xref: /openbmc/linux/net/tls/tls_main.c (revision 09b35b41)
1 /*
2  * Copyright (c) 2016-2017, Mellanox Technologies. All rights reserved.
3  * Copyright (c) 2016-2017, Dave Watson <davejwatson@fb.com>. All rights reserved.
4  *
5  * This software is available to you under a choice of one of two
6  * licenses.  You may choose to be licensed under the terms of the GNU
7  * General Public License (GPL) Version 2, available from the file
8  * COPYING in the main directory of this source tree, or the
9  * OpenIB.org BSD license below:
10  *
11  *     Redistribution and use in source and binary forms, with or
12  *     without modification, are permitted provided that the following
13  *     conditions are met:
14  *
15  *      - Redistributions of source code must retain the above
16  *        copyright notice, this list of conditions and the following
17  *        disclaimer.
18  *
19  *      - Redistributions in binary form must reproduce the above
20  *        copyright notice, this list of conditions and the following
21  *        disclaimer in the documentation and/or other materials
22  *        provided with the distribution.
23  *
24  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
25  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
26  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
27  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
28  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
29  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
30  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
31  * SOFTWARE.
32  */
33 
34 #include <linux/module.h>
35 
36 #include <net/tcp.h>
37 #include <net/inet_common.h>
38 #include <linux/highmem.h>
39 #include <linux/netdevice.h>
40 #include <linux/sched/signal.h>
41 #include <linux/inetdevice.h>
42 #include <linux/inet_diag.h>
43 
44 #include <net/tls.h>
45 
46 MODULE_AUTHOR("Mellanox Technologies");
47 MODULE_DESCRIPTION("Transport Layer Security Support");
48 MODULE_LICENSE("Dual BSD/GPL");
49 MODULE_ALIAS_TCP_ULP("tls");
50 
51 enum {
52 	TLSV4,
53 	TLSV6,
54 	TLS_NUM_PROTS,
55 };
56 
57 static struct proto *saved_tcpv6_prot;
58 static DEFINE_MUTEX(tcpv6_prot_mutex);
59 static struct proto *saved_tcpv4_prot;
60 static DEFINE_MUTEX(tcpv4_prot_mutex);
61 static LIST_HEAD(device_list);
62 static DEFINE_SPINLOCK(device_spinlock);
63 static struct proto tls_prots[TLS_NUM_PROTS][TLS_NUM_CONFIG][TLS_NUM_CONFIG];
64 static struct proto_ops tls_sw_proto_ops;
65 static void build_protos(struct proto prot[TLS_NUM_CONFIG][TLS_NUM_CONFIG],
66 			 struct proto *base);
67 
68 static void update_sk_prot(struct sock *sk, struct tls_context *ctx)
69 {
70 	int ip_ver = sk->sk_family == AF_INET6 ? TLSV6 : TLSV4;
71 
72 	sk->sk_prot = &tls_prots[ip_ver][ctx->tx_conf][ctx->rx_conf];
73 }
74 
75 int wait_on_pending_writer(struct sock *sk, long *timeo)
76 {
77 	int rc = 0;
78 	DEFINE_WAIT_FUNC(wait, woken_wake_function);
79 
80 	add_wait_queue(sk_sleep(sk), &wait);
81 	while (1) {
82 		if (!*timeo) {
83 			rc = -EAGAIN;
84 			break;
85 		}
86 
87 		if (signal_pending(current)) {
88 			rc = sock_intr_errno(*timeo);
89 			break;
90 		}
91 
92 		if (sk_wait_event(sk, timeo, !sk->sk_write_pending, &wait))
93 			break;
94 	}
95 	remove_wait_queue(sk_sleep(sk), &wait);
96 	return rc;
97 }
98 
99 int tls_push_sg(struct sock *sk,
100 		struct tls_context *ctx,
101 		struct scatterlist *sg,
102 		u16 first_offset,
103 		int flags)
104 {
105 	int sendpage_flags = flags | MSG_SENDPAGE_NOTLAST;
106 	int ret = 0;
107 	struct page *p;
108 	size_t size;
109 	int offset = first_offset;
110 
