From: Jakub Kicinski <kuba@kernel.org>
To: davem@davemloft.net
Cc: netdev@vger.kernel.org, edumazet@google.com, pabeni@redhat.com,
sd@queasysnail.net, vadim.fedorenko@linux.dev,
Jakub Kicinski <kuba@kernel.org>,
borisp@nvidia.com, john.fastabend@gmail.com
Subject: [PATCH net 1/7] net: tls: factor out tls_*crypt_async_wait()
Date: Tue, 6 Feb 2024 17:18:18 -0800 [thread overview]
Message-ID: <20240207011824.2609030-2-kuba@kernel.org> (raw)
In-Reply-To: <20240207011824.2609030-1-kuba@kernel.org>
Factor out waiting for async encrypt and decrypt to finish.
There are already multiple copies and a subsequent fix will
need more. No functional changes.
Note that crypto_wait_req() returns wait->err
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
---
CC: borisp@nvidia.com
CC: john.fastabend@gmail.com
---
net/tls/tls_sw.c | 96 +++++++++++++++++++++++-------------------------
1 file changed, 45 insertions(+), 51 deletions(-)
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 31e8a94dfc11..6a73714f34cc 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -230,6 +230,20 @@ static void tls_decrypt_done(void *data, int err)
spin_unlock_bh(&ctx->decrypt_compl_lock);
}
+static int tls_decrypt_async_wait(struct tls_sw_context_rx *ctx)
+{
+ int pending;
+
+ spin_lock_bh(&ctx->decrypt_compl_lock);
+ reinit_completion(&ctx->async_wait.completion);
+ pending = atomic_read(&ctx->decrypt_pending);
+ spin_unlock_bh(&ctx->decrypt_compl_lock);
+ if (pending)
+ crypto_wait_req(-EINPROGRESS, &ctx->async_wait);
+
+ return ctx->async_wait.err;
+}
+
static int tls_do_decryption(struct sock *sk,
struct scatterlist *sgin,
struct scatterlist *sgout,
@@ -495,6 +509,28 @@ static void tls_encrypt_done(void *data, int err)
schedule_delayed_work(&ctx->tx_work.work, 1);
}
+static int tls_encrypt_async_wait(struct tls_sw_context_tx *ctx)
+{
+ int pending;
+
+ spin_lock_bh(&ctx->encrypt_compl_lock);
+ ctx->async_notify = true;
+
+ pending = atomic_read(&ctx->encrypt_pending);
+ spin_unlock_bh(&ctx->encrypt_compl_lock);
+ if (pending)
+ crypto_wait_req(-EINPROGRESS, &ctx->async_wait);
+ else
+ reinit_completion(&ctx->async_wait.completion);
+
+ /* There can be no concurrent accesses, since we have no
+ * pending encrypt operations
+ */
+ WRITE_ONCE(ctx->async_notify, false);
+
+ return ctx->async_wait.err;
+}
+
static int tls_do_encryption(struct sock *sk,
struct tls_context *tls_ctx,
struct tls_sw_context_tx *ctx,
@@ -984,7 +1020,6 @@ static int tls_sw_sendmsg_locked(struct sock *sk, struct msghdr *msg,
int num_zc = 0;
int orig_size;
int ret = 0;
- int pending;
if (!eor && (msg->msg_flags & MSG_EOR))
return -EINVAL;
@@ -1163,24 +1198,12 @@ static int tls_sw_sendmsg_locked(struct sock *sk, struct msghdr *msg,
if (!num_async) {
goto send_end;
} else if (num_zc) {
+ int err;
+
/* Wait for pending encryptions to get completed */
- spin_lock_bh(&ctx->encrypt_compl_lock);
- ctx->async_notify = true;
-
- pending = atomic_read(&ctx->encrypt_pending);
- spin_unlock_bh(&ctx->encrypt_compl_lock);
- if (pending)
- crypto_wait_req(-EINPROGRESS, &ctx->async_wait);
- else
- reinit_completion(&ctx->async_wait.completion);
-
- /* There can be no concurrent accesses, since we have no
- * pending encrypt operations
- */
- WRITE_ONCE(ctx->async_notify, false);
-
- if (ctx->async_wait.err) {
- ret = ctx->async_wait.err;
+ err = tls_encrypt_async_wait(ctx);
+ if (err) {
+ ret = err;
copied = 0;
}
}
@@ -1229,7 +1252,6 @@ void tls_sw_splice_eof(struct socket *sock)
ssize_t copied = 0;
bool retrying = false;
int ret = 0;
- int pending;
if (!ctx->open_rec)
return;
