Codebase Browser
linux
Go to App

linux/net/tls/tls_sw.c 

/*
 * Copyright (c) 2016-2017, Mellanox Technologies. All rights reserved.
 * Copyright (c) 2016-2017, Dave Watson <[email protected]>. All rights reserved.
 * Copyright (c) 2016-2017, Lance Chao <[email protected]>. All rights reserved.
 * Copyright (c) 2016, Fridolin Pokorny <[email protected]>. All rights reserved.
 * Copyright (c) 2016, Nikos Mavrogiannopoulos <[email protected]>. All rights reserved.
 * Copyright (c) 2018, Covalent IO, Inc. http://covalent.io
 *
 * This software is available to you under a choice of one of two
 * licenses.  You may choose to be licensed under the terms of the GNU
 * General Public License (GPL) Version 2, available from the file
 * COPYING in the main directory of this source tree, or the
 * OpenIB.org BSD license below:
 *
 *     Redistribution and use in source and binary forms, with or
 *     without modification, are permitted provided that the following
 *     conditions are met:
 *
 *      - Redistributions of source code must retain the above
 *        copyright notice, this list of conditions and the following
 *        disclaimer.
 *
 *      - Redistributions in binary form must reproduce the above
 *        copyright notice, this list of conditions and the following
 *        disclaimer in the documentation and/or other materials
 *        provided with the distribution.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 * SOFTWARE.
 */

#include <linux/bug.h>
#include <linux/sched/signal.h>
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/splice.h>
#include <crypto/aead.h>

#include <net/strparser.h>
#include <net/tls.h>
#include <trace/events/sock.h>

#include "tls.h"

struct tls_decrypt_arg {};

struct tls_decrypt_ctx {};

noinline void tls_err_abort(struct sock *sk, int err)
{}

static int __skb_nsg(struct sk_buff *skb, int offset, int len,
                     unsigned int recursion_level)
{}

/* Return the number of scatterlist elements required to completely map the
 * skb, or -EMSGSIZE if the recursion depth is exceeded.
 */
static int skb_nsg(struct sk_buff *skb, int offset, int len)
{}

static int tls_padding_length(struct tls_prot_info *prot, struct sk_buff *skb,
			      struct tls_decrypt_arg *darg)
{}

static void tls_decrypt_done(void *data, int err)
{}

static int tls_decrypt_async_wait(struct tls_sw_context_rx *ctx)
{}

static int tls_do_decryption(struct sock *sk,
			     struct scatterlist *sgin,
			     struct scatterlist *sgout,
			     char *iv_recv,
			     size_t data_len,
			     struct aead_request *aead_req,
			     struct tls_decrypt_arg *darg)
{}

static void tls_trim_both_msgs(struct sock *sk, int target_size)
{}

static int tls_alloc_encrypted_msg(struct sock *sk, int len)
{}

static int tls_clone_plaintext_msg(struct sock *sk, int required)
{}

static struct tls_rec *tls_get_rec(struct sock *sk)
{}

static void tls_free_rec(struct sock *sk, struct tls_rec *rec)
{}

static void tls_free_open_rec(struct sock *sk)
{}

int tls_tx_records(struct sock *sk, int flags)
{}

static void tls_encrypt_done(void *data, int err)
{}

static int tls_encrypt_async_wait(struct tls_sw_context_tx *ctx)
{}

static int tls_do_encryption(struct sock *sk,
			     struct tls_context *tls_ctx,
			     struct tls_sw_context_tx *ctx,
			     struct aead_request *aead_req,
			     size_t data_len, u32 start)
{}

static int tls_split_open_record(struct sock *sk, struct tls_rec *from,
				 struct tls_rec **to, struct sk_msg *msg_opl,
				 struct sk_msg *msg_oen, u32 split_point,
				 u32 tx_overhead_size, u32 *orig_end)
{}

static void tls_merge_open_record(struct sock *sk, struct tls_rec *to,
				  struct tls_rec *from, u32 orig_end)
{}

static int tls_push_record(struct sock *sk, int flags,
			   unsigned char record_type)
{}

static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk,
			       bool full_record, u8 record_type,
			       ssize_t *copied, int flags)
{}

static int tls_sw_push_pending_record(struct sock *sk, int flags)
{}

static int tls_sw_sendmsg_splice(struct sock *sk, struct msghdr *msg,
				 struct sk_msg *msg_pl, size_t try_to_copy,
				 ssize_t *copied)
{}

static int tls_sw_sendmsg_locked(struct sock *sk, struct msghdr *msg,
				 size_t size)
{}

int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
{}

/*
 * Handle unexpected EOF during splice without SPLICE_F_MORE set.
 */
void tls_sw_splice_eof(struct socket *sock)
{}

static int
tls_rx_rec_wait(struct sock *sk, struct sk_psock *psock, bool nonblock,
		bool released)
{}

static int tls_setup_from_iter(struct iov_iter *from,
			       int length, int *pages_used,
			       struct scatterlist *to,
			       int to_max_pages)
{}

static struct sk_buff *
tls_alloc_clrtxt_skb(struct sock *sk, struct sk_buff *skb,
		     unsigned int full_len)
{}

