tls: hw: rx: use return value of tls_device_decrypted() to carry status

Instead of tls_device poking into internals of the message
return 1 from tls_device_decrypted() if the device handled
the decryption.

Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index 78d979e0f298ab4f7d381d9131e60b64ec43f0f6..5e4bd8ba48d31971d965c65cb0eded864ca090f4 100644 (file)
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -948,7 +948,6 @@ int tls_device_decrypted(struct sock *sk, struct tls_context *tls_ctx,
                         struct sk_buff *skb, struct strp_msg *rxm)
 {
        struct tls_offload_context_rx *ctx = tls_offload_ctx_rx(tls_ctx);
-       struct tls_msg *tlm = tls_msg(skb);
        int is_decrypted = skb->decrypted;
        int is_encrypted = !is_decrypted;
        struct sk_buff *skb_iter;
@@ -963,11 +962,9 @@ int tls_device_decrypted(struct sock *sk, struct tls_context *tls_ctx,
                                   tls_ctx->rx.rec_seq, rxm->full_len,
                                   is_encrypted, is_decrypted);
 
-       tlm->decrypted |= is_decrypted;
-
        if (unlikely(test_bit(TLS_RX_DEV_DEGRADED, &tls_ctx->flags))) {
                if (likely(is_encrypted || is_decrypted))
-                       return 0;
+                       return is_decrypted;
 
                /* After tls_device_down disables the offload, the next SKB will
                 * likely have initial fragments decrypted, and final ones not
@@ -982,7 +979,7 @@ int tls_device_decrypted(struct sock *sk, struct tls_context *tls_ctx,
         */
        if (is_decrypted) {
                ctx->resync_nh_reset = 1;
-               return 0;
+               return is_decrypted;
        }
        if (is_encrypted) {
                tls_device_core_ctrl_rx_resync(tls_ctx, ctx, sk, skb);

diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index e24aafb1d2898cab2c809e255c711bdc9ceee82e..3a0a120f9c56034b31e50a700ba78d82e397270a 100644 (file)
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -1575,9 +1575,8 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb,
                err = tls_device_decrypted(sk, tls_ctx, skb, rxm);
                if (err < 0)
                        return err;
-
-               /* skip SW decryption if NIC handled it already */
-               if (tlm->decrypted) {
+               if (err > 0) {
+                       tlm->decrypted = 1;
                        *zc = false;
                        goto decrypt_done;
                }