wed, 26 Sep 2018 20:53:23 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727045AbeIZRFQ (ORCPT ); Wed, 26 Sep 2018 13:05:16 -0400 Received: from mail-db5eur01on0044.outbound.protection.outlook.com ([104.47.2.44]:27680 "EHLO EUR01-DB5-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726307AbeIZRFP (ORCPT ); Wed, 26 Sep 2018 13:05:15 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nxp.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jrQsN1hGQ89cH66zifmCMiEUBq+s1zzGW0lvv4oxnEM=; b=jp4co4Wy2y1qJSNgfrHToHr+vWTNbeacQRe8Gn1DWuB7EYmuGjU0K1t+2ldkwZuok6pdUepK8vIS+xgqmddgI2U1JvmbOiuQoBVsrp/hOI7I2J29LQA1HlL6UCAfvS8f7wylOwRIZRvxZma/GnyuV0NwRc/CmFyjC++AibklCsE= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=vakul.garg@nxp.com; Received: from lti.ap.freescale.net (14.143.30.134) by AM0PR04MB4241.eurprd04.prod.outlook.com (2603:10a6:208:66::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1143.18; Wed, 26 Sep 2018 10:52:42 +0000 From: Vakul Garg To: netdev@vger.kernel.org Cc: borisp@mellanox.com, aviadye@mellanox.com, davejwatson@fb.com, davem@davemloft.net, doronrk@fb.com, Vakul Garg Subject: [PATCH net-next] tls: Remove redundant vars from tls record structure Date: Wed, 26 Sep 2018 16:22:08 +0530 Message-Id: <20180926105208.18515-1-vakul.garg@nxp.com> X-Mailer: git-send-email 2.13.6 MIME-Version: 1.0 X-Originating-IP: [14.143.30.134] X-ClientProxiedBy: MA1PR0101CA0015.INDPRD01.PROD.OUTLOOK.COM (2603:1096:a00:21::25) To AM0PR04MB4241.eurprd04.prod.outlook.com (2603:10a6:208:66::27) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 9dc8034b-d0f8-45b6-0b03-08d6239e30b5 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534165)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:AM0PR04MB4241; X-Microsoft-Exchange-Diagnostics: 1; AM0PR04MB4241; 3:WgNFagoTGyryRIv07mMy6kqtbgnYWuti2heyWshqRQGWTq8tKXWu25/uZ6UpLNMKDZVDq3SzG/hBu39yYeD0E6mis7QGnyFOenAEQPyhxYOxYHcYLHQXh4EIaM1R2X4P0i6Ob/+Wn1oB0LIwZwGxVLJiBqz2/Vydoq2kn7FUDyw1jj9pnYTb1bvs7X6NhG2uz6SSsieaGGhXnEsxfYq2c+nNg/IZjrRlbNHzr5OufOFbW3Tq7tL4m0GgzXFt/nMB; 25:npAALnZGWOmckOiTciT/zI64ZbrJ93EKXha+fV5CuB7ko/ft5tKSzYJeYyqX0SuR8rm39zGe6sT2a5690w8nZtTpg7l6dtSVQLyZ7tzVEme15xUFAFYqBHCVgPJYUEPbUPVu3nd891vtifJ+sjxQeBqkG3wjnbRe2CCIeWHH7yygnPvXalFzex+rDUjZ9ljpJbM/+ihgIL+p3U+5n7Mx7DdjJV6kvfm5WZWrFoo6JftKDGvqbMx104isYosW4nIq0dxvQzVyuw1ljM/XQhVyGNQj4vHxUgoKEBmext3OYdpaxZ5eQAk3bCB7/REM/Bm1HgAFUFCxlXmlyzv7qTEpIw==; 31:r+1IE7cZvNTDfVhzEi1Xfuwg9Re6dRzjkgeREKoa79r9jHiStiRKThKDVh2IjdHT9elkSjt+7LYhReFdJ3WOJkrIhPKzkuyQrX/Ey/fysPxp9frAQnOQiFNrSLRlLHJtVBWPqUUqpEpjagDwmVqMIRxFS+SRiLsJIB8zjMeNV9QBPSkqRoSYe4cxRzR3mXh6e6Rrtcilb0xRLX5J6lgDFXtfCkfLKBS2R9tfJpxPuHk= X-MS-TrafficTypeDiagnostic: AM0PR04MB4241: X-Microsoft-Exchange-Diagnostics: 1; AM0PR04MB4241; 20:3boId+F8JYEJPVo5FR7+mwgOdoZ6qaH1C2RRZt/KXQ6XZFUvYPKX7z6vKJIO6V1FufLS1a7/2+4WlW/YfxrCKH0s+EyTHu25wRPjl8K1Xp1AYxG2Nwe9DqyMBWxD/T93qdB8yB0zQ0myFzdnPqN8vIxhwElZ2YZJdyfgfUN7JCyet24HKsh2nlni0j+hyhK5/zOwaRq+6JARuNG9SFaFdsc45YmyPd7lX8OrIHTl0JX/JDCHeRP1WwSvcIeaHE2WuqCO4MRHbWLfow7ZxdwFsooCmTNJ2bkyLftsTORwXXfpkeCGrI4F2KMw7x38TyipT6GjjCNoHWhjf+KXRqEv7/HUMxgbzcplka1Q5ZbvKsHvuQkZTXbNPN98goFH1f0OAKY86t+d8D8nGdwlcZMIvaLSGlMpRSXzMlGXaVtZzIGDHGMyWqCoT4tUKQp8lAYYPOzwaKQG4PrcAKVjMr9N9myUqXkw1m4Ia8Eq3COHv5YPmrSCij3wCwEghTbr8WZK; 4:jJRB9KkZMH9No3E9H0JQktuACEbenAxw9EJBnxwkdBXK/m0g3nAYRNZuPVdQEczLt435XQV0elSA6PbwLKy96WIK1YMU+Z2BO27JoPP9Kmf38Y3EdcFgll4sZ8sIhwxy3TM/qNFTRxWW6bCFCRaC16nzu5Q42DvSstEoSFansAczYOLjNqw70XIcSOXyuurUxc6Xc0wlG0kgl29EN3ALsRIs+l/nTgErF/geYa5bD+DNTrL2MuM7OaQXPfzQYCMjDysHe5UbQz9zIC4mQQ9+SpLIabE8Eh4/RAxinFJMKGHqQyY93OxuV7uE2MyRc/xA X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(185117386973197); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(93006095)(93001095)(10201501046)(3231355)(944501410)(52105095)(6055026)(149066)(150057)(6041310)(20161123564045)(20161123558120)(20161123562045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(201708071742011)(7699051); SRVR:AM0PR04MB4241; BCL:0; PCL:0; RULEID:; SRVR:AM0PR04MB4241; X-Forefront-PRVS: 08076ABC99 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(366004)(376002)(346002)(396003)(136003)(39860400002)(189003)(199004)(305945005)(3846002)(186003)(6116002)(81156014)(50226002)(7736002)(8936002)(5660300001)(66066001)(6486002)(2351001)(5009440100003)(2361001)(478600001)(81166006)(2906002)(16526019)(106356001)(6666003)(105586002)(6916009)(26005)(1076002)(47776003)(316002)(97736004)(16586007)(14444005)(50466002)(486006)(44832011)(53936002)(48376002)(68736007)(956004)(476003)(6512007)(8676002)(4326008)(6506007)(386003)(36756003)(52116002)(51416003)(34290500001)(25786009)(2616005)(86362001)(110426005); DIR:OUT; SFP:1101; SCL:1; SRVR:AM0PR04MB4241; H:lti.ap.freescale.net; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; Received-SPF: None (protection.outlook.com: nxp.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: 1; AM0PR04MB4241; 23:/a1jZTjq94WNYAs+BDKPAc5+u2PkSnj6dze8KsdVIN0pp6MiOhgheXoy7ICeb1V4mhVHz1RDfk9tQbDSPgktg0U8mf728V+9eLBBfHnkf/hbWKZ6c/G4V8MXENfkdIksTb972CnC5npeHdDxF3jegbeapa1RtF+YnH93ut7yfcFyDfR08CewzkvxuBrArPoPKfO9AM/d6qcDdcvW2CXLRnbFrbeWrKOowVHaJwUsbh+UvfuQJWgTYvvJ35JjOM5kzX6RpTvHBhjoyXga98NQUQNjD6s1R76FZH/h6er6l3gxdb8FX7cqtNwribaaM4RCiS3slcUj3Kuvphei0d78xcStyXVcDyl5Oy0KM3FmEKfeUrA090WP//oXybzllK/29zSAAeyJHR1w7UPRaZSu63T70o93QnbUwPI9J6GihnWGTgiy29