From: David Miller <davem@davemloft.net>
To: vakul.garg@nxp.com
Cc: netdev@vger.kernel.org, borisp@mellanox.com,
aviadye@mellanox.com, davejwatson@fb.com, doronrk@fb.com
Subject: Re: [PATCH net-next] net/tls: Fixed race condition in async encryption
Date: Mon, 24 Sep 2018 12:26:18 -0700 (PDT) [thread overview]
Message-ID: <20180924.122618.1418901464036152090.davem@davemloft.net> (raw)
In-Reply-To: <20180924100556.11420-1-vakul.garg@nxp.com>
From: Vakul Garg <vakul.garg@nxp.com>
Date: Mon, 24 Sep 2018 15:35:56 +0530
> On processors with multi-engine crypto accelerators, it is possible that
> multiple records get encrypted in parallel and their encryption
> completion is notified to different cpus in multicore processor. This
> leads to the situation where tls_encrypt_done() starts executing in
> parallel on different cores. In current implementation, encrypted
> records are queued to tx_ready_list in tls_encrypt_done(). This requires
> addition to linked list 'tx_ready_list' to be protected. As
> tls_decrypt_done() could be executing in irq content, it is not possible
> to protect linked list addition operation using a lock.
>
> To fix the problem, we remove linked list addition operation from the
> irq context. We do tx_ready_list addition/removal operation from
> application context only and get rid of possible multiple access to
> the linked list. Before starting encryption on the record, we add it to
> the tail of tx_ready_list. To prevent tls_tx_records() from transmitting
> it, we mark the record with a new flag 'tx_ready' in 'struct tls_rec'.
> When record encryption gets completed, tls_encrypt_done() has to only
> update the 'tx_ready' flag to true & linked list add operation is not
> required.
>
> The changed logic brings some other side benefits. Since the records
> are always submitted in tls sequence number order for encryption, the
> tx_ready_list always remains sorted and addition of new records to it
> does not have to traverse the linked list.
>
> Lastly, we renamed tx_ready_list in 'struct tls_sw_context_tx' to
> 'tx_list'. This is because now, the some of the records at the tail are
> not ready to transmit.
>
> Fixes: a42055e8d2c3 ("net/tls: Add support for async encryption")
> Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Applied.
prev parent reply other threads:[~2018-09-25 1:30 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-24 10:05 [PATCH net-next] net/tls: Fixed race condition in async encryption Vakul Garg
2018-09-24 19:26 ` David Miller [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180924.122618.1418901464036152090.davem@davemloft.net \
--to=davem@davemloft.net \
--cc=aviadye@mellanox.com \
--cc=borisp@mellanox.com \
--cc=davejwatson@fb.com \
--cc=doronrk@fb.com \
--cc=netdev@vger.kernel.org \
--cc=vakul.garg@nxp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).