[PATCH net-next v2 3/4] net/tls: Support 256 bit keys with TX device offload

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Gal Pressman <gal@nvidia.com>
To: "David S. Miller" <davem@davemloft.net>,
	Jakub Kicinski <kuba@kernel.org>
Cc: <netdev@vger.kernel.org>, Saeed Mahameed <saeedm@nvidia.com>,
	Tariq Toukan <tariqt@nvidia.com>,
	John Fastabend <john.fastabend@gmail.com>,
	"Boris Pismenny" <borisp@nvidia.com>,
	Gal Pressman <gal@nvidia.com>
Subject: [PATCH net-next v2 3/4] net/tls: Support 256 bit keys with TX device offload
Date: Tue, 20 Sep 2022 16:01:49 +0300	[thread overview]
Message-ID: <20220920130150.3546-4-gal@nvidia.com> (raw)
In-Reply-To: <20220920130150.3546-1-gal@nvidia.com>

Add the missing clause for 256 bit keys in tls_set_device_offload(), and
the needed adjustments in tls_device_fallback.c.

Reviewed-by: Tariq Toukan <tariqt@nvidia.com>
Signed-off-by: Gal Pressman <gal@nvidia.com>
---
 net/tls/tls_device.c          | 6 ++++++
 net/tls/tls_device_fallback.c | 7 +++++++
 2 files changed, 13 insertions(+)

diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index 3f8121b8125c..a03d66046ca3 100644
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -914,6 +914,7 @@ tls_device_reencrypt(struct sock *sk, struct tls_context *tls_ctx)
 
 	switch (tls_ctx->crypto_recv.info.cipher_type) {
 	case TLS_CIPHER_AES_GCM_128:
+	case TLS_CIPHER_AES_GCM_256:
 		break;
 	default:
 		return -EINVAL;
@@ -1111,6 +1112,11 @@ int tls_set_device_offload(struct sock *sk, struct tls_context *ctx)
 		rec_seq =
 		 ((struct tls12_crypto_info_aes_gcm_128 *)crypto_info)->rec_seq;
 		break;
+	case TLS_CIPHER_AES_GCM_256:
+		iv = ((struct tls12_crypto_info_aes_gcm_256 *)crypto_info)->iv;
+		rec_seq =
+		 ((struct tls12_crypto_info_aes_gcm_256 *)crypto_info)->rec_seq;
+		break;
 	default:
 		rc = -EINVAL;
 		goto release_netdev;
diff --git a/net/tls/tls_device_fallback.c b/net/tls/tls_device_fallback.c
index 0d2b6518b877..cdb391a8754b 100644
--- a/net/tls/tls_device_fallback.c
+++ b/net/tls/tls_device_fallback.c
@@ -64,6 +64,7 @@ static int tls_enc_record(struct aead_request *aead_req,
 
 	switch (prot->cipher_type) {
 	case TLS_CIPHER_AES_GCM_128:
+	case TLS_CIPHER_AES_GCM_256:
 		break;
 	default:
 		return -EINVAL;
@@ -341,6 +342,9 @@ static struct sk_buff *tls_enc_skb(struct tls_context *tls_ctx,
 	case TLS_CIPHER_AES_GCM_128:
 		salt = tls_ctx->crypto_send.aes_gcm_128.salt;
 		break;
+	case TLS_CIPHER_AES_GCM_256:
+		salt = tls_ctx->crypto_send.aes_gcm_256.salt;
+		break;
 	default:
 		return NULL;
 	}
@@ -484,6 +488,9 @@ int tls_sw_fallback_init(struct sock *sk,
 	case TLS_CIPHER_AES_GCM_128:
 		key = ((struct tls12_crypto_info_aes_gcm_128 *)crypto_info)->key;
 		break;
+	case TLS_CIPHER_AES_GCM_256:
+		key = ((struct tls12_crypto_info_aes_gcm_256 *)crypto_info)->key;
+		break;
 	default:
 		return -EINVAL;
 	}
-- 
2.25.1

next prev parent reply	other threads:[~2022-09-20 13:02 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-09-20 13:01 [PATCH net-next v2 0/4] Support 256 bit TLS keys with device offload Gal Pressman
2022-09-20 13:01 ` [PATCH net-next v2 1/4] net/tls: Describe ciphers sizes by const structs Gal Pressman
2022-09-20 13:01 ` [PATCH net-next v2 2/4] net/tls: Use cipher sizes structs Gal Pressman
2022-09-20 13:01 ` Gal Pressman [this message]
2022-09-20 13:01 ` [PATCH net-next v2 4/4] net/mlx5e: Support 256 bit keys with kTLS device offload Gal Pressman
2022-09-23  0:40 ` [PATCH net-next v2 0/4] Support 256 bit TLS keys with " patchwork-bot+netdevbpf

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:3f8121b8125 dfblob:a03d66046ca dfblob:0d2b6518b87
dfblob:cdb391a8754 )
 OR (
bs:"[PATCH net-next v2 3/4] net/tls: Support 256 bit keys with TX device offload" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220920130150.3546-4-gal@nvidia.com \
    --to=gal@nvidia.com \
    --cc=borisp@nvidia.com \
    --cc=davem@davemloft.net \
    --cc=john.fastabend@gmail.com \
    --cc=kuba@kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=saeedm@nvidia.com \
    --cc=tariqt@nvidia.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.