3 files changed, 35 insertions, 28 deletions
diff --git a/include/net/tls.h b/include/net/tls.h
index 6dab6683e42f..c664e6dba0d1 100644
--- a/include/net/tls.h
+++ b/include/net/tls.h
@@ -366,13 +366,9 @@ ssize_t tls_sw_splice_read(struct socket *sock, loff_t *ppos,
                           struct pipe_inode_info *pipe,
                           size_t len, unsigned int flags);
-int tls_set_device_offload(struct sock *sk, struct tls_context *ctx);
 int tls_device_sendmsg(struct sock *sk, struct msghdr *msg, size_t size);
 int tls_device_sendpage(struct sock *sk, struct page *page,
                        int offset, size_t size, int flags);
-void tls_device_free_resources_tx(struct sock *sk);
-void tls_device_init(void);
-void tls_device_cleanup(void);
 int tls_tx_records(struct sock *sk, int flags);
 struct tls_record_info *tls_get_record(struct tls_offload_context_tx *context,
@@ -649,7 +645,6 @@ int tls_proccess_cmsg(struct sock *sk, struct msghdr *msg,
                      unsigned char *record_type);
 void tls_register_device(struct tls_device *device);
 void tls_unregister_device(struct tls_device *device);
-int tls_device_decrypted(struct sock *sk, struct sk_buff *skb);
 int decrypt_skb(struct sock *sk, struct sk_buff *skb,
                struct scatterlist *sgout);
 struct sk_buff *tls_encrypt_skb(struct sk_buff *skb);
@@ -662,9 +657,40 @@ int tls_sw_fallback_init(struct sock *sk,
                         struct tls_offload_context_tx *offload_ctx,
                         struct tls_crypto_info *crypto_info);
+#ifdef CONFIG_TLS_DEVICE
+void tls_device_init(void);
+void tls_device_cleanup(void);
+int tls_set_device_offload(struct sock *sk, struct tls_context *ctx);
+void tls_device_free_resources_tx(struct sock *sk);
 int tls_set_device_offload_rx(struct sock *sk, struct tls_context *ctx);
 void tls_device_offload_cleanup_rx(struct sock *sk);
 void tls_device_rx_resync_new_rec(struct sock *sk, u32 rcd_len, u32 seq);
+int tls_device_decrypted(struct sock *sk, struct sk_buff *skb);
+#else
+static inline void tls_device_init(void) {}
+static inline void tls_device_cleanup(void) {}
+static inline int
+tls_set_device_offload(struct sock *sk, struct tls_context *ctx)
+{
+        return -EOPNOTSUPP;
+}
+static inline void tls_device_free_resources_tx(struct sock *sk) {}
+static inline int
+tls_set_device_offload_rx(struct sock *sk, struct tls_context *ctx)
+{
+        return -EOPNOTSUPP;
+}
+static inline void tls_device_offload_cleanup_rx(struct sock *sk) {}
+static inline void
+tls_device_rx_resync_new_rec(struct sock *sk, u32 rcd_len, u32 seq) {}
+static inline int tls_device_decrypted(struct sock *sk, struct sk_buff *skb)
+{
+        return 0;
+}
+#endif
 #endif /* _TLS_OFFLOAD_H */
diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c
index 2df1ae8b77fa..ac88877dcade 100644
--- a/net/tls/tls_main.c
+++ b/net/tls/tls_main.c
@@ -286,19 +286,14 @@ static void tls_sk_proto_cleanup(struct sock *sk,
                kfree(ctx->tx.rec_seq);
                kfree(ctx->tx.iv);
                tls_sw_release_resources_tx(sk);
-#ifdef CONFIG_TLS_DEVICE
        } else if (ctx->tx_conf == TLS_HW) {
                tls_device_free_resources_tx(sk);
-#endif
        }
        if (ctx->rx_conf == TLS_SW)
                tls_sw_release_resources_rx(sk);
+        else if (ctx->rx_conf == TLS_HW)
-#ifdef CONFIG_TLS_DEVICE
-        if (ctx->rx_conf == TLS_HW)
                tls_device_offload_cleanup_rx(sk);
-#endif
 }
 static void tls_sk_proto_close(struct sock *sk, long timeout)
