Skip to content
  • Vakul Garg's avatar
    tls: Add support for inplace records encryption · 4e6d4720
    Vakul Garg authored
    Presently, for non-zero copy case, separate pages are allocated for
    storing plaintext and encrypted text of records. These pages are stored
    in sg_plaintext_data and sg_encrypted_data scatterlists inside record
    structure. Further, sg_plaintext_data & sg_encrypted_data are passed
    to cryptoapis for record encryption. Allocating separate pages for
    plaintext and encrypted text is inefficient from both required memory
    and performance point of view.
    This patch adds support of inplace encryption of records. For non-zero
    copy case, we reuse the pages from sg_encrypted_data scatterlist to
    copy the application's plaintext data. For the movement of pages from
    sg_encrypted_data to sg_plaintext_data scatterlists, we introduce a new
    function move_to_plaintext_sg(). This function add pages into
    sg_plaintext_data from sg_encrypted_data scatterlists.
    tls_do_encryption() is modified to pass the same scatterlist as both
    source and destination into aead_request_set_crypt() if inplace crypto
    has been enabled. A new ariable 'inplace_crypto' has been introduced in
    record structure to signify whether the same scatterlist can be used.
    By default, the inplace_crypto is enabled in get_rec(). If zero-copy is
    used (i.e. plaintext data is not copied), inplace_crypto is set to '0'.
    Signed-off-by: default avatarVakul Garg <>
    Reviewed-by: default avatarDave Watson <>
    Signed-off-by: default avatarDavid S. Miller <>