tls: hw: rx: use return value of tls_device_decrypted() to carry status

[ Upstream commit 71471ca32505afa7c3f7f6a8268716e1ddb81cd4 ]

Instead of tls_device poking into internals of the message
return 1 from tls_device_decrypted() if the device handled
the decryption.

Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Stable-dep-of: f7fa16d49837 ("tls: decrement decrypt_pending if no async completion will be called")
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index f23d18e666284a481c7a3e670f8158235bb053f4..e7c361807590d96e70e37e519915936a68076296 100644 (file)
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -936,7 +936,6 @@ int tls_device_decrypted(struct sock *sk, struct tls_context *tls_ctx,
                         struct sk_buff *skb, struct strp_msg *rxm)
 {
        struct tls_offload_context_rx *ctx = tls_offload_ctx_rx(tls_ctx);
-       struct tls_msg *tlm = tls_msg(skb);
        int is_decrypted = skb->decrypted;
        int is_encrypted = !is_decrypted;
        struct sk_buff *skb_iter;
@@ -951,11 +950,9 @@ int tls_device_decrypted(struct sock *sk, struct tls_context *tls_ctx,
                                   tls_ctx->rx.rec_seq, rxm->full_len,
                                   is_encrypted, is_decrypted);
 
-       tlm->decrypted |= is_decrypted;
-
        if (unlikely(test_bit(TLS_RX_DEV_DEGRADED, &tls_ctx->flags))) {
                if (likely(is_encrypted || is_decrypted))
-                       return 0;
+                       return is_decrypted;
 
                /* After tls_device_down disables the offload, the next SKB will
                 * likely have initial fragments decrypted, and final ones not
@@ -970,7 +967,7 @@ int tls_device_decrypted(struct sock *sk, struct tls_context *tls_ctx,
         */
        if (is_decrypted) {
                ctx->resync_nh_reset = 1;
-               return 0;
+               return is_decrypted;
        }
        if (is_encrypted) {
                tls_device_core_ctrl_rx_resync(tls_ctx, ctx, sk, skb);

diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 7da17dd7c38b902549758a6abd4c24d617bf6b77..eed32ef3ca4a0b7ab6d0d1424ec0d52fc714e2a4 100644 (file)
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -1571,9 +1571,8 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb,
                err = tls_device_decrypted(sk, tls_ctx, skb, rxm);
                if (err < 0)
                        return err;
-
-               /* skip SW decryption if NIC handled it already */
-               if (tlm->decrypted) {
+               if (err > 0) {
+                       tlm->decrypted = 1;
                        *zc = false;
                        goto decrypt_done;
                }