rnjS+thor3Xthq268XO8e2FS2YZPlX256FbVeseNKhNKLuhdmi+o1IfkoM3tg35RMdjAwj9EFJF8ICeyB5xUbZGokn2aQdMczx9xrbNN5Y7zdEu8reIAzFIwidOIQOFFMNDxsdoWUNlzUPWaalwmFqOp8POI7oXOYaao+HowIkfq4pSUKGEs8h7SEftVHNRFUBBk+sQHLXIIxum8a2xo/eYGYOAcG1Fixf9tiYrnvyCrHMCp/MghClcBgWfz+sY3AC5swqzTszVuUydVVOhlFwzX/MF7kfLrfaok39+YwFIp9ab26sj/q68c/oSkt7KgwF+zNeLMHTMlgAkPxyjRLQrGfHPUzogKNjGkx27B+jpRf9bBirz5WoQ+uMryBrIYd0vd4j9Cs/ytDiv0Lf26c5rJ0Cgod6YRp8OkqJI/oQXd7+8f5FoTDKAfGW+PLEhPBhnWJMLbnXRZHWHi0kTmFYaPCXDuRtYe9Rhp1J3+hWHxhiIVSf5bq5hfpcGQ2segk2GDJcSt3f1ndaBlIlzdeqQshLDReKJ3vKkNkcjOyw8pWR0kwdfjLSCag8ISF6stHrJngNB1v2nrm7301YrFAmWm+DG52Jzu+5tPmAOZ+UPhZ89y+lTjQ6mBoebb0GMj2tZlZJ+x8P4ib0IiGvNQREs1BXqvh3qgeXRKG9fibn72q5XvaFuGgjpXFGAA8ya4SyWRMgbxuVBogdWgvpabVsET84GMEewjdfuP2EUJkCROH/GwP/CiYFktGbI6CVagAPDOlh7KTAsMxW5zbTfE1gSxxIVuVS+SU8YhZRPinC+uuW0lLNGN4cXiO+EgzDF5zLN1luPAXYYv3x054/UXQefUTuz9BvWNLWlQ== X-Microsoft-Antispam-Message-Info: Eut49MqTuHD9hRJQk9GyrONSS0lR4MSKVd7IVl2PY+fOyqL6UTKEbKLOz678cVveiVdTgMzAvkLW/gyljswIFf8prA7CuRHmR1dJdGIFjszLbmj2+QDYUXuHXCOIIoqop9Ym4GA01Tp1pX+KxNMe60wWdjLGiS+4J7CaCh5DzwnqUmlEGeJ0VI8hEkci9rLBF8XpA0qim4rHHpKQ0Hmycb6kyhMZhd71MnzlnuobaLr5OdLe1xU2IH+snXPFGe7Sp1rJEujcgRiORRE0Kt6r7vIzumG2DoSAw4KRFzvzjrhfpsgq3sCDC/P+9d43N8UU5eHg5IdNQq3kFf1hdaOAkG5bxy5YQIgb5d6JnR9cMPs= X-Microsoft-Exchange-Diagnostics: 1; AM0PR04MB4241; 6:5KC4+muNfZvcdfDm59IKn1XsXg2Y9C7gwzDLdpeiIEpF8V9bt5nrazAaL60GW2T3kZ/AG7buk+pbtvXODnxbgE9OICMv0kcAYSjJRnC0/kgWuPKYB+REAGLpMXSX8xwhHpFOp3PVS7SlQW515FpjQeJbk9F9XK2S7QI2aR9+bwl14gSr1JckawCqN+9XnvguCSL1z0wf+Q1Nn/MTDcsgSOzafLhAIe4zZtBbhR/sDPE7LLNjaDadGGNDG5lqVWgEA8fonc8ruvWd0Hn9ulW2P1eMrFdmTtCtbaqCDmXj6d5rjHL1TxAbvRjzdXcl9fWJn0RCgkVBuhnrk1inEriiSHwHvQ8/z7wbUBcrVJJ9TcRNa/70IIWxdyMdJuDYy7fd3YjjNfdQncgjxvojlovr0xKSQOuGarxTrgC94aBorLWE2hkEiEM1GmIdsAHWNSQvANOU6ZwkEgDuOielAHYNKg==; 5:y3DTv35oTSBPJosh0KoyesJ51ysk4JPZEwAFYzq+HGjcyazGz6z/yYW/PizSPUugtUbq9k52oWEmWDTLDViJmxx7dfp6yLGNK8FwtHiwhSXvtlcnOG7hXmzRMUGHvSp0WrDU5rGsE8XohzlwvRRNvM7N0Ca5akpasVXmSkS2rW4=; 7:j2PZjfhyCCjgzRZG1tMPwG3LYD4IdC35pCkNsJ5ghd6MKvXswUNNJoFrkiUfYtrGzEqY5F0ctNjdhyKMMxKO3jnJy+Zxva90texl5NU1VNOS5CTe1m2ygd1zf36FDKlz8HidfKxE87ALdmu1ALeVhWLneKZPOqRuSUHBEB2eqfsi7kckHH719t9WE67+9t4oJiZF/r2F1t9AVvSYUb5bNzrQIl6QGPhoNcQgN0HksNJU7KGzLiLIX3yAyYLB+h3f SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: nxp.