bio: Linux TLS Rx Offload

Add support for Linux TLS Rx offload in the BIO layer.

Change-Id: I79924b25dd290a873d69f6c8d429e1f5bb2c3365
Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7848)

diff --git a/crypto/bio/bss_sock.c b/crypto/bio/bss_sock.c
index 60e5adc04a633e8b05ace15363e460ee36219c2c..0c9945939c5f9de2612c1248f3adf00ea21a32fe 100644 (file)
--- a/crypto/bio/bss_sock.c
+++ b/crypto/bio/bss_sock.c
@@ -108,7 +108,12 @@ static int sock_read(BIO *b, char *out, int outl)
 
     if (out != NULL) {
         clear_socket_error();
-        ret = readsocket(b->num, out, outl);
+# ifndef OPENSSL_NO_KTLS
+        if (BIO_get_ktls_recv(b))
+            ret = ktls_read_record(b->num, out, outl);
+        else
+# endif
+            ret = readsocket(b->num, out, outl);
         BIO_clear_retry_flags(b);
         if (ret <= 0) {
             if (BIO_sock_should_retry(ret))
@@ -177,20 +182,22 @@ static long sock_ctrl(BIO *b, int cmd, long num, void *ptr)
         ret = 1;
         break;
 # ifndef OPENSSL_NO_KTLS
-    case BIO_CTRL_SET_KTLS_SEND:
+    case BIO_CTRL_SET_KTLS:
         crypto_info = (struct tls12_crypto_info_aes_gcm_128 *)ptr;
         ret = ktls_start(b->num, crypto_info, sizeof(*crypto_info), num);
         if (ret)
-            BIO_set_ktls_flag(b);
+            BIO_set_ktls_flag(b, num);
         break;
     case BIO_CTRL_GET_KTLS_SEND:
-        return BIO_should_ktls_flag(b);
-    case BIO_CTRL_SET_KTLS_SEND_CTRL_MSG:
+        return BIO_should_ktls_flag(b, 1);
+    case BIO_CTRL_GET_KTLS_RECV:
+        return BIO_should_ktls_flag(b, 0);
+    case BIO_CTRL_SET_KTLS_TX_SEND_CTRL_MSG:
         BIO_set_ktls_ctrl_msg_flag(b);
         b->ptr = (void *)num;
         ret = 0;
         break;
-    case BIO_CTRL_CLEAR_KTLS_CTRL_MSG:
+    case BIO_CTRL_CLEAR_KTLS_TX_CTRL_MSG:
         BIO_clear_ktls_ctrl_msg_flag(b);
         ret = 0;
         break;

diff --git a/include/internal/bio.h b/include/internal/bio.h
index 1e80d5ac68214c187d6e252de644a319d02ff930..8f368e36b3b128e8fe5977ae8de34c9c023609e0 100644 (file)
--- a/include/internal/bio.h
+++ b/include/internal/bio.h
@@ -35,35 +35,38 @@ void bio_cleanup(void);
 int bwrite_conv(BIO *bio, const char *data, size_t datal, size_t *written);
 int bread_conv(BIO *bio, char *data, size_t datal, size_t *read);
 
-# define BIO_CTRL_SET_KTLS_SEND                 72
-# define BIO_CTRL_SET_KTLS_SEND_CTRL_MSG        74
-# define BIO_CTRL_CLEAR_KTLS_CTRL_MSG      75
+/* Changes to these internal BIOs must also update include/openssl/bio.h */
+# define BIO_CTRL_SET_KTLS                      72
+# define BIO_CTRL_SET_KTLS_TX_SEND_CTRL_MSG     74
+# define BIO_CTRL_CLEAR_KTLS_TX_CTRL_MSG        75
 
 /*
  * This is used with socket BIOs:
- * BIO_FLAGS_KTLS means we are using ktls with this BIO.
- * BIO_FLAGS_KTLS_CTRL_MSG means we are about to send a ctrl message next.
+ * BIO_FLAGS_KTLS_TX means we are using ktls with this BIO for sending.
+ * BIO_FLAGS_KTLS_TX_CTRL_MSG means we are about to send a ctrl message next.
+ * BIO_FLAGS_KTLS_RX means we are using ktls with this BIO for receiving.
  */
-# define BIO_FLAGS_KTLS          0x800
-# define BIO_FLAGS_KTLS_CTRL_MSG 0x1000
+# define BIO_FLAGS_KTLS_TX          0x800
+# define BIO_FLAGS_KTLS_TX_CTRL_MSG 0x1000
+# define BIO_FLAGS_KTLS_RX          0x2000
 
 /* KTLS related controls and flags */
-# define BIO_set_ktls_flag(b) \
-    BIO_set_flags(b, BIO_FLAGS_KTLS)
-# define BIO_should_ktls_flag(b) \
-    BIO_test_flags(b, BIO_FLAGS_KTLS)
+# define BIO_set_ktls_flag(b, is_tx) \
+    BIO_set_flags(b, (is_tx) ? BIO_FLAGS_KTLS_TX : BIO_FLAGS_KTLS_RX)
+# define BIO_should_ktls_flag(b, is_tx) \
+    BIO_test_flags(b, (is_tx) ? BIO_FLAGS_KTLS_TX : BIO_FLAGS_KTLS_RX)
 # define BIO_set_ktls_ctrl_msg_flag(b) \
-    BIO_set_flags(b, BIO_FLAGS_KTLS_CTRL_MSG)
+    BIO_set_flags(b, BIO_FLAGS_KTLS_TX_CTRL_MSG)
 # define BIO_should_ktls_ctrl_msg_flag(b) \
-    BIO_test_flags(b, (BIO_FLAGS_KTLS_CTRL_MSG))
+    BIO_test_flags(b, BIO_FLAGS_KTLS_TX_CTRL_MSG)
 # define BIO_clear_ktls_ctrl_msg_flag(b) \
-    BIO_clear_flags(b, (BIO_FLAGS_KTLS_CTRL_MSG))
+    BIO_clear_flags(b, BIO_FLAGS_KTLS_TX_CTRL_MSG)
 
 #  define BIO_set_ktls(b, keyblob, is_tx)   \
-     BIO_ctrl(b, BIO_CTRL_SET_KTLS_SEND, is_tx, keyblob)
+     BIO_ctrl(b, BIO_CTRL_SET_KTLS, is_tx, keyblob)
 #  define BIO_set_ktls_ctrl_msg(b, record_type)   \
-     BIO_ctrl(b, BIO_CTRL_SET_KTLS_SEND_CTRL_MSG, record_type, NULL)
+     BIO_ctrl(b, BIO_CTRL_SET_KTLS_TX_SEND_CTRL_MSG, record_type, NULL)
 #  define BIO_clear_ktls_ctrl_msg(b) \
-     BIO_ctrl(b, BIO_CTRL_CLEAR_KTLS_CTRL_MSG, 0, NULL)
+     BIO_ctrl(b, BIO_CTRL_CLEAR_KTLS_TX_CTRL_MSG, 0, NULL)
 
 #endif

diff --git a/include/openssl/bio.h b/include/openssl/bio.h
index ed9d489537f8df81175ae3ac9e90d6660e7a5197..85cbe0ae67f8a014372b5732ac9f6e213f9243d0 100644 (file)
--- a/include/openssl/bio.h
+++ b/include/openssl/bio.h
@@ -145,15 +145,20 @@ extern "C" {
 
 # define BIO_CTRL_DGRAM_SET_PEEK_MODE      71
 
-/* internal BIO see include/internal/bio.h:
+/*
+ * internal BIO see include/internal/bio.h:
  * # define BIO_CTRL_SET_KTLS_SEND                 72
  * # define BIO_CTRL_SET_KTLS_SEND_CTRL_MSG        74
- * # define BIO_CTRL_CLEAR_KTLS_CTRL_MSG      75
+ * # define BIO_CTRL_CLEAR_KTLS_CTRL_MSG           75
  */
 
 #  define BIO_CTRL_GET_KTLS_SEND                 73
+#  define BIO_CTRL_GET_KTLS_RECV                 76
+
 #  define BIO_get_ktls_send(b)         \
      BIO_ctrl(b, BIO_CTRL_GET_KTLS_SEND, 0, NULL)
+#  define BIO_get_ktls_recv(b)         \
+     BIO_ctrl(b, BIO_CTRL_GET_KTLS_RECV, 0, NULL)
 
 /* modifiers */
 # define BIO_FP_READ             0x02