Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 21 Oct 2021 17:08:56 GMT
From:      John Baldwin <jhb@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: 96668a81aef7 - main - ktls: Always create a software backend for receive sessions.
Message-ID:  <202110211708.19LH8ukn081044@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch main has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=96668a81aef7e9be74386820f1583961eee43ea6

commit 96668a81aef7e9be74386820f1583961eee43ea6
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2021-10-21 16:37:17 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2021-10-21 16:37:17 +0000

    ktls: Always create a software backend for receive sessions.
    
    A future change to TOE TLS will require a software fallback for the
    first few TLS records received.  Future support for NIC TLS on receive
    will also require a software fallback for certain cases.
    
    Reviewed by:    gallatin, hselasky
    Sponsored by:   Chelsio Communications
    Differential Revision:  https://reviews.freebsd.org/D32566
---
 sys/kern/uipc_ktls.c | 36 ++++++++++++++++++++++--------------
 sys/sys/ktls.h       |  6 ++----
 2 files changed, 24 insertions(+), 18 deletions(-)

diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c
index eb1f8dec8c1e..f97bf9d1117f 100644
--- a/sys/kern/uipc_ktls.c
+++ b/sys/kern/uipc_ktls.c
@@ -784,7 +784,6 @@ ktls_cleanup(struct ktls_session *tls)
 			counter_u64_add(ktls_sw_chacha20, -1);
 			break;
 		}
-		ktls_ocf_free(tls);
 		break;
 	case TCP_TLS_MODE_IFNET:
 		switch (tls->params.cipher_algorithm) {
@@ -817,6 +816,8 @@ ktls_cleanup(struct ktls_session *tls)
 		break;
 #endif
 	}
+	if (tls->ocf_session != NULL)
+		ktls_ocf_free(tls);
 	if (tls->params.auth_key != NULL) {
 		zfree(tls->params.auth_key, M_KTLS);
 		tls->params.auth_key = NULL;
@@ -1004,14 +1005,9 @@ ktls_try_ifnet(struct socket *so, struct ktls_session *tls, bool force)
 	return (error);
 }
 
-static int
-ktls_try_sw(struct socket *so, struct ktls_session *tls, int direction)
+static void
+ktls_use_sw(struct ktls_session *tls)
 {
-	int error;
-
-	error = ktls_ocf_try(so, tls, direction);
-	if (error)
-		return (error);
 	tls->mode = TCP_TLS_MODE_SW;
 	switch (tls->params.cipher_algorithm) {
 	case CRYPTO_AES_CBC:
@@ -1024,6 +1020,17 @@ ktls_try_sw(struct socket *so, struct ktls_session *tls, int direction)
 		counter_u64_add(ktls_sw_chacha20, 1);
 		break;
 	}
+}
+
+static int
+ktls_try_sw(struct socket *so, struct ktls_session *tls, int direction)
+{
+	int error;
+
+	error = ktls_ocf_try(so, tls, direction);
+	if (error)
+		return (error);
+	ktls_use_sw(tls);
 	return (0);
 }
 
@@ -1184,17 +1191,18 @@ ktls_enable_rx(struct socket *so, struct tls_enable *en)
 	if (error)
 		return (error);
 
-#ifdef TCP_OFFLOAD
-	error = ktls_try_toe(so, tls, KTLS_RX);
-	if (error)
-#endif
-		error = ktls_try_sw(so, tls, KTLS_RX);
-
+	error = ktls_ocf_try(so, tls, KTLS_RX);
 	if (error) {
 		ktls_cleanup(tls);
 		return (error);
 	}
 
+#ifdef TCP_OFFLOAD
+	error = ktls_try_toe(so, tls, KTLS_RX);
+	if (error)
+#endif
+		ktls_use_sw(tls);
+
 	/* Mark the socket as using TLS offload. */
 	SOCKBUF_LOCK(&so->so_rcv);
 	so->so_rcv.sb_tls_seqno = be64dec(en->rec_seq);
diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h
index aea13d2d8ce1..a3eac69b5eeb 100644
--- a/sys/sys/ktls.h
+++ b/sys/sys/ktls.h
@@ -184,10 +184,8 @@ struct ktls_session {
 		    const struct tls_record_layer *hdr, struct mbuf *m,
 		    uint64_t seqno, int *trailer_len);
 	};
-	union {
-		struct ktls_ocf_session *ocf_session;
-		struct m_snd_tag *snd_tag;
-	};
+	struct ktls_ocf_session *ocf_session;
+	struct m_snd_tag *snd_tag;
 	struct tls_session_params params;
 	u_int	wq_index;
 	volatile u_int refcount;



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202110211708.19LH8ukn081044>