git.ipfire.org Git - thirdparty/linux.git/commit

author	Vakul Garg <vakul.garg@nxp.com>
	Sun, 30 Sep 2018 02:34:35 +0000 (08:04 +0530)
committer	David S. Miller <davem@davemloft.net>
	Wed, 3 Oct 2018 06:03:47 +0000 (23:03 -0700)
commit	4e6d47206c32d1bbb4931f1d851dae3870e0df81
tree	efd906bed8a82b51636fb5243aaeecb5b4f6aef0	tree \| snapshot
parent	6502f8562a531100028b8711f1b14b35ec6c2bcb	commit \| diff

tls: Add support for inplace records encryption

Presently, for non-zero copy case, separate pages are allocated for
storing plaintext and encrypted text of records. These pages are stored
in sg_plaintext_data and sg_encrypted_data scatterlists inside record
structure. Further, sg_plaintext_data & sg_encrypted_data are passed
to cryptoapis for record encryption. Allocating separate pages for
plaintext and encrypted text is inefficient from both required memory
and performance point of view.

This patch adds support of inplace encryption of records. For non-zero
copy case, we reuse the pages from sg_encrypted_data scatterlist to
copy the application's plaintext data. For the movement of pages from
sg_encrypted_data to sg_plaintext_data scatterlists, we introduce a new
function move_to_plaintext_sg(). This function add pages into
sg_plaintext_data from sg_encrypted_data scatterlists.

tls_do_encryption() is modified to pass the same scatterlist as both
source and destination into aead_request_set_crypt() if inplace crypto
has been enabled. A new ariable 'inplace_crypto' has been introduced in
record structure to signify whether the same scatterlist can be used.
By default, the inplace_crypto is enabled in get_rec(). If zero-copy is
used (i.e. plaintext data is not copied), inplace_crypto is set to '0'.

Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
Reviewed-by: Dave Watson <davejwatson@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/net/tls.h		diff \| blob \| blame \| history
net/tls/tls_sw.c		diff \| blob \| blame \| history