@@ -1264,22 +1286,7 @@ void tls_sw_splice_eof(struct socket *sock)
}
/* Wait for pending encryptions to get completed */
- spin_lock_bh(&ctx->encrypt_compl_lock);
- ctx->async_notify = true;
-
- pending = atomic_read(&ctx->encrypt_pending);
- spin_unlock_bh(&ctx->encrypt_compl_lock);
- if (pending)
- crypto_wait_req(-EINPROGRESS, &ctx->async_wait);
- else
- reinit_completion(&ctx->async_wait.completion);
-
- /* There can be no concurrent accesses, since we have no pending
- * encrypt operations
- */
- WRITE_ONCE(ctx->async_notify, false);
-
- if (ctx->async_wait.err)
+ if (tls_encrypt_async_wait(ctx))
goto unlock;
/* Transmit if any encryptions have completed */
@@ -2109,16 +2116,10 @@ int tls_sw_recvmsg(struct sock *sk,
recv_end:
if (async) {
- int ret, pending;
+ int ret;
/* Wait for all previously submitted records to be decrypted */
- spin_lock_bh(&ctx->decrypt_compl_lock);
- reinit_completion(&ctx->async_wait.completion);
- pending = atomic_read(&ctx->decrypt_pending);
- spin_unlock_bh(&ctx->decrypt_compl_lock);
- ret = 0;
- if (pending)
- ret = crypto_wait_req(-EINPROGRESS, &ctx->async_wait);
+ ret = tls_decrypt_async_wait(ctx);
__skb_queue_purge(&ctx->async_hold);
if (ret) {
@@ -2435,16 +2436,9 @@ void tls_sw_release_resources_tx(struct sock *sk)
struct tls_context *tls_ctx = tls_get_ctx(sk);
struct tls_sw_context_tx *ctx = tls_sw_ctx_tx(tls_ctx);
struct tls_rec *rec, *tmp;
- int pending;
/* Wait for any pending async encryptions to complete */
- spin_lock_bh(&ctx->encrypt_compl_lock);
- ctx->async_notify = true;
- pending = atomic_read(&ctx->encrypt_pending);
- spin_unlock_bh(&ctx->encrypt_compl_lock);
-
- if (pending)
- crypto_wait_req(-EINPROGRESS, &ctx->async_wait);
+ tls_encrypt_async_wait(ctx);
tls_tx_records(sk, -1);
--
2.43.0
next prev parent reply other threads:[~2024-02-07 1:19 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-07 1:18 [PATCH net 0/7] net: tls: fix some issues with async encryption Jakub Kicinski
2024-02-07 1:18 ` Jakub Kicinski [this message]
2024-02-09 9:23 ` [PATCH net 1/7] net: tls: factor out tls_*crypt_async_wait() Simon Horman
2024-02-10 9:08 ` Sabrina Dubroca
2024-02-07 1:18 ` [PATCH net 2/7] tls: fix race between async notify and socket close Jakub Kicinski
2024-02-09 9:24 ` Simon Horman
2024-02-09 9:47 ` Eric Dumazet
2024-02-10 9:11 ` Sabrina Dubroca
2024-02-07 1:18 ` [PATCH net 3/7] tls: fix race between tx work scheduling " Jakub Kicinski
2024-02-09 9:24 ` Simon Horman
2024-02-10 9:12 ` Sabrina Dubroca
2024-02-07 1:18 ` [PATCH net 4/7] net: tls: handle backlogging of crypto requests Jakub Kicinski
2024-02-09 9:25 ` Simon Horman
2024-02-07 1:18 ` [PATCH net 5/7] net: tls: fix use-after-free with partial reads and async decrypt Jakub Kicinski
2024-02-09 9:25 ` Simon Horman
2024-02-07 1:18 ` [PATCH net 6/7] selftests: tls: use exact comparison in recv_partial Jakub Kicinski
2024-02-09 9:25 ` Simon Horman
2024-02-07 1:18 ` [PATCH net 7/7] net: tls: fix returned read length with async decrypt Jakub Kicinski
2024-02-09 9:22 ` Simon Horman
2024-02-10 9:02 ` Sabrina Dubroca
2024-02-12 17:11 ` Jakub Kicinski
2024-02-10 9:05 ` [PATCH net 0/7] net: tls: fix some issues with async encryption Sabrina Dubroca
2024-02-10 21:40 ` patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240207011824.2609030-2-kuba@kernel.org \
--to=kuba@kernel.org \
--cc=borisp@nvidia.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=john.fastabend@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=sd@queasysnail.net \
--cc=vadim.fedorenko@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).