@@ -537,26 +532,18 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval,
        }
        if (tx) {
-#ifdef CONFIG_TLS_DEVICE
                rc = tls_set_device_offload(sk, ctx);
                conf = TLS_HW;
                if (rc) {
-#else
-                {
-#endif
                        rc = tls_set_sw_offload(sk, ctx, 1);
                        if (rc)
                                goto err_crypto_info;
                        conf = TLS_SW;
                }
        } else {
-#ifdef CONFIG_TLS_DEVICE
                rc = tls_set_device_offload_rx(sk, ctx);
                conf = TLS_HW;
                if (rc) {
-#else
-                {
-#endif
                        rc = tls_set_sw_offload(sk, ctx, 0);
                        if (rc)
                                goto err_crypto_info;
@@ -920,9 +907,7 @@ static int __init tls_register(void)
        tls_sw_proto_ops = inet_stream_ops;
        tls_sw_proto_ops.splice_read = tls_sw_splice_read;
-#ifdef CONFIG_TLS_DEVICE
        tls_device_init();
-#endif
        tcp_register_ulp(&tcp_tls_ulp_ops);
        return 0;
@@ -931,9 +916,7 @@ static int __init tls_register(void)
 static void __exit tls_unregister(void)
 {
        tcp_unregister_ulp(&tcp_tls_ulp_ops);
-#ifdef CONFIG_TLS_DEVICE
        tls_device_cleanup();
-#endif
 }
 module_init(tls_register);
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 91d21b048a9b..c2b5e0d2ba1a 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -1489,13 +1489,12 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb,
        int pad, err = 0;
        if (!ctx->decrypted) {
-#ifdef CONFIG_TLS_DEVICE
                if (tls_ctx->rx_conf == TLS_HW) {
                        err = tls_device_decrypted(sk, skb);
                        if (err < 0)
                                return err;
                }
-#endif
                /* Still not decrypted after tls_device */
                if (!ctx->decrypted) {
                        err = decrypt_internal(sk, skb, dest, NULL, chunk, zc,
@@ -2014,10 +2013,9 @@ static int tls_read_size(struct strparser *strp, struct sk_buff *skb)
                ret = -EINVAL;
                goto read_failure;
        }
-#ifdef CONFIG_TLS_DEVICE
        tls_device_rx_resync_new_rec(strp->sk, data_len + TLS_HEADER_SIZE,
                                     TCP_SKB_CB(skb)->seq + rxm->offset);
-#endif
        return data_len + TLS_HEADER_SIZE;
 read_failure:

diff --git a/include/net/tls.h b/include/net/tls.h index 6dab6683e42f..c664e6dba0d1 100644 --- a/include/net/tls.h +++ b/include/net/tls.h
@@ -366,13 +366,9 @@ ssize_t tls_sw_splice_read(struct socket sock, loff_t ppos,
366	struct pipe_inode_info *pipe,	366	struct pipe_inode_info *pipe,
367	size_t len, unsigned int flags);	367	size_t len, unsigned int flags);
368		368
369	int tls_set_device_offload(struct sock sk, struct tls_context ctx);
370	int tls_device_sendmsg(struct sock sk, struct msghdr msg, size_t size);	369	int tls_device_sendmsg(struct sock sk, struct msghdr msg, size_t size);
371	int tls_device_sendpage(struct sock sk, struct page page,	370	int tls_device_sendpage(struct sock sk, struct page page,
372	int offset, size_t size, int flags);	371	int offset, size_t size, int flags);
373	void tls_device_free_resources_tx(struct sock *sk);
374	void tls_device_init(void);
375	void tls_device_cleanup(void);
376	int tls_tx_records(struct sock *sk, int flags);	372	int tls_tx_records(struct sock *sk, int flags);
377		373