111 	size = sg->length - offset;
112 	offset += sg->offset;
113 
114 	ctx->in_tcp_sendpages = true;
115 	while (1) {
116 		if (sg_is_last(sg))
117 			sendpage_flags = flags;
118 
119 		/* is sending application-limited? */
120 		tcp_rate_check_app_limited(sk);
121 		p = sg_page(sg);
122 retry:
123 		ret = do_tcp_sendpages(sk, p, offset, size, sendpage_flags);
124 
125 		if (ret != size) {
126 			if (ret > 0) {
127 				offset += ret;
128 				size -= ret;
129 				goto retry;
130 			}
131 
132 			offset -= sg->offset;
133 			ctx->partially_sent_offset = offset;
134 			ctx->partially_sent_record = (void *)sg;
135 			ctx->in_tcp_sendpages = false;
136 			return ret;
137 		}
138 
139 		put_page(p);
140 		sk_mem_uncharge(sk, sg->length);
141 		sg = sg_next(sg);
142 		if (!sg)
143 			break;
144 
145 		offset = sg->offset;
146 		size = sg->length;
147 	}
148 
149 	ctx->in_tcp_sendpages = false;
150 
151 	return 0;
152 }
153 
154 static int tls_handle_open_record(struct sock *sk, int flags)
155 {
156 	struct tls_context *ctx = tls_get_ctx(sk);
157 
158 	if (tls_is_pending_open_record(ctx))
159 		return ctx->push_pending_record(sk, flags);
160 
161 	return 0;
162 }
163 
164 int tls_proccess_cmsg(struct sock *sk, struct msghdr *msg,
165 		      unsigned char *record_type)
166 {
167 	struct cmsghdr *cmsg;
168 	int rc = -EINVAL;
169 
170 	for_each_cmsghdr(cmsg, msg) {
171 		if (!CMSG_OK(msg, cmsg))
172 			return -EINVAL;
173 		if (cmsg->cmsg_level != SOL_TLS)
174 			continue;
175 
176 		switch (cmsg->cmsg_type) {
177 		case TLS_SET_RECORD_TYPE:
178 			if (cmsg->cmsg_len < CMSG_LEN(sizeof(*record_type)))
179 				return -EINVAL;
180 
181 			if (msg->msg_flags & MSG_MORE)
182 				return -EINVAL;
183 
184 			rc = tls_handle_open_record(sk, msg->msg_flags);
185 			if (rc)
186 				return rc;
187 
188 			*record_type = *(unsigned char *)CMSG_DATA(cmsg);
189 			rc = 0;
190 			break;
191 		default:
192 			return -EINVAL;
193 		}
194 	}
195 
196 	return rc;
197 }
198 
199 int tls_push_partial_record(struct sock *sk, struct tls_context *ctx,
200 			    int flags)
201 {
202 	struct scatterlist *sg;
203 	u16 offset;
204 
205 	sg = ctx->partially_sent_record;
206 	offset = ctx->partially_sent_offset;
207 
208 	ctx->partially_sent_record = NULL;
209 	return tls_push_sg(sk, ctx, sg, offset, flags);
210 }
211 
212 bool tls_free_partial_record(struct sock *sk, struct tls_context *ctx)
213 {
214 	struct scatterlist *sg;
215 
216 	sg = ctx->partially_sent_record;
217 	if (!sg)
218 		return false;
219 
220 	while (1) {
221 		put_page(sg_page(sg));
222 		sk_mem_uncharge(sk, sg->length);
223 
224 		if (sg_is_last(sg))
225 			break;
226 		sg++;
227 	}
228 	ctx->partially_sent_record = NULL;
229 	return true;
230 }
231 
232 static void tls_write_space(struct sock *sk)
233 {
234 	struct tls_context *ctx = tls_get_ctx(sk);
235 
236 	/* If in_tcp_sendpages call lower protocol write space handler
237 	 * to ensure we wake up any waiting operations there. For example
238 	 * if do_tcp_sendpages where to call sk_wait_event.
239 	 */
240 	if (ctx->in_tcp_sendpages) {
241 		ctx->sk_write_space(sk);
242 		return;
243 	}
244 
245 #ifdef CONFIG_TLS_DEVICE
246 	if (ctx->tx_conf == TLS_HW)
247 		tls_device_write_space(sk, ctx);
248 	else
249 #endif
250 		tls_sw_write_space(sk, ctx);
251 
252 	ctx->sk_write_space(sk);
253 }
254 
255 /**
256  * tls_ctx_free() - free TLS ULP context
257  * @sk:  socket to with @ctx is attached
258  * @ctx: TLS context structure
259  *
260  * Free TLS context. If @sk is %NULL caller guarantees that the socket
261  * to which @ctx was attached has no outstanding references.