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Sep 2018 10:52:42.6604 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9dc8034b-d0f8-45b6-0b03-08d6239e30b5 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 686ea1d3-bc2b-4c6f-a92c-d99c5c301635 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR04MB4241 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Structure 'tls_rec' contains sg_aead_in and sg_aead_out which point to a aad_space and then chain scatterlists sg_plaintext_data, sg_encrypted_data respectively. Rather than using chained scatterlists for plaintext and encrypted data in aead_req, it is efficient to store aad_space in sg_encrypted_data and sg_plaintext_data itself in the first index and get rid of sg_aead_in, sg_aead_in and further chaining. This requires increasing size of sg_encrypted_data & sg_plaintext_data arrarys by 1 to accommodate entry for aad_space. The code which uses sg_encrypted_data and sg_plaintext_data has been modified to skip first index as it points to aad_space. Signed-off-by: Vakul Garg --- include/net/tls.h | 6 ++-- net/tls/tls_sw.c | 92 ++++++++++++++++++++++++++----------------------------- 2 files changed, 45 insertions(+), 53 deletions(-) diff --git a/include/net/tls.h b/include/net/tls.h index 1615fb5ea114..262420cdad10 100644 --- a/include/net/tls.h +++ b/include/net/tls.h @@ -101,13 +101,11 @@ struct tls_rec { struct list_head list; int tx_ready; int tx_flags; - struct scatterlist sg_plaintext_data[MAX_SKB_FRAGS]; - struct scatterlist sg_encrypted_data[MAX_SKB_FRAGS]; /* AAD | sg_plaintext_data | sg_tag */ - struct scatterlist sg_aead_in[2]; + struct scatterlist sg_plaintext_data[MAX_SKB_FRAGS + 1]; /* AAD | sg_encrypted_data (data contain overhead for hdr&iv&tag) */ - struct scatterlist sg_aead_out[2]; + struct scatterlist sg_encrypted_data[MAX_SKB_FRAGS + 1]; unsigned int sg_plaintext_size; unsigned int sg_encrypted_size; diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 4c18b4dba284..8cf7bef7c5a2 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -248,7 +248,7 @@ static void trim_both_sgl(struct sock *sk, int target_size) struct tls_sw_context_tx *ctx = tls_sw_ctx_tx(tls_ctx); struct tls_rec *rec = ctx->open_rec; - trim_sg(sk, rec->sg_plaintext_data, + trim_sg(sk, &rec->sg_plaintext_data[1], &rec->sg_plaintext_num_elem, &rec->sg_plaintext_size, target_size); @@ -256,7 +256,7 @@ static void trim_both_sgl(struct sock *sk, int target_size) if (target_size > 0) target_size += tls_ctx->tx.overhead_size; - trim_sg(sk, rec->sg_encrypted_data, + trim_sg(sk, &rec->sg_encrypted_data[1], &rec->sg_encrypted_num_elem, &rec->sg_encrypted_size, target_size); @@ -270,12 +270,13 @@ static int alloc_encrypted_sg(struct sock *sk, int len) int rc = 0; rc = sk_alloc_sg(sk, len, - rec->sg_encrypted_data, 0, + &rec->sg_encrypted_data[1], 0, &rec->sg_encrypted_num_elem, &rec->sg_encrypted_size, 0); if (rc == -ENOSPC) - rec->sg_encrypted_num_elem = ARRAY_SIZE(rec->sg_encrypted_data); + rec->sg_encrypted_num_elem = + ARRAY_SIZE(rec->sg_encrypted_data) - 1; return rc; } @@ -287,12 +288,15 @@ static int alloc_plaintext_sg(struct sock *sk, int len) struct tls_rec *rec = ctx->open_rec; int rc = 0; - rc = sk_alloc_sg(sk, len, rec->sg_plaintext_data, 0, - &rec->sg_plaintext_num_elem, &rec->sg_plaintext_size, + rc = sk_alloc_sg(sk, len, + &rec->sg_plaintext_data[1], 0, + &rec->sg_plaintext_num_elem, + &rec->sg_plaintext_size, tls_ctx->pending_open_record_frags); if (rc == -ENOSPC) - rec->sg_plaintext_num_elem = ARRAY_SIZE(rec->sg_plaintext_data); + rec->sg_plaintext_num_elem = + ARRAY_SIZE(rec->sg_plaintext_data) - 1; return rc; } @@ -320,11 +324,11 @@ static void tls_free_open_rec(struct sock *sk) if (!rec) return; - free_sg(sk, rec->sg_encrypted_data, + free_sg(sk, &rec->sg_encrypted_data[1], &rec->sg_encrypted_num_elem, &rec->sg_encrypted_size); - free_sg(sk, rec->sg_plaintext_data, + free_sg(sk, &rec->sg_plaintext_data[1], &rec->sg_plaintext_num_elem, &rec->sg_plaintext_size); @@ -355,7 +359,7 @@ int tls_tx_records(struct sock *sk, int flags) * Remove the head of tx_list */ list_del(&rec->list); - free_sg(sk, rec->sg_plaintext_data, + free_sg(sk, &rec->sg_plaintext_data[1], &rec->sg_plaintext_num_elem, &rec->sg_plaintext_size); kfree(rec); @@ -370,13 +374,13 @@ int tls_tx_records(struct sock *sk, int flags) tx_flags = flags; rc = tls_push_sg(sk, tls_ctx, - &rec->sg_encrypted_data[0], + &rec->sg_encrypted_data[1], 0, tx_flags); if (rc) goto tx_err; list_del(&rec->list); - free_sg(sk, rec->sg_plaintext_data, + free_sg(sk, &rec->sg_plaintext_data[1], &rec->sg_plaintext_num_elem, &rec->sg_plaintext_size); @@ -405,16 +409,12 @@ static void tls_encrypt_done(struct crypto_async_request *req, int err) rec = container_of(aead_req, struct tls_rec, aead_req); - rec->sg_encrypted_data[0].offset -= tls_ctx->tx.prepend_size; - rec->sg_encrypted_data[0].length += tls_ctx->tx.prepend_size; + rec->sg_encrypted_data[1].offset -= tls_ctx->tx.prepend_size; + rec->sg_encrypted_data[1].length += tls_ctx->tx.prepend_size; - /* Free the record if error is previously set on socket */ + /* Check if error is previously set on socket */ if (err || sk->sk_err) { - free_sg(sk, rec->sg_encrypted_data, - &rec->sg_encrypted_num_elem, &rec->sg_encrypted_size); - - kfree(rec); rec = NULL; /* If err is already set on socket, return the same code */ @@ -449,7 +449,7 @@ static void tls_encrypt_done(struct crypto_async_request *req, int err) /* Schedule the transmission */ if (!test_and_set_bit(BIT_TX_SCHEDULED, &ctx->tx_bitmask)) - schedule_delayed_work(&ctx->tx_work.work, 1); + schedule_delayed_work(&ctx->tx_work.work, 2); } static int tls_do_encryption(struct