378	struct tls_record_info tls_get_record(struct tls_offload_context_tx context,	374	struct tls_record_info tls_get_record(struct tls_offload_context_tx context,
@@ -649,7 +645,6 @@ int tls_proccess_cmsg(struct sock sk, struct msghdr msg,
649	unsigned char *record_type);	645	unsigned char *record_type);
650	void tls_register_device(struct tls_device *device);	646	void tls_register_device(struct tls_device *device);
651	void tls_unregister_device(struct tls_device *device);	647	void tls_unregister_device(struct tls_device *device);
652	int tls_device_decrypted(struct sock sk, struct sk_buff skb);
653	int decrypt_skb(struct sock sk, struct sk_buff skb,	648	int decrypt_skb(struct sock sk, struct sk_buff skb,
654	struct scatterlist *sgout);	649	struct scatterlist *sgout);
655	struct sk_buff tls_encrypt_skb(struct sk_buff skb);	650	struct sk_buff tls_encrypt_skb(struct sk_buff skb);
@@ -662,9 +657,40 @@ int tls_sw_fallback_init(struct sock *sk,
662	struct tls_offload_context_tx *offload_ctx,	657	struct tls_offload_context_tx *offload_ctx,
663	struct tls_crypto_info *crypto_info);	658	struct tls_crypto_info *crypto_info);
664		659
		660	#ifdef CONFIG_TLS_DEVICE
		661	void tls_device_init(void);
		662	void tls_device_cleanup(void);
		663	int tls_set_device_offload(struct sock sk, struct tls_context ctx);
		664	void tls_device_free_resources_tx(struct sock *sk);
665	int tls_set_device_offload_rx(struct sock sk, struct tls_context ctx);	665	int tls_set_device_offload_rx(struct sock sk, struct tls_context ctx);
666
667	void tls_device_offload_cleanup_rx(struct sock *sk);	666	void tls_device_offload_cleanup_rx(struct sock *sk);
668	void tls_device_rx_resync_new_rec(struct sock *sk, u32 rcd_len, u32 seq);	667	void tls_device_rx_resync_new_rec(struct sock *sk, u32 rcd_len, u32 seq);
		668	int tls_device_decrypted(struct sock sk, struct sk_buff skb);
		669	#else
		670	static inline void tls_device_init(void) {}
		671	static inline void tls_device_cleanup(void) {}
669		672
		673	static inline int
		674	tls_set_device_offload(struct sock sk, struct tls_context ctx)
		675	{
		676	return -EOPNOTSUPP;
		677	}
		678
		679	static inline void tls_device_free_resources_tx(struct sock *sk) {}
		680
		681	static inline int
		682	tls_set_device_offload_rx(struct sock sk, struct tls_context ctx)
		683	{
		684	return -EOPNOTSUPP;
		685	}
		686
		687	static inline void tls_device_offload_cleanup_rx(struct sock *sk) {}
		688	static inline void
		689	tls_device_rx_resync_new_rec(struct sock *sk, u32 rcd_len, u32 seq) {}
		690
		691	static inline int tls_device_decrypted(struct sock sk, struct sk_buff skb)
		692	{
		693	return 0;
		694	}
		695	#endif
670	#endif /* _TLS_OFFLOAD_H */	696	#endif /* _TLS_OFFLOAD_H */


diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c index 2df1ae8b77fa..ac88877dcade 100644 --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c
@@ -286,19 +286,14 @@ static void tls_sk_proto_cleanup(struct sock *sk,
286	kfree(ctx->tx.rec_seq);	286	kfree(ctx->tx.rec_seq);
287	kfree(ctx->tx.iv);	287	kfree(ctx->tx.iv);
288	tls_sw_release_resources_tx(sk);	288	tls_sw_release_resources_tx(sk);
289	#ifdef CONFIG_TLS_DEVICE
290	} else if (ctx->tx_conf == TLS_HW) {	289	} else if (ctx->tx_conf == TLS_HW) {
291	tls_device_free_resources_tx(sk);	290	tls_device_free_resources_tx(sk);
292	#endif
293	}	291	}
294		292
295	if (ctx->rx_conf == TLS_SW)	293	if (ctx->rx_conf == TLS_SW)
296	tls_sw_release_resources_rx(sk);	294	tls_sw_release_resources_rx(sk);
297		295	else if (ctx->rx_conf == TLS_HW)
298	#ifdef CONFIG_TLS_DEVICE
299	if (ctx->rx_conf == TLS_HW)
