From: Chuck Lever Each record release via tls_strp_msg_done() triggers tls_strp_check_rcv(), which calls tls_rx_msg_ready() and fires saved_data_ready(). During a multi-record receive, the first N-1 wakeups are pure overhead: the caller is already running and will pick up subsequent records on the next loop iteration. On the splice_read path the per-record wakeup is similarly unnecessary because the caller still holds the socket lock. Replace tls_strp_msg_done() with tls_strp_msg_release() in all three receive paths (read_sock, recvmsg, splice_read), deferring the tls_strp_check_rcv() call to each path's exit point. Factor tls_rx_msg_ready() out of tls_strp_read_sock() so that parsing a record no longer fires the callback directly, and add a @wake parameter to tls_strp_check_rcv() so callers can parse queued data without notifying. With no remaining callers, tls_strp_msg_done() and its wrapper tls_rx_rec_done() are removed. Acked-by: Alistair Francis Reviewed-by: Hannes Reinecke Signed-off-by: Chuck Lever --- net/tls/tls.h | 3 +-- net/tls/tls_main.c | 2 +- net/tls/tls_strp.c | 35 +++++++++++++++++++++-------------- net/tls/tls_sw.c | 22 +++++++++++++++------- 4 files changed, 38 insertions(+), 24 deletions(-) diff --git a/net/tls/tls.h b/net/tls/tls.h index a97f1acef31d..f41dac6305f4 100644 --- a/net/tls/tls.h +++ b/net/tls/tls.h @@ -192,9 +192,8 @@ void tls_strp_stop(struct tls_strparser *strp); int tls_strp_init(struct tls_strparser *strp, struct sock *sk); void tls_strp_data_ready(struct tls_strparser *strp); -void tls_strp_check_rcv(struct tls_strparser *strp); +void tls_strp_check_rcv(struct tls_strparser *strp, bool wake); void tls_strp_msg_release(struct tls_strparser *strp); -void tls_strp_msg_done(struct tls_strparser *strp); int tls_rx_msg_size(struct tls_strparser *strp, struct sk_buff *skb); void tls_rx_msg_ready(struct tls_strparser *strp); diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c index fd39acf41a61..c10a3fd7fc17 100644 --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c @@ -769,7 +769,7 @@ static int do_tls_setsockopt_conf(struct sock *sk, sockptr_t optval, } else { struct tls_sw_context_rx *rx_ctx = tls_sw_ctx_rx(ctx); - tls_strp_check_rcv(&rx_ctx->strp); + tls_strp_check_rcv(&rx_ctx->strp, true); } return 0; diff --git a/net/tls/tls_strp.c b/net/tls/tls_strp.c index a7648ebde162..b0b2ca92fa99 100644 --- a/net/tls/tls_strp.c +++ b/net/tls/tls_strp.c @@ -368,7 +368,6 @@ static int tls_strp_copyin(read_descriptor_t *desc, struct sk_buff *in_skb, desc->count = 0; WRITE_ONCE(strp->msg_ready, 1); - tls_rx_msg_ready(strp); } return ret; @@ -539,18 +538,32 @@ static int tls_strp_read_sock(struct tls_strparser *strp) return tls_strp_read_copy(strp, false); WRITE_ONCE(strp->msg_ready, 1); - tls_rx_msg_ready(strp); return 0; } -void tls_strp_check_rcv(struct tls_strparser *strp) +/** + * tls_strp_check_rcv - parse queued data and optionally notify + * @strp: TLS stream parser instance + * @wake: if true, fire consumer notification when a message is ready + * + * When @wake is false, queued data is parsed without consumer + * notification. A subsequent call with @wake set to true is + * required before the socket lock is released; otherwise queued + * data stalls until the next tls_strp_data_ready() event. + */ +void tls_strp_check_rcv(struct tls_strparser *strp, bool wake) { - if (unlikely(strp->stopped) || strp->msg_ready) + if (unlikely(strp->stopped)) return; - if (tls_strp_read_sock(strp) == -ENOMEM) - queue_work(tls_strp_wq, &strp->work); + if (!strp->msg_ready) { + if (tls_strp_read_sock(strp) == -ENOMEM) + queue_work(tls_strp_wq, &strp->work); + } + + if (wake && strp->msg_ready) + tls_rx_msg_ready(strp); } /* Lower sock lock held */ @@ -568,7 +581,7 @@ void tls_strp_data_ready(struct tls_strparser *strp) return; } - tls_strp_check_rcv(strp); + tls_strp_check_rcv(strp, true); } static void tls_strp_work(struct work_struct *w) @@ -577,7 +590,7 @@ static void tls_strp_work(struct work_struct *w) container_of(w, struct tls_strparser, work); lock_sock(strp->sk); - tls_strp_check_rcv(strp); + tls_strp_check_rcv(strp, true); release_sock(strp->sk); } @@ -603,12 +616,6 @@ void tls_strp_msg_release(struct tls_strparser *strp) memset(&strp->stm, 0, sizeof(strp->stm)); } -void tls_strp_msg_done(struct tls_strparser *strp) -{ - tls_strp_msg_release(strp); - tls_strp_check_rcv(strp); -} - void tls_strp_stop(struct tls_strparser *strp) { strp->stopped = 1; diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 5fdd43a55f1e..8fb2f2a93846 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -1373,7 +1373,11 @@ tls_rx_rec_wait(struct sock *sk, struct sk_psock *psock, bool nonblock, return ret; if (!skb_queue_empty(&sk->sk_receive_queue)) { - tls_strp_check_rcv(&ctx->strp); + /* Defer notification to the exit point; + * this thread will consume the record + * directly. + */ + tls_strp_check_rcv(&ctx->strp, false); if (tls_strp_msg_ready(ctx)) break; } @@ -1859,9 +1863,9 @@ static int tls_record_content_type(struct msghdr *msg, struct tls_msg *tlm, return 1; } -static void tls_rx_rec_done(struct tls_sw_context_rx *ctx) +static void tls_rx_rec_release(struct tls_sw_context_rx *ctx) { - tls_strp_msg_done(&ctx->strp); + tls_strp_msg_release(&ctx->strp); } /* This function traverses the rx_list in tls receive context to copies the @@ -2142,7 +2146,7 @@ int tls_sw_recvmsg(struct sock *sk, err = tls_record_content_type(msg, tls_msg(darg.skb), &control); if (err <= 0) { DEBUG_NET_WARN_ON_ONCE(darg.zc); - tls_rx_rec_done(ctx); + tls_rx_rec_release(ctx); put_on_rx_list_err: __skb_queue_tail(&ctx->rx_list, darg.skb); goto recv_end; @@ -2156,7 +2160,8 @@ int tls_sw_recvmsg(struct sock *sk, /* TLS 1.3 may have updated the length by more than overhead */ rxm = strp_msg(darg.skb); chunk = rxm->full_len; - tls_rx_rec_done(ctx); + tls_rx_rec_release(ctx); + tls_strp_check_rcv(&ctx->strp, false); if (!darg.zc) { bool partially_consumed = chunk > len; @@ -2250,6 +2255,7 @@ int tls_sw_recvmsg(struct sock *sk, copied += decrypted; end: + tls_strp_check_rcv(&ctx->strp, true); tls_rx_reader_unlock(sk, ctx); if (psock) sk_psock_put(sk, psock); @@ -2290,7 +2296,7 @@ ssize_t tls_sw_splice_read(struct socket *sock, loff_t *ppos, if (err < 0) goto splice_read_end; - tls_rx_rec_done(ctx); + tls_rx_rec_release(ctx); skb = darg.skb; } @@ -2317,6 +2323,7 @@ ssize_t tls_sw_splice_read(struct socket *sock, loff_t *ppos, consume_skb(skb); splice_read_end: + tls_strp_check_rcv(&ctx->strp, true); tls_rx_reader_unlock(sk, ctx); return copied ? : err; @@ -2382,7 +2389,7 @@ int tls_sw_read_sock(struct sock *sk, read_descriptor_t *desc, tlm = tls_msg(skb); decrypted += rxm->full_len; - tls_rx_rec_done(ctx); + tls_rx_rec_release(ctx); } /* read_sock does not support reading control messages */ @@ -2412,6 +2419,7 @@ int tls_sw_read_sock(struct sock *sk, read_descriptor_t *desc, } read_sock_end: + tls_strp_check_rcv(&ctx->strp, true); tls_rx_reader_release(sk, ctx); return copied ? : err; -- 2.53.0