Commit 72fb59c7 authored by Boris Pismenny's avatar Boris Pismenny Committed by Matt Caswell
Browse files

Linux ktls sendfile 



This commit introduces support for Linux KTLS sendfile.
Sendfile semantics require the use of a kernel TLS socket to construct the TLS
record headers, encrypt and authenticate the data.
KTLS sendfile improves performance by avoiding the copy of file data into user
space, which is required today.

Signed-off-by: default avatarBoris Pismenny <borisp@mellanox.com>

Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8727)
parent 260a16f3

include/internal/ktls.h

+15 −0
Original line number Diff line number Diff line
@@ -73,8 +73,14 @@ static ossl_inline int ktls_read_record(int fd, void *data, size_t length) 
    return -1;

}



static ossl_inline ossl_ssize_t ktls_sendfile(int s, int fd, off_t off, size_t size, int flags)

{

    return -1;

}



#   else                        /* KERNEL_VERSION */



#    include <sys/sendfile.h>

#    include <netinet/tcp.h>

#    include <linux/tls.h>

#    include <linux/socket.h>
@@ -158,6 +164,15 @@ static ossl_inline int ktls_send_ctrl_message(int fd, unsigned char record_type, 
    return sendmsg(fd, &msg, 0);

}



/*

 * KTLS enables the sendfile system call to send data from a file over TLS.

 * @flags are ignored on Linux. (placeholder for FreeBSD sendfile)

 * */

static ossl_inline ossl_ssize_t ktls_sendfile(int s, int fd, off_t off, size_t size, int flags)

{

    return sendfile(s, fd, &off, size);

}



#    define K_MIN1_RX  17

#    if LINUX_VERSION_CODE < KERNEL_VERSION(K_MAJ, K_MIN1_RX, K_MIN2)