On 7/29/25 11:41, Wilfred Mallawa wrote:
From: Wilfred Mallawa <redacted>
Currently, for tls_sw, the kernel uses the default 16K
TLS_MAX_PAYLOAD_SIZE for records. However, if an endpoint has specified
a record size much lower than that, it is currently not respected.
Remove "much". Lower is lower and we have to respect it, even if it is 1B.
This patch adds support to using the record size limit specified by an
endpoint if it has been set.
s/to using/for using
Signed-off-by: Wilfred Mallawa <redacted>
quoted hunk ↗ jump to hunk
@@ -1045,6 +1046,13 @@ static int tls_sw_sendmsg_locked(struct sock *sk, struct msghdr *msg,
}
}
+ if (tls_ctx->tls_record_size_limit > 0) {
+ tls_record_size_limit = min(tls_ctx->tls_record_size_limit,
+ TLS_MAX_PAYLOAD_SIZE);
+ } else {
+ tls_record_size_limit = TLS_MAX_PAYLOAD_SIZE;
+ }
You can simplify this with:
tls_record_size_limit =
min_not_zero(tls_ctx->tls_record_size_limit,
TLS_MAX_PAYLOAD_SIZE);
quoted hunk ↗ jump to hunk
+
while (msg_data_left(msg)) {
if (sk->sk_err) {
ret = -sk->sk_err;@@ -1066,7 +1074,7 @@ static int tls_sw_sendmsg_locked(struct sock *sk, struct msghdr *msg,
orig_size = msg_pl->sg.size;
full_record = false;
try_to_copy = msg_data_left(msg);
- record_room = TLS_MAX_PAYLOAD_SIZE - msg_pl->sg.size;
+ record_room = tls_record_size_limit - msg_pl->sg.size;
if (try_to_copy >= record_room) {
try_to_copy = record_room;
full_record = true;
--
Damien Le Moal
Western Digital Research