sock *sk, @@ -461,13 +461,14 @@ static int tls_do_encryption(struct sock *sk, struct tls_rec *rec = ctx->open_rec; int rc; - rec->sg_encrypted_data[0].offset += tls_ctx->tx.prepend_size; - rec->sg_encrypted_data[0].length -= tls_ctx->tx.prepend_size; + /* Skip the first index as it contains AAD data */ + rec->sg_encrypted_data[1].offset += tls_ctx->tx.prepend_size; + rec->sg_encrypted_data[1].length -= tls_ctx->tx.prepend_size; aead_request_set_tfm(aead_req, ctx->aead_send); aead_request_set_ad(aead_req, TLS_AAD_SPACE_SIZE); - aead_request_set_crypt(aead_req, rec->sg_aead_in, - rec->sg_aead_out, + aead_request_set_crypt(aead_req, rec->sg_plaintext_data, + rec->sg_encrypted_data, data_len, tls_ctx->tx.iv); aead_request_set_callback(aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG, @@ -480,8 +481,8 @@ static int tls_do_encryption(struct sock *sk, rc = crypto_aead_encrypt(aead_req); if (!rc || rc != -EINPROGRESS) { atomic_dec(&ctx->encrypt_pending); - rec->sg_encrypted_data[0].offset -= tls_ctx->tx.prepend_size; - rec->sg_encrypted_data[0].length += tls_ctx->tx.prepend_size; + rec->sg_encrypted_data[1].offset -= tls_ctx->tx.prepend_size; + rec->sg_encrypted_data[1].length += tls_ctx->tx.prepend_size; } if (!rc) { @@ -512,16 +513,16 @@ static int tls_push_record(struct sock *sk, int flags, rec->tx_flags = flags; req = &rec->aead_req; - sg_mark_end(rec->sg_plaintext_data + rec->sg_plaintext_num_elem - 1); - sg_mark_end(rec->sg_encrypted_data + rec->sg_encrypted_num_elem - 1); + sg_mark_end(rec->sg_plaintext_data + rec->sg_plaintext_num_elem); + sg_mark_end(rec->sg_encrypted_data + rec->sg_encrypted_num_elem); tls_make_aad(rec->aad_space, rec->sg_plaintext_size, tls_ctx->tx.rec_seq, tls_ctx->tx.rec_seq_size, record_type); tls_fill_prepend(tls_ctx, - page_address(sg_page(&rec->sg_encrypted_data[0])) + - rec->sg_encrypted_data[0].offset, + page_address(sg_page(&rec->sg_encrypted_data[1])) + + rec->sg_encrypted_data[1].offset, rec->sg_plaintext_size, record_type); tls_ctx->pending_open_record_frags = 0; @@ -613,7 +614,7 @@ static int memcopy_from_iter(struct sock *sk, struct iov_iter *from, struct tls_context *tls_ctx = tls_get_ctx(sk); struct tls_sw_context_tx *ctx = tls_sw_ctx_tx(tls_ctx); struct tls_rec *rec = ctx->open_rec; - struct scatterlist *sg = rec->sg_plaintext_data; + struct scatterlist *sg = &rec->sg_plaintext_data[1]; int copy, i, rc = 0; for (i = tls_ctx->pending_open_record_frags; @@ -659,17 +660,10 @@ struct tls_rec *get_rec(struct sock *sk) sg_init_table(&rec->sg_encrypted_data[0], ARRAY_SIZE(rec->sg_encrypted_data)); - sg_init_table(rec->sg_aead_in, 