{"id":809580,"url":"http://patchwork.ozlabs.org/api/1.0/patches/809580/?format=json","project":{"id":7,"url":"http://patchwork.ozlabs.org/api/1.0/projects/7/?format=json","name":"Linux network development","link_name":"netdev","list_id":"netdev.vger.kernel.org","list_email":"netdev@vger.kernel.org","web_url":null,"scm_url":null,"webscm_url":null},"msgid":"<1504520041-55634-3-git-send-email-ilyal@mellanox.com>","date":"2017-09-04T10:14:01","name":"[v3,net-next,2/2] tls: Use correct sk->sk_prot for IPV6","commit_ref":null,"pull_url":null,"state":"changes-requested","archived":true,"hash":"32f801defd421e8af8355c61d71c925a90cb7271","submitter":{"id":67931,"url":"http://patchwork.ozlabs.org/api/1.0/people/67931/?format=json","name":"Ilya Lesokhin","email":"ilyal@mellanox.com"},"delegate":{"id":34,"url":"http://patchwork.ozlabs.org/api/1.0/users/34/?format=json","username":"davem","first_name":"David","last_name":"Miller","email":"davem@davemloft.net"},"mbox":"http://patchwork.ozlabs.org/project/netdev/patch/1504520041-55634-3-git-send-email-ilyal@mellanox.com/mbox/","series":[{"id":1344,"url":"http://patchwork.ozlabs.org/api/1.0/series/1344/?format=json","date":"2017-09-04T10:14:00","name":"Use correct sk->sk_prot for IPV6","version":3,"mbox":"http://patchwork.ozlabs.org/series/1344/mbox/"}],"check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/809580/checks/","tags":{},"headers":{"Return-Path":"<netdev-owner@vger.kernel.org>","X-Original-To":"patchwork-incoming@ozlabs.org","Delivered-To":"patchwork-incoming@ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)","Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xm5L06Btgz9s7m\n\tfor <patchwork-incoming@ozlabs.org>;\n\tMon,  4 Sep 2017 20:14:16 +1000 (AEST)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1753473AbdIDKOK (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);\n\tMon, 4 Sep 2017 06:14:10 -0400","from mail-il-dmz.mellanox.com ([193.47.165.129]:37788 \"EHLO\n\tmellanox.co.il\" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org\n\twith ESMTP id S1753380AbdIDKOI (ORCPT\n\t<rfc822;netdev@vger.kernel.org>); Mon, 4 Sep 2017 06:14:08 -0400","from Internal Mail-Server by MTLPINE1 (envelope-from\n\tilyal@mellanox.com)\n\twith ESMTPS (AES256-SHA encrypted); 4 Sep 2017 13:14:04 +0300","from gen-l-vrt-094.mtl.labs.mlnx (gen-l-vrt-094.mtl.labs.mlnx\n\t[10.137.9.1])\n\tby labmailer.mlnx (8.13.8/8.13.8) with ESMTP id v84AE4Ac015496;\n\tMon, 4 Sep 2017 13:14:04 +0300"],"From":"Ilya Lesokhin <ilyal@mellanox.com>","To":"netdev@vger.kernel.org, davem@davemloft.net","Cc":"davejwatson@fb.com, aviadye@mellanox.com,\n\tIlya Lesokhin <ilyal@mellanox.com>, Boris Pismenny <borisp@mellanox.com>","Subject":"[PATCH v3 net-next 2/2] tls: Use correct sk->sk_prot for IPV6","Date":"Mon,  4 Sep 2017 13:14:01 +0300","Message-Id":"<1504520041-55634-3-git-send-email-ilyal@mellanox.com>","X-Mailer":"git-send-email 1.8.3.1","In-Reply-To":"<1504520041-55634-1-git-send-email-ilyal@mellanox.com>","References":"<1504520041-55634-1-git-send-email-ilyal@mellanox.com>","Sender":"netdev-owner@vger.kernel.org","Precedence":"bulk","List-ID":"<netdev.vger.kernel.org>","X-Mailing-List":"netdev@vger.kernel.org"},"content":"The tls ulp overrides sk->prot with a new tls specific proto structs.\nThe tls specific structs were previously based on the ipv4 specific\ntcp_prot sturct.\nAs a result, attaching the tls ulp to an ipv6 tcp socket replaced\nsome ipv6 callback with the ipv4 equivalents.\n\nThis patch adds ipv6 tls proto structs and uses them when\nattached to ipv6 sockets.