262  */
263 void tls_ctx_free(struct sock *sk, struct tls_context *ctx)
264 {
265 	if (!ctx)
266 		return;
267 
268 	memzero_explicit(&ctx->crypto_send, sizeof(ctx->crypto_send));
269 	memzero_explicit(&ctx->crypto_recv, sizeof(ctx->crypto_recv));
270 
271 	if (sk)
272 		kfree_rcu(ctx, rcu);
273 	else
274 		kfree(ctx);
275 }
276 
277 static void tls_sk_proto_cleanup(struct sock *sk,
278 				 struct tls_context *ctx, long timeo)
279 {
280 	if (unlikely(sk->sk_write_pending) &&
281 	    !wait_on_pending_writer(sk, &timeo))
282 		tls_handle_open_record(sk, 0);
283 
284 	/* We need these for tls_sw_fallback handling of other packets */
285 	if (ctx->tx_conf == TLS_SW) {
286 		kfree(ctx->tx.rec_seq);
287 		kfree(ctx->tx.iv);
288 		tls_sw_release_resources_tx(sk);
289 	} else if (ctx->tx_conf == TLS_HW) {
290 		tls_device_free_resources_tx(sk);
291 	}
292 
293 	if (ctx->rx_conf == TLS_SW)
294 		tls_sw_release_resources_rx(sk);
295 	else if (ctx->rx_conf == TLS_HW)
296 		tls_device_offload_cleanup_rx(sk);
297 }
298 
299 static void tls_sk_proto_close(struct sock *sk, long timeout)
300 {
301 	struct inet_connection_sock *icsk = inet_csk(sk);
302 	struct tls_context *ctx = tls_get_ctx(sk);
303 	long timeo = sock_sndtimeo(sk, 0);
304 	bool free_ctx;
305 
306 	if (ctx->tx_conf == TLS_SW)
307 		tls_sw_cancel_work_tx(ctx);
308 
309 	lock_sock(sk);
310 	free_ctx = ctx->tx_conf != TLS_HW && ctx->rx_conf != TLS_HW;
311 
312 	if (ctx->tx_conf != TLS_BASE || ctx->rx_conf != TLS_BASE)
313 		tls_sk_proto_cleanup(sk, ctx, timeo);
314 
315 	write_lock_bh(&sk->sk_callback_lock);
316 	if (free_ctx)
317 		rcu_assign_pointer(icsk->icsk_ulp_data, NULL);
318 	sk->sk_prot = ctx->sk_proto;
319 	if (sk->sk_write_space == tls_write_space)
320 		sk->sk_write_space = ctx->sk_write_space;
321 	write_unlock_bh(&sk->sk_callback_lock);
322 	release_sock(sk);
323 	if (ctx->tx_conf == TLS_SW)
324 		tls_sw_free_ctx_tx(ctx);
325 	if (ctx->rx_conf == TLS_SW || ctx->rx_conf == TLS_HW)
326 		tls_sw_strparser_done(ctx);
327 	if (ctx->rx_conf == TLS_SW)
328 		tls_sw_free_ctx_rx(ctx);
329 	ctx->sk_proto->close(sk, timeout);
330 
331 	if (free_ctx)
332 		tls_ctx_free(sk, ctx);
333 }
334 
335 static int do_tls_getsockopt_tx(struct sock *sk, char __user *optval,
336 				int __user *optlen)
337 {
338 	int rc = 0;
339 	struct tls_context *ctx = tls_get_ctx(sk);
340 	struct tls_crypto_info *crypto_info;
341 	int len;
342 
343 	if (get_user(len, optlen))
344 		return -EFAULT;
345 
346 	if (!optval || (len < sizeof(*crypto_info))) {
347 		rc = -EINVAL;
348 		goto out;
349 	}
350 
351 	if (!ctx) {
352 		rc = -EBUSY;
353 		goto out;
354 	}
355 
356 	/* get user crypto info */
357 	crypto_info = &ctx->crypto_send.info;
358 
359 	if (!TLS_CRYPTO_INFO_READY(crypto_info)) {
360 		rc = -EBUSY;
361 		goto out;
362 	}
363 
364 	if (len == sizeof(*crypto_info)) {
365 		if (copy_to_user(optval, crypto_info, sizeof(*crypto_info)))
366 			rc = -EFAULT;
367 		goto out;
368 	}
369 
