Hi! This series cleans up and improves the tls code, mostly the offload parts.
First a slight performance optimization - avoiding unnecessary re- -encryption of records in patch 1. Next patch 2 makes the code more resilient by checking for errors in skb_copy_bits(). Next commit removes a warning which can be triggered in normal operation, (especially for devices explicitly making use of the fallback path). Next two paths change the condition checking around the call to tls_device_decrypted() to make it easier to extend. Remaining commits are centered around reorganizing struct tls_context for better cache utilization. Jakub Kicinski (8): net/tls: fully initialize the msg wrapper skb net/tls: check return values from skb_copy_bits() and skb_store_bits() net/tls: remove false positive warning net/tls: don't look for decrypted frames on non-offloaded sockets net/tls: don't re-check msg decrypted status in tls_device_decrypted() net/tls: use version from prot net/tls: reorganize struct tls_context net/tls: don't pass version to tls_advance_record_sn() Documentation/networking/tls-offload.rst | 19 ------------- include/linux/skbuff.h | 1 + include/net/tls.h | 36 ++++++++++++------------ net/core/skbuff.c | 25 ++++++++++++++++ net/strparser/strparser.c | 10 ++----- net/tls/tls_device.c | 28 ++++++++++-------- net/tls/tls_device_fallback.c | 6 ++-- net/tls/tls_sw.c | 17 +++++------ 8 files changed, 76 insertions(+), 66 deletions(-) -- 2.21.0