\n\nFixes: 3c4d7559159b ('tls: kernel TLS support')\nSigned-off-by: Boris Pismenny <borisp@mellanox.com>\nSigned-off-by: Ilya Lesokhin <ilyal@mellanox.com>\n---\n net/tls/Kconfig    |  1 +\n net/tls/tls_main.c | 50 ++++++++++++++++++++++++++++++++++++++------------\n 2 files changed, 39 insertions(+), 12 deletions(-)","diff":"diff --git a/net/tls/Kconfig b/net/tls/Kconfig\nindex eb58303..7e9cf8b 100644\n--- a/net/tls/Kconfig\n+++ b/net/tls/Kconfig\n@@ -7,6 +7,7 @@ config TLS\n \tselect CRYPTO\n \tselect CRYPTO_AES\n \tselect CRYPTO_GCM\n+\tselect IPV6\n \tdefault n\n \t---help---\n \tEnable kernel support for TLS protocol. This allows symmetric\ndiff --git a/net/tls/tls_main.c b/net/tls/tls_main.c\nindex 60aff60..33c499e 100644\n--- a/net/tls/tls_main.c\n+++ b/net/tls/tls_main.c\n@@ -40,13 +40,25 @@\n #include <linux/sched/signal.h>\n \n #include <net/tls.h>\n+#include <net/transp_v6.h>\n \n MODULE_AUTHOR(\"Mellanox Technologies\");\n MODULE_DESCRIPTION(\"Transport Layer Security Support\");\n MODULE_LICENSE(\"Dual BSD/GPL\");\n \n-static struct proto tls_base_prot;\n-static struct proto tls_sw_prot;\n+enum {\n+\tTLSV4,\n+\tTLSV6,\n+\tTLS_NUM_PROTS,\n+};\n+\n+enum {\n+\tTLS_BASE_TX,\n+\tTLS_SW_TX,\n+\tTLS_NUM_CONFIG,\n+};\n+\n+static struct proto tls_prots[TLS_NUM_PROTS][TLS_NUM_CONFIG];\n \n int wait_on_pending_writer(struct sock *sk, long *timeo)\n {\n@@ -342,6 +354,7 @@ static int do_tls_setsockopt_tx(struct sock *sk, char __user *optval,\n \tstruct tls_context *ctx = tls_get_ctx(sk);\n \tstruct proto *prot = NULL;\n \tint rc = 0;\n+\tint ip_ver = sk->sk_family == AF_INET6 ? TLSV6 : TLSV4;\n \n \tif (!optval || (optlen < sizeof(*crypto_info))) {\n \t\trc = -EINVAL;\n@@ -396,7 +409,7 @@ static int do_tls_setsockopt_tx(struct sock *sk, char __user *optval,\n \n \t/* currently SW is default, we will have ethtool in future */\n \trc = tls_set_sw_offload(sk, ctx);\n-\tprot = &tls_sw_prot;\n+\tprot = &tls_prots[ip_ver][TLS_SW_TX];\n \tif (rc)\n \t\tgoto err_crypto_info;\n \n@@ -443,6 +456,12 @@ static int tls_init(struct sock *sk)\n \tstruct inet_connection_sock *icsk = inet_csk(sk);\n \tstruct tls_context *ctx;\n \tint rc = 0;\n+\tint ip_ver = TLSV4;\n+\n+\tif (sk->sk_prot == &tcpv6_prot)\n+\t\tip_ver = TLSV6;\n+\telse if (sk->sk_prot != &tcp_prot)\n+\t\treturn -EINVAL;\n \n \t/* allocate tls context */\n \tctx = kzalloc(sizeof(*ctx), GFP_KERNEL);\n@@ -453,7 +472,8 @@ static int tls_init(struct sock *sk)\n \ticsk->icsk_ulp_data = ctx;\n \tctx->setsockopt = sk->sk_prot->setsockopt;\n \tctx->getsockopt = sk->sk_prot->getsockopt;\n-\tsk->sk_prot = &tls_base_prot;\n+\n+\tsk->sk_prot = &tls_prots[ip_ver][TLS_BASE_TX];\n out:\n \treturn rc;\n }\n@@ -464,16 +484,22 @@ static int tls_init(struct sock *sk)\n \t.init\t\t\t= tls_init,\n };\n \n+static void build_protos(struct proto *prot, struct proto *base)\n+{\n+\tprot[TLS_BASE_TX] = *base;\n+\tprot[TLS_BASE_TX].setsockopt = tls_setsockopt;\n+\tprot[TLS_BASE_TX].getsockopt = tls_getsockopt;\n+\n+\tprot[TLS_SW_TX] = prot[TLS_BASE_TX];\n+\tprot[TLS_SW_TX].close\t\t= tls_sk_proto_close;\n+\tprot[TLS_SW_TX].sendmsg\t\t= tls_sw_sendmsg;\n+\tprot[TLS_SW_TX].sendpage\t= tls_sw_sendpage;\n+}\n+\n static int __init tls_register(void)\n {\n-\ttls_base_prot\t\t\t= tcp_prot;\n-\ttls_base_prot.setsockopt\t= tls_setsockopt;\n-\ttls_base_prot.getsockopt\t= tls_getsockopt;\n-\n-\ttls_sw_prot\t\t\t= tls_base_prot;\n-\ttls_sw_prot.sendmsg\t\t= tls_sw_sendmsg;\n-\ttls_sw_prot.sendpage            = tls_sw_sendpage;\n-\ttls_sw_prot.close               = tls_sk_proto_close;\n+\tbuild_protos(tls_prots[TLSV4], &tcp_prot);\n+\tbuild_protos(tls_prots[TLSV6], &tcpv6_prot);\n \n \ttcp_register_ulp(&tcp_tls_ulp_ops);\n \n","prefixes":["v3","net-next","2/2"]}