370 	switch (crypto_info->cipher_type) {
371 	case TLS_CIPHER_AES_GCM_128: {
372 		struct tls12_crypto_info_aes_gcm_128 *
373 		  crypto_info_aes_gcm_128 =
374 		  container_of(crypto_info,
375 			       struct tls12_crypto_info_aes_gcm_128,
376 			       info);
377 
378 		if (len != sizeof(*crypto_info_aes_gcm_128)) {
379 			rc = -EINVAL;
380 			goto out;
381 		}
382 		lock_sock(sk);
383 		memcpy(crypto_info_aes_gcm_128->iv,
384 		       ctx->tx.iv + TLS_CIPHER_AES_GCM_128_SALT_SIZE,
385 		       TLS_CIPHER_AES_GCM_128_IV_SIZE);
386 		memcpy(crypto_info_aes_gcm_128->rec_seq, ctx->tx.rec_seq,
387 		       TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
388 		release_sock(sk);
389 		if (copy_to_user(optval,
390 				 crypto_info_aes_gcm_128,
391 				 sizeof(*crypto_info_aes_gcm_128)))
392 			rc = -EFAULT;
393 		break;
394 	}
395 	case TLS_CIPHER_AES_GCM_256: {
396 		struct tls12_crypto_info_aes_gcm_256 *
397 		  crypto_info_aes_gcm_256 =
398 		  container_of(crypto_info,
399 			       struct tls12_crypto_info_aes_gcm_256,
400 			       info);
401 
402 		if (len != sizeof(*crypto_info_aes_gcm_256)) {
403 			rc = -EINVAL;
404 			goto out;
405 		}
406 		lock_sock(sk);
407 		memcpy(crypto_info_aes_gcm_256->iv,
408 		       ctx->tx.iv + TLS_CIPHER_AES_GCM_256_SALT_SIZE,
409 		       TLS_CIPHER_AES_GCM_256_IV_SIZE);
410 		memcpy(crypto_info_aes_gcm_256->rec_seq, ctx->tx.rec_seq,
411 		       TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
412 		release_sock(sk);
413 		if (copy_to_user(optval,
414 				 crypto_info_aes_gcm_256,
415 				 sizeof(*crypto_info_aes_gcm_256)))
416 			rc = -EFAULT;
417 		break;
418 	}
419 	default:
420 		rc = -EINVAL;
421 	}
422 
423 out:
424 	return rc;
425 }
426 
427 static int do_tls_getsockopt(struct sock *sk, int optname,
428 			     char __user *optval, int __user *optlen)
429 {
430 	int rc = 0;
431 
432 	switch (optname) {
433 	case TLS_TX:
434 		rc = do_tls_getsockopt_tx(sk, optval, optlen);
435 		break;
436 	default:
437 		rc = -ENOPROTOOPT;
438 		break;
439 	}
440 	return rc;
441 }
442 
443 static int tls_getsockopt(struct sock *sk, int level, int optname,
444 			  char __user *optval, int __user *optlen)
445 {
446 	struct tls_context *ctx = tls_get_ctx(sk);
447 
448 	if (level != SOL_TLS)
449 		return ctx->sk_proto->getsockopt(sk, level,
450 						 optname, optval, optlen);
451 
452 	return do_tls_getsockopt(sk, optname, optval, optlen);
453 }
454 
455 static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval,
456 				  unsigned int optlen, int tx)
457 {
458 	struct tls_crypto_info *crypto_info;
459 	struct tls_crypto_info *alt_crypto_info;
460 	struct tls_context *ctx = tls_get_ctx(sk);
461 	size_t optsize;
462 	int rc = 0;
463 	int conf;
464 
465 	if (!optval || (optlen < sizeof(*crypto_info))) {
466 		rc = -EINVAL;
467 		goto out;
468 	}
469 
470 	if (tx) {
471 		crypto_info = &ctx->crypto_send.info;
472 		alt_crypto_info = &ctx->crypto_recv.info;
473 	} else {
474 		crypto_info = &ctx->crypto_recv.info;
