diff options
| author | Dirk van der Merwe <dirk.vandermerwe@netronome.com> | 2019-06-05 14:11:40 -0700 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2019-06-06 14:13:40 -0700 |
| commit | b9727d7f957d68febb3b5f68d4be270ee6fb57e7 (patch) | |
| tree | 640ce3d4b2c51f8af8e4047d32caf532da86d423 /include/net | |
| parent | 2e361176ea01c4b2f90b17c2264a2a794050c3f3 (diff) | |
net/tls: export TLS per skb encryption
While offloading TLS connections, drivers need to handle the case where
out of order packets need to be transmitted.
Other drivers obtain the entire TLS record for the specific skb to
provide as context to hardware for encryption. However, other designs
may also want to keep the hardware state intact and perform the
out of order encryption entirely on the host.
To achieve this, export the already existing software encryption
fallback path so drivers could access this.
Signed-off-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com>
Reviewed-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net')
| -rw-r--r-- | include/net/tls.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/net/tls.h b/include/net/tls.h index 3da0d941e729..d1a4f365d6be 100644 --- a/include/net/tls.h +++ b/include/net/tls.h @@ -590,6 +590,7 @@ void tls_unregister_device(struct tls_device *device); int tls_device_decrypted(struct sock *sk, struct sk_buff *skb); int decrypt_skb(struct sock *sk, struct sk_buff *skb, struct scatterlist *sgout); +struct sk_buff *tls_encrypt_skb(struct sk_buff *skb); struct sk_buff *tls_validate_xmit_skb(struct sock *sk, struct net_device *dev, |