/* Decrypt handlers
 *
 * tls_decrypt_sw() and tls_decrypt_device() are decrypt handlers.
 * They must transform the darg in/out argument are as follows:
 *       |          Input            |         Output
 * -------------------------------------------------------------------
 *    zc | Zero-copy decrypt allowed | Zero-copy performed
 * async | Async decrypt allowed     | Async crypto used / in progress
 *   skb |            *              | Output skb
 *
 * If ZC decryption was performed darg.skb will point to the input skb.
 */

/* This function decrypts the input skb into either out_iov or in out_sg
 * or in skb buffers itself. The input parameter 'darg->zc' indicates if
 * zero-copy mode needs to be tried or not. With zero-copy mode, either
 * out_iov or out_sg must be non-NULL. In case both out_iov and out_sg are
 * NULL, then the decryption happens inside skb buffers itself, i.e.
 * zero-copy gets disabled and 'darg->zc' is updated.
 */
static int tls_decrypt_sg(struct sock *sk, struct iov_iter *out_iov,
			  struct scatterlist *out_sg,
			  struct tls_decrypt_arg *darg)
{}

static int
tls_decrypt_sw(struct sock *sk, struct tls_context *tls_ctx,
	       struct msghdr *msg, struct tls_decrypt_arg *darg)
{}

static int
tls_decrypt_device(struct sock *sk, struct msghdr *msg,
		   struct tls_context *tls_ctx, struct tls_decrypt_arg *darg)
{}

static int tls_rx_one_record(struct sock *sk, struct msghdr *msg,
			     struct tls_decrypt_arg *darg)
{}

int decrypt_skb(struct sock *sk, struct scatterlist *sgout)
{}

static int tls_record_content_type(struct msghdr *msg, struct tls_msg *tlm,
				   u8 *control)
{}

static void tls_rx_rec_done(struct tls_sw_context_rx *ctx)
{}

/* This function traverses the rx_list in tls receive context to copies the
 * decrypted records into the buffer provided by caller zero copy is not
 * true. Further, the records are removed from the rx_list if it is not a peek
 * case and the record has been consumed completely.
 */
static int process_rx_list(struct tls_sw_context_rx *ctx,
			   struct msghdr *msg,
			   u8 *control,
			   size_t skip,
			   size_t len,
			   bool is_peek,
			   bool *more)
{}

static bool
tls_read_flush_backlog(struct sock *sk, struct tls_prot_info *prot,
		       size_t len_left, size_t decrypted, ssize_t done,
		       size_t *flushed_at)
{}

static int tls_rx_reader_acquire(struct sock *sk, struct tls_sw_context_rx *ctx,
				 bool nonblock)
{}

static int tls_rx_reader_lock(struct sock *sk, struct tls_sw_context_rx *ctx,
			      bool nonblock)
{}

static void tls_rx_reader_release(struct sock *sk, struct tls_sw_context_rx *ctx)
{}

static void tls_rx_reader_unlock(struct sock *sk, struct tls_sw_context_rx *ctx)
{}

int tls_sw_recvmsg(struct sock *sk,
		   struct msghdr *msg,
		   size_t len,
		   int flags,
		   int *addr_len)
{}

ssize_t tls_sw_splice_read(struct socket *sock,  loff_t *ppos,
			   struct pipe_inode_info *pipe,
			   size_t len, unsigned int flags)
{}

int tls_sw_read_sock(struct sock *sk, read_descriptor_t *desc,
		     sk_read_actor_t read_actor)
{}

bool tls_sw_sock_is_readable(struct sock *sk)
{}

int tls_rx_msg_size(struct tls_strparser *strp, struct sk_buff *skb)
{}

void tls_rx_msg_ready(struct tls_strparser *strp)
{}

static void tls_data_ready(struct sock *sk)
{}

void tls_sw_cancel_work_tx(struct tls_context *tls_ctx)
{}

void tls_sw_release_resources_tx(struct sock *sk)
{}

void tls_sw_free_ctx_tx(struct tls_context *tls_ctx)
{}

void tls_sw_release_resources_rx(struct sock *sk)
{}

void tls_sw_strparser_done(struct tls_context *tls_ctx)
{}

void tls_sw_free_ctx_rx(struct tls_context *tls_ctx)
{}

void tls_sw_free_resources_rx(struct sock *sk)
{}

/* The work handler to transmitt the encrypted records in tx_list */
static void tx_work_handler(struct work_struct *work)
{}

static bool tls_is_tx_ready(struct tls_sw_context_tx *ctx)
{}

void tls_sw_write_space(struct sock *sk, struct tls_context *ctx)
{}

void tls_sw_strparser_arm(struct sock *sk, struct tls_context *tls_ctx)
{}

void tls_update_rx_zc_capable(struct tls_context *tls_ctx)
{}

static struct tls_sw_context_tx *init_ctx_tx(struct tls_context *ctx, struct sock *sk)
{}

static struct tls_sw_context_rx *init_ctx_rx(struct tls_context *ctx)
{}

int init_prot_info(struct tls_prot_info *prot,
		   const struct tls_crypto_info *crypto_info,
		   const struct tls_cipher_desc *cipher_desc)
{}

int tls_set_sw_offload(struct sock *sk, int tx)
{}