475 		alt_crypto_info = &ctx->crypto_send.info;
476 	}
477 
478 	/* Currently we don't support set crypto info more than one time */
479 	if (TLS_CRYPTO_INFO_READY(crypto_info)) {
480 		rc = -EBUSY;
481 		goto out;
482 	}
483 
484 	rc = copy_from_user(crypto_info, optval, sizeof(*crypto_info));
485 	if (rc) {
486 		rc = -EFAULT;
487 		goto err_crypto_info;
488 	}
489 
490 	/* check version */
491 	if (crypto_info->version != TLS_1_2_VERSION &&
492 	    crypto_info->version != TLS_1_3_VERSION) {
493 		rc = -ENOTSUPP;
494 		goto err_crypto_info;
495 	}
496 
497 	/* Ensure that TLS version and ciphers are same in both directions */
498 	if (TLS_CRYPTO_INFO_READY(alt_crypto_info)) {
499 		if (alt_crypto_info->version != crypto_info->version ||
500 		    alt_crypto_info->cipher_type != crypto_info->cipher_type) {
501 			rc = -EINVAL;
502 			goto err_crypto_info;
503 		}
504 	}
505 
506 	switch (crypto_info->cipher_type) {
507 	case TLS_CIPHER_AES_GCM_128:
508 		optsize = sizeof(struct tls12_crypto_info_aes_gcm_128);
509 		break;
510 	case TLS_CIPHER_AES_GCM_256: {
511 		optsize = sizeof(struct tls12_crypto_info_aes_gcm_256);
512 		break;
513 	}
514 	case TLS_CIPHER_AES_CCM_128:
515 		optsize = sizeof(struct tls12_crypto_info_aes_ccm_128);
516 		break;
517 	default:
518 		rc = -EINVAL;
519 		goto err_crypto_info;
520 	}
521 
522 	if (optlen != optsize) {
523 		rc = -EINVAL;
524 		goto err_crypto_info;
525 	}
526 
527 	rc = copy_from_user(crypto_info + 1, optval + sizeof(*crypto_info),
528 			    optlen - sizeof(*crypto_info));
529 	if (rc) {
530 		rc = -EFAULT;
531 		goto err_crypto_info;
532 	}
533 
534 	if (tx) {
535 		rc = tls_set_device_offload(sk, ctx);
536 		conf = TLS_HW;
537 		if (rc) {
538 			rc = tls_set_sw_offload(sk, ctx, 1);
539 			if (rc)
540 				goto err_crypto_info;
541 			conf = TLS_SW;
542 		}
543 	} else {
544 		rc = tls_set_device_offload_rx(sk, ctx);
545 		conf = TLS_HW;
546 		if (rc) {
547 			rc = tls_set_sw_offload(sk, ctx, 0);
548 			if (rc)
549 				goto err_crypto_info;
550 			conf = TLS_SW;
551 		}
552 		tls_sw_strparser_arm(sk, ctx);
553 	}
554 
555 	if (tx)
556 		ctx->tx_conf = conf;
557 	else
558 		ctx->rx_conf = conf;
559 	update_sk_prot(sk, ctx);
560 	if (tx) {
561 		ctx->sk_write_space = sk->sk_write_space;
562 		sk->sk_write_space = tls_write_space;
563 	} else {
564 		sk->sk_socket->ops = &tls_sw_proto_ops;
565 	}
566 	goto out;
567 
568 err_crypto_info:
569 	memzero_explicit(crypto_info, sizeof(union tls_crypto_context));
570 out:
571 	return rc;
572 }
573 
574 static int do_tls_setsockopt(struct sock *sk, int optname,
575 			     char __user *optval, unsigned int optlen)
576 {
577 	int rc = 0;
578 
579 	switch (optname) {
580 	case TLS_TX:
581 	case TLS_RX:
582 		lock_sock(sk);
583 		rc = do_tls_setsockopt_conf(sk, optval, optlen,
584 					    optname == TLS_TX);
585 		release_sock(sk);
586 		break;
587 	default:
588 		rc = -ENOPROTOOPT;
589 		break;
590 	}
591 	return rc;
592 }
593 
594 static int tls_setsockopt(struct sock *sk, int level, int optname,
595 			  char __user *optval, unsigned int optlen)
596 {
597 	struct tls_context *ctx = tls_get_ctx(sk);
598 
599 	if (level != SOL_TLS)
600 		return ctx->sk_proto->setsockopt(sk, level, optname, optval,
601 						 optlen);
602 
603 	return do_tls_setsockopt(sk, optname, optval, optlen);
604 }
605 
606 static struct tls_context *create_ctx(struct sock *sk)
607 {
608 	struct inet_connection_sock *icsk = inet_csk(sk);
609 	struct tls_context *ctx;
610 
611 	ctx = kzalloc(sizeof(*ctx), GFP_ATOMIC);
612 	if (!ctx)
613 		return NULL;
614 
615 	rcu_assign_pointer(icsk->icsk_ulp_data, ctx);
616 	ctx->sk_proto = sk->sk_prot;
617 	return ctx;
618 }
619 
620 static void tls_build_proto(struct sock *sk)
621 {
622 	int ip_ver = sk->sk_family == AF_INET6 ? TLSV6 : TLSV4;
623 
624 	/* Build IPv6 TLS whenever the address of tcpv6 _prot changes */
625 	if (ip_ver == TLSV6 &&
626 	    unlikely(sk->sk_prot != smp_load_acquire(&saved_tcpv6_prot))) {
627 		mutex_lock(&tcpv6_prot_mutex);
628 		if (likely(sk->sk_prot != saved_tcpv6_prot)) {
629 			build_protos(tls_prots[TLSV6], sk->sk_prot);
630 			smp_store_release(&saved_tcpv6_prot, sk->sk_prot);
631 		}
632 		mutex_unlock(&tcpv6_prot_mutex);
633 	}
634 
635 	if (ip_ver == TLSV4 &&
636 	    unlikely(sk->sk_prot != smp_load_acquire(&saved_tcpv4_prot))) {
637 		mutex_lock(&tcpv4_prot_mutex);
638 		if (likely(sk->sk_prot != saved_tcpv4_prot)) {
639 			build_protos(tls_prots[TLSV4], sk->sk_prot);
640 			smp_store_release(&saved_tcpv4_prot, sk->sk_prot);
641 		}
642 		mutex_unlock(&tcpv4_prot_mutex);
643 	}
644 }
645 
646 static void tls_hw_sk_destruct(struct sock *sk)
647 {
648 	struct tls_context *ctx = tls_get_ctx(sk);
649 	struct inet_connection_sock *icsk = inet_csk(sk);
650 
651 	ctx->sk_destruct(sk);
652 	/* Free ctx */
653 	rcu_assign_pointer(icsk->icsk_ulp_data, NULL);
654 	tls_ctx_free(sk, ctx);
655 }
656 
657 static int tls_hw_prot(struct sock *sk)
658 {
659 	struct tls_context *ctx;
660 	struct tls_device *dev;
661 	int rc = 0;
662 
663 	spin_lock_bh(&device_spinlock);
664 	list_for_each_entry(dev, &device_list, dev_list) {
665 		if (dev->feature && dev->feature(dev)) {
666 			ctx = create_ctx(sk);
667 			if (!ctx)
668 				goto out;
669 
670 			spin_unlock_bh(&device_spinlock);
671 			tls_build_proto(sk);
672 			ctx->sk_destruct = sk->sk_destruct;
673 			sk->sk_destruct = tls_hw_sk_destruct;
674 			ctx->rx_conf = TLS_HW_RECORD;
675 			ctx->tx_conf = TLS_HW_RECORD;
676 			update_sk_prot(sk, ctx);
677 			spin_lock_bh(&device_spinlock);
678 			rc = 1;
679 			break;
680 		}
681 	}
682 out:
683 	spin_unlock_bh(&device_spinlock);
684 	return rc;
685 }
686 
687 static void tls_hw_unhash(struct sock *sk)
688 {
689 	struct tls_context *ctx = tls_get_ctx(sk);
690 	struct tls_device *dev;
691 
692 	spin_lock_bh(&device_spinlock);
693 	list_for_each_entry(dev, &device_list, dev_list) {
694 		if (dev->unhash) {
695 			kref_get(&dev->kref);
