tcp: allow tls to decrypt directly from the tcp rcv queue

author Jakub Kicinski <kuba@kernel.org>

Fri, 22 Jul 2022 23:50:31 +0000 (16:50 -0700)

committer Jakub Kicinski <kuba@kernel.org>

Tue, 26 Jul 2022 21:38:51 +0000 (14:38 -0700)
author Jakub Kicinski <kuba@kernel.org>
Fri, 22 Jul 2022 23:50:31 +0000 (16:50 -0700)
committer Jakub Kicinski <kuba@kernel.org>
Tue, 26 Jul 2022 21:38:51 +0000 (14:38 -0700)
diff --git a/include/net/tcp.h b/include/net/tcp.h

index f9e7c85..b8620be 100644 (file)
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -673,6 +673,8 @@ void tcp_get_info(struct sock *, struct tcp_info *);
  int tcp_read_sock(struct sock *sk, read_descriptor_t *desc,
                   sk_read_actor_t recv_actor);
  int tcp_read_skb(struct sock *sk, skb_read_actor_t recv_actor);
+struct sk_buff *tcp_recv_skb(struct sock *sk, u32 seq, u32 *off);
+void tcp_read_done(struct sock *sk, size_t len);
  
  void tcp_initialize_rcv_mss(struct sock *sk);
  
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c

index ba2bdc8..dc7cc3c 100644 (file)
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -1635,7 +1635,7 @@ static void tcp_eat_recv_skb(struct sock *sk, struct sk_buff *skb)
         __kfree_skb(skb);
  }
  
-static struct sk_buff *tcp_recv_skb(struct sock *sk, u32 seq, u32 *off)
+struct sk_buff *tcp_recv_skb(struct sock *sk, u32 seq, u32 *off)
  {
         struct sk_buff *skb;
         u32 offset;
@@ -1658,6 +1658,7 @@ static struct sk_buff *tcp_recv_skb(struct sock *sk, u32 seq, u32 *off)
         }
         return NULL;
  }
+EXPORT_SYMBOL(tcp_recv_skb);
  
  /*
   * This routine provides an alternative to tcp_recvmsg() for routines
@@ -1788,6 +1789,45 @@ int tcp_read_skb(struct sock *sk, skb_read_actor_t recv_actor)
  }
  EXPORT_SYMBOL(tcp_read_skb);
  
+void tcp_read_done(struct sock *sk, size_t len)
+{
+       struct tcp_sock *tp = tcp_sk(sk);
+       u32 seq = tp->copied_seq;
+       struct sk_buff *skb;
+       size_t left;
+       u32 offset;
+
+       if (sk->sk_state == TCP_LISTEN)
+               return;
+
+       left = len;
+       while (left && (skb = tcp_recv_skb(sk, seq, &offset)) != NULL) {
+               int used;
+
+               used = min_t(size_t, skb->len - offset, left);
+               seq += used;
+               left -= used;
+
+               if (skb->len > offset + used)
+                       break;
+
+               if (TCP_SKB_CB(skb)->tcp_flags & TCPHDR_FIN) {
+                       tcp_eat_recv_skb(sk, skb);
+                       ++seq;
+                       break;
+               }
+               tcp_eat_recv_skb(sk, skb);
+       }
+       WRITE_ONCE(tp->copied_seq, seq);
+
+       tcp_rcv_space_adjust(sk);
+
+       /* Clean up data we have read: This will do ACK frames. */
+       if (left != len)
+               tcp_cleanup_rbuf(sk, len - left);
+}
+EXPORT_SYMBOL(tcp_read_done);
+
  int tcp_peek_len(struct socket *sock)
  {
         return tcp_inq(sock->sk);
author	Jakub Kicinski <kuba@kernel.org>
	Fri, 22 Jul 2022 23:50:31 +0000 (16:50 -0700)
committer	Jakub Kicinski <kuba@kernel.org>
	Tue, 26 Jul 2022 21:38:51 +0000 (14:38 -0700)
include/net/tcp.h		patch \| blob \| history
net/ipv4/tcp.c		patch \| blob \| history