2); - sg_set_buf(&rec->sg_aead_in[0], rec->aad_space, + sg_set_buf(&rec->sg_plaintext_data[0], rec->aad_space, sizeof(rec->aad_space)); - sg_unmark_end(&rec->sg_aead_in[1]); - sg_chain(rec->sg_aead_in, 2, rec->sg_plaintext_data); - - sg_init_table(rec->sg_aead_out, 2); - sg_set_buf(&rec->sg_aead_out[0], rec->aad_space, + sg_set_buf(&rec->sg_encrypted_data[0], rec->aad_space, sizeof(rec->aad_space)); - sg_unmark_end(&rec->sg_aead_out[1]); - sg_chain(rec->sg_aead_out, 2, rec->sg_encrypted_data); ctx->open_rec = rec; @@ -763,8 +757,8 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size) ret = zerocopy_from_iter(sk, &msg->msg_iter, try_to_copy, &rec->sg_plaintext_num_elem, &rec->sg_plaintext_size, - rec->sg_plaintext_data, - ARRAY_SIZE(rec->sg_plaintext_data), + &rec->sg_plaintext_data[1], + ARRAY_SIZE(rec->sg_plaintext_data) - 1, true); if (ret) goto fallback_to_reg_send; @@ -781,7 +775,7 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size) continue; fallback_to_reg_send: - trim_sg(sk, rec->sg_plaintext_data, + trim_sg(sk, &rec->sg_plaintext_data[1], &rec->sg_plaintext_num_elem, &rec->sg_plaintext_size, orig_size); @@ -801,7 +795,7 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size) try_to_copy -= required_size - rec->sg_plaintext_size; full_record = true; - trim_sg(sk, rec->sg_encrypted_data, + trim_sg(sk, &rec->sg_encrypted_data[1], &rec->sg_encrypted_num_elem, &rec->sg_encrypted_size, rec->sg_plaintext_size + @@ -949,7 +943,7 @@ int tls_sw_sendpage(struct sock *sk, struct page *page, } get_page(page); - sg = rec->sg_plaintext_data + rec->sg_plaintext_num_elem; + sg = &rec->sg_plaintext_data[1] + rec->sg_plaintext_num_elem; sg_set_page(sg, page, copy, offset); sg_unmark_end(sg); @@ -963,7 +957,7 @@ int tls_sw_sendpage(struct sock *sk, struct page *page, if (full_record || eor || rec->sg_plaintext_num_elem == - ARRAY_SIZE(rec->sg_plaintext_data)) { + ARRAY_SIZE(rec->sg_plaintext_data) - 1) { ret = tls_push_record(sk, flags, record_type); if (ret) { if (ret == -EINPROGRESS) @@ -1571,7 +1565,7 @@ void tls_sw_free_resources_tx(struct sock *sk) rec = list_first_entry(&ctx->tx_list, struct tls_rec, list); - free_sg(sk, rec->sg_plaintext_data, + free_sg(sk, &rec->sg_plaintext_data[1], &rec->sg_plaintext_num_elem, &rec->sg_plaintext_size); @@ -1580,11 +1574,11 @@ void tls_sw_free_resources_tx(struct sock *sk) } list_for_each_entry_safe(rec, tmp, &ctx->tx_list, list) { - free_sg(sk, rec->sg_encrypted_data, + free_sg(sk, &rec->sg_encrypted_data[1], &rec->sg_encrypted_num_elem, &rec->sg_encrypted_size); - free_sg(sk, rec->sg_plaintext_data, + free_sg(sk, &rec->sg_plaintext_data[1], &rec->sg_plaintext_num_elem, &rec->sg_plaintext_size);