696 			spin_unlock_bh(&device_spinlock);
697 			dev->unhash(dev, sk);
698 			kref_put(&dev->kref, dev->release);
699 			spin_lock_bh(&device_spinlock);
700 		}
701 	}
702 	spin_unlock_bh(&device_spinlock);
703 	ctx->sk_proto->unhash(sk);
704 }
705 
706 static int tls_hw_hash(struct sock *sk)
707 {
708 	struct tls_context *ctx = tls_get_ctx(sk);
709 	struct tls_device *dev;
710 	int err;
711 
712 	err = ctx->sk_proto->hash(sk);
713 	spin_lock_bh(&device_spinlock);
714 	list_for_each_entry(dev, &device_list, dev_list) {
715 		if (dev->hash) {
716 			kref_get(&dev->kref);
717 			spin_unlock_bh(&device_spinlock);
718 			err |= dev->hash(dev, sk);
719 			kref_put(&dev->kref, dev->release);
720 			spin_lock_bh(&device_spinlock);
721 		}
722 	}
723 	spin_unlock_bh(&device_spinlock);
724 
725 	if (err)
726 		tls_hw_unhash(sk);
727 	return err;
728 }
729 
730 static void build_protos(struct proto prot[TLS_NUM_CONFIG][TLS_NUM_CONFIG],
731 			 struct proto *base)
732 {
733 	prot[TLS_BASE][TLS_BASE] = *base;
734 	prot[TLS_BASE][TLS_BASE].setsockopt	= tls_setsockopt;
735 	prot[TLS_BASE][TLS_BASE].getsockopt	= tls_getsockopt;
736 	prot[TLS_BASE][TLS_BASE].close		= tls_sk_proto_close;
737 
738 	prot[TLS_SW][TLS_BASE] = prot[TLS_BASE][TLS_BASE];
739 	prot[TLS_SW][TLS_BASE].sendmsg		= tls_sw_sendmsg;
740 	prot[TLS_SW][TLS_BASE].sendpage		= tls_sw_sendpage;
741 
742 	prot[TLS_BASE][TLS_SW] = prot[TLS_BASE][TLS_BASE];
743 	prot[TLS_BASE][TLS_SW].recvmsg		  = tls_sw_recvmsg;
744 	prot[TLS_BASE][TLS_SW].stream_memory_read = tls_sw_stream_read;
745 	prot[TLS_BASE][TLS_SW].close		  = tls_sk_proto_close;
746 
747 	prot[TLS_SW][TLS_SW] = prot[TLS_SW][TLS_BASE];
748 	prot[TLS_SW][TLS_SW].recvmsg		= tls_sw_recvmsg;
749 	prot[TLS_SW][TLS_SW].stream_memory_read	= tls_sw_stream_read;
750 	prot[TLS_SW][TLS_SW].close		= tls_sk_proto_close;
751 
752 #ifdef CONFIG_TLS_DEVICE
753 	prot[TLS_HW][TLS_BASE] = prot[TLS_BASE][TLS_BASE];
754 	prot[TLS_HW][TLS_BASE].sendmsg		= tls_device_sendmsg;
755 	prot[TLS_HW][TLS_BASE].sendpage		= tls_device_sendpage;
756 
757 	prot[TLS_HW][TLS_SW] = prot[TLS_BASE][TLS_SW];
758 	prot[TLS_HW][TLS_SW].sendmsg		= tls_device_sendmsg;
759 	prot[TLS_HW][TLS_SW].sendpage		= tls_device_sendpage;
760 
761 	prot[TLS_BASE][TLS_HW] = prot[TLS_BASE][TLS_SW];
762 
763 	prot[TLS_SW][TLS_HW] = prot[TLS_SW][TLS_SW];
764 
765 	prot[TLS_HW][TLS_HW] = prot[TLS_HW][TLS_SW];
766 #endif
767 
768 	prot[TLS_HW_RECORD][TLS_HW_RECORD] = *base;
769 	prot[TLS_HW_RECORD][TLS_HW_RECORD].hash		= tls_hw_hash;
770 	prot[TLS_HW_RECORD][TLS_HW_RECORD].unhash	= tls_hw_unhash;
771 }
772 
773 static int tls_init(struct sock *sk)
774 {
775 	struct tls_context *ctx;
776 	int rc = 0;
777 
778 	if (tls_hw_prot(sk))
779 		return 0;
780 
781 	/* The TLS ulp is currently supported only for TCP sockets
782 	 * in ESTABLISHED state.
783 	 * Supporting sockets in LISTEN state will require us
784 	 * to modify the accept implementation to clone rather then
785 	 * share the ulp context.
786 	 */
787 	if (sk->sk_state != TCP_ESTABLISHED)
788 		return -ENOTSUPP;
789 
790 	tls_build_proto(sk);
791 
792 	/* allocate tls context */
793 	write_lock_bh(&sk->sk_callback_lock);
794 	ctx = create_ctx(sk);
795 	if (!ctx) {
796 		rc = -ENOMEM;
797 		goto out;
798 	}
799 
800 	ctx->tx_conf = TLS_BASE;
801 	ctx->rx_conf = TLS_BASE;
802 	update_sk_prot(sk, ctx);
803 out:
804 	write_unlock_bh(&sk->sk_callback_lock);
805 	return rc;
806 }
807 
808 static void tls_update(struct sock *sk, struct proto *p)
809 {
810 	struct tls_context *ctx;
811 
812 	ctx = tls_get_ctx(sk);
813 	if (likely(ctx))
814 		ctx->sk_proto = p;
815 	else
816 		sk->sk_prot = p;
817 }
818 
819 static int tls_get_info(const struct sock *sk, struct sk_buff *skb)
820 {
821 	u16 version, cipher_type;
822 	struct tls_context *ctx;
823 	struct nlattr *start;
824 	int err;
825 
826 	start = nla_nest_start_noflag(skb, INET_ULP_INFO_TLS);
827 	if (!start)
828 		return -EMSGSIZE;
829 
830 	rcu_read_lock();
831 	ctx = rcu_dereference(inet_csk(sk)->icsk_ulp_data);
832 	if (!ctx) {
833 		err = 0;
834 		goto nla_failure;
835 	}
836 	version = ctx->prot_info.version;
837 	if (version) {
838 		err = nla_put_u16(skb, TLS_INFO_VERSION, version);
839 		if (err)
840 			goto nla_failure;
841 	}
842 	cipher_type = ctx->prot_info.cipher_type;
843 	if (cipher_type) {
844 		err = nla_put_u16(skb, TLS_INFO_CIPHER, cipher_type);
845 		if (err)
846 			goto nla_failure;
847 	}
848 	err = nla_put_u16(skb, TLS_INFO_TXCONF, tls_user_config(ctx, true));
849 	if (err)
850 		goto nla_failure;
851 
852 	err = nla_put_u16(skb, TLS_INFO_RXCONF, tls_user_config(ctx, false));
853 	if (err)
854 		goto nla_failure;
855 
856 	rcu_read_unlock();
857 	nla_nest_end(skb, start);
858 	return 0;
859 
860 nla_failure:
861 	rcu_read_unlock();
862 	nla_nest_cancel(skb, start);
863 	return err;
864 }
865 
866 static size_t tls_get_info_size(const struct sock *sk)
867 {
868 	size_t size = 0;
869 
870 	size += nla_total_size(0) +		/* INET_ULP_INFO_TLS */
871 		nla_total_size(sizeof(u16)) +	/* TLS_INFO_VERSION */
872 		nla_total_size(sizeof(u16)) +	/* TLS_INFO_CIPHER */
873 		nla_total_size(sizeof(u16)) +	/* TLS_INFO_RXCONF */
874 		nla_total_size(sizeof(u16)) +	/* TLS_INFO_TXCONF */
875 		0;
876 
877 	return size;
878 }
879 
880 void tls_register_device(struct tls_device *device)
881 {
882 	spin_lock_bh(&device_spinlock);
883 	list_add_tail(&device->dev_list, &device_list);
884 	spin_unlock_bh(&device_spinlock);
885 }
886 EXPORT_SYMBOL(tls_register_device);
887 
888 void tls_unregister_device(struct tls_device *device)
889 {
890 	spin_lock_bh(&device_spinlock);
891 	list_del(&device->dev_list);
892 	spin_unlock_bh(&device_spinlock);
893 }
894 EXPORT_SYMBOL(tls_unregister_device);
895 
896 static struct tcp_ulp_ops tcp_tls_ulp_ops __read_mostly = {
897 	.name			= "tls",
898 	.owner			= THIS_MODULE,
899 	.init			= tls_init,
900 	.update			= tls_update,
901 	.get_info		= tls_get_info,
902 	.get_info_size		= tls_get_info_size,
903 };
904 
905 static int __init tls_register(void)
906 {
907 	tls_sw_proto_ops = inet_stream_ops;
908 	tls_sw_proto_ops.splice_read = tls_sw_splice_read;
909 
910 	tls_device_init();
911 	tcp_register_ulp(&tcp_tls_ulp_ops);
912 
913 	return 0;
914 }
915 
916 static void __exit tls_unregister(void)
917 {
918 	tcp_unregister_ulp(&tcp_tls_ulp_ops);
919 	tls_device_cleanup();
920 }
921 
922 module_init(tls_register);
923 module_exit(tls_unregister);
924