300	tls_device_offload_cleanup_rx(sk);	296	tls_device_offload_cleanup_rx(sk);
301	#endif
302	}	297	}
303		298
304	static void tls_sk_proto_close(struct sock *sk, long timeout)	299	static void tls_sk_proto_close(struct sock *sk, long timeout)
@@ -537,26 +532,18 @@ static int do_tls_setsockopt_conf(struct sock sk, char __user optval,
537	}	532	}
538		533
539	if (tx) {	534	if (tx) {
540	#ifdef CONFIG_TLS_DEVICE
541	rc = tls_set_device_offload(sk, ctx);	535	rc = tls_set_device_offload(sk, ctx);
542	conf = TLS_HW;	536	conf = TLS_HW;
543	if (rc) {	537	if (rc) {
544	#else
545	{
546	#endif
547	rc = tls_set_sw_offload(sk, ctx, 1);	538	rc = tls_set_sw_offload(sk, ctx, 1);
548	if (rc)	539	if (rc)
549	goto err_crypto_info;	540	goto err_crypto_info;
550	conf = TLS_SW;	541	conf = TLS_SW;
551	}	542	}
552	} else {	543	} else {
553	#ifdef CONFIG_TLS_DEVICE
554	rc = tls_set_device_offload_rx(sk, ctx);	544	rc = tls_set_device_offload_rx(sk, ctx);
555	conf = TLS_HW;	545	conf = TLS_HW;
556	if (rc) {	546	if (rc) {
557	#else
558	{
559	#endif
560	rc = tls_set_sw_offload(sk, ctx, 0);	547	rc = tls_set_sw_offload(sk, ctx, 0);
561	if (rc)	548	if (rc)
562	goto err_crypto_info;	549	goto err_crypto_info;
@@ -920,9 +907,7 @@ static int __init tls_register(void)
920	tls_sw_proto_ops = inet_stream_ops;	907	tls_sw_proto_ops = inet_stream_ops;
921	tls_sw_proto_ops.splice_read = tls_sw_splice_read;	908	tls_sw_proto_ops.splice_read = tls_sw_splice_read;
922		909
923	#ifdef CONFIG_TLS_DEVICE
924	tls_device_init();	910	tls_device_init();
925	#endif
926	tcp_register_ulp(&tcp_tls_ulp_ops);	911	tcp_register_ulp(&tcp_tls_ulp_ops);
927		912
928	return 0;	913	return 0;
@@ -931,9 +916,7 @@ static int __init tls_register(void)
931	static void __exit tls_unregister(void)	916	static void __exit tls_unregister(void)
932	{	917	{
933	tcp_unregister_ulp(&tcp_tls_ulp_ops);	918	tcp_unregister_ulp(&tcp_tls_ulp_ops);
934	#ifdef CONFIG_TLS_DEVICE
935	tls_device_cleanup();	919	tls_device_cleanup();
936	#endif
937	}	920	}
938		921
939	module_init(tls_register);	922	module_init(tls_register);


diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 91d21b048a9b..c2b5e0d2ba1a 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c
@@ -1489,13 +1489,12 @@ static int decrypt_skb_update(struct sock sk, struct sk_buff skb,
1489	int pad, err = 0;	1489	int pad, err = 0;
1490		1490
1491	if (!ctx->decrypted) {	1491	if (!ctx->decrypted) {
1492	#ifdef CONFIG_TLS_DEVICE
1493	if (tls_ctx->rx_conf == TLS_HW) {	1492	if (tls_ctx->rx_conf == TLS_HW) {
1494	err = tls_device_decrypted(sk, skb);	1493	err = tls_device_decrypted(sk, skb);
1495	if (err < 0)	1494	if (err < 0)
1496	return err;	1495	return err;
1497	}	1496	}
1498	#endif	1497
1499	/* Still not decrypted after tls_device */	1498	/* Still not decrypted after tls_device */
1500	if (!ctx->decrypted) {	1499	if (!ctx->decrypted) {
1501	err = decrypt_internal(sk, skb, dest, NULL, chunk, zc,	1500	err = decrypt_internal(sk, skb, dest, NULL, chunk, zc,
@@ -2014,10 +2013,9 @@ static int tls_read_size(struct strparser strp, struct sk_buff skb)
2014	ret = -EINVAL;	2013	ret = -EINVAL;
2015	goto read_failure;	2014	goto read_failure;
2016	}	2015	}
2017	#ifdef CONFIG_TLS_DEVICE	2016
2018	tls_device_rx_resync_new_rec(strp->sk, data_len + TLS_HEADER_SIZE,	2017	tls_device_rx_resync_new_rec(strp->sk, data_len + TLS_HEADER_SIZE,
2019	TCP_SKB_CB(skb)->seq + rxm->offset);	2018	TCP_SKB_CB(skb)->seq + rxm->offset);
2020	#endif
2021	return data_len + TLS_HEADER_SIZE;	2019	return data_len + TLS_HEADER_SIZE;
2022		2020
2023	read_failure:	2021	read_failure: