summaryrefslogtreecommitdiff
path: root/net/tls
diff options
context:
space:
mode:
authorJakub Kicinski <kuba@kernel.org>2022-04-07 20:38:23 -0700
committerDavid S. Miller <davem@davemloft.net>2022-04-08 11:49:09 +0100
commit71471ca32505afa7c3f7f6a8268716e1ddb81cd4 (patch)
tree9faa62db3ff8216e44dd951aa99780b378cef6ee /net/tls
parent3764ae5ba6615095de86698a00e814513b9ad0d5 (diff)
tls: hw: rx: use return value of tls_device_decrypted() to carry status
Instead of tls_device poking into internals of the message return 1 from tls_device_decrypted() if the device handled the decryption. Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/tls')
-rw-r--r--net/tls/tls_device.c7
-rw-r--r--net/tls/tls_sw.c5
2 files changed, 4 insertions, 8 deletions
diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index 78d979e0f298..5e4bd8ba48d3 100644
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -948,7 +948,6 @@ int tls_device_decrypted(struct sock *sk, struct tls_context *tls_ctx,
struct sk_buff *skb, struct strp_msg *rxm)
{
struct tls_offload_context_rx *ctx = tls_offload_ctx_rx(tls_ctx);
- struct tls_msg *tlm = tls_msg(skb);
int is_decrypted = skb->decrypted;
int is_encrypted = !is_decrypted;
struct sk_buff *skb_iter;
@@ -963,11 +962,9 @@ int tls_device_decrypted(struct sock *sk, struct tls_context *tls_ctx,
tls_ctx->rx.rec_seq, rxm->full_len,
is_encrypted, is_decrypted);
- tlm->decrypted |= is_decrypted;
-
if (unlikely(test_bit(TLS_RX_DEV_DEGRADED, &tls_ctx->flags))) {
if (likely(is_encrypted || is_decrypted))
- return 0;
+ return is_decrypted;
/* After tls_device_down disables the offload, the next SKB will
* likely have initial fragments decrypted, and final ones not
@@ -982,7 +979,7 @@ int tls_device_decrypted(struct sock *sk, struct tls_context *tls_ctx,
*/
if (is_decrypted) {
ctx->resync_nh_reset = 1;
- return 0;
+ return is_decrypted;
}
if (is_encrypted) {
tls_device_core_ctrl_rx_resync(tls_ctx, ctx, sk, skb);
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index e24aafb1d289..3a0a120f9c56 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -1575,9 +1575,8 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb,
err = tls_device_decrypted(sk, tls_ctx, skb, rxm);
if (err < 0)
return err;
-
- /* skip SW decryption if NIC handled it already */
- if (tlm->decrypted) {
+ if (err > 0) {
+ tlm->decrypted = 1;
*zc = false;
goto decrypt_done;
}