Merge branch 'net-tls-fix-encryption-error-path'
Vadim Fedorenko says: ==================== net/tls: fix encryption error path The problem with data stream corruption was found in KTLS transmit path with small socket send buffers and large amount of data. bpf_exec_tx_verdict() frees open record on any type of error including EAGAIN, ENOMEM and ENOSPC while callers are able to recover this transient errors. Also wrong error code was returned to user space in that case. This patchset fixes the problems. ==================== Acked-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller
commit
a553461700
|
|
@ -780,7 +780,7 @@ static int tls_push_record(struct sock *sk, int flags,
|
||||||
|
|
||||||
static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk,
|
static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk,
|
||||||
bool full_record, u8 record_type,
|
bool full_record, u8 record_type,
|
||||||
size_t *copied, int flags)
|
ssize_t *copied, int flags)
|
||||||
{
|
{
|
||||||
struct tls_context *tls_ctx = tls_get_ctx(sk);
|
struct tls_context *tls_ctx = tls_get_ctx(sk);
|
||||||
struct tls_sw_context_tx *ctx = tls_sw_ctx_tx(tls_ctx);
|
struct tls_sw_context_tx *ctx = tls_sw_ctx_tx(tls_ctx);
|
||||||
|
|
@ -796,9 +796,10 @@ static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk,
|
||||||
psock = sk_psock_get(sk);
|
psock = sk_psock_get(sk);
|
||||||
if (!psock || !policy) {
|
if (!psock || !policy) {
|
||||||
err = tls_push_record(sk, flags, record_type);
|
err = tls_push_record(sk, flags, record_type);
|
||||||
if (err && err != -EINPROGRESS) {
|
if (err && sk->sk_err == EBADMSG) {
|
||||||
*copied -= sk_msg_free(sk, msg);
|
*copied -= sk_msg_free(sk, msg);
|
||||||
tls_free_open_rec(sk);
|
tls_free_open_rec(sk);
|
||||||
|
err = -sk->sk_err;
|
||||||
}
|
}
|
||||||
if (psock)
|
if (psock)
|
||||||
sk_psock_put(sk, psock);
|
sk_psock_put(sk, psock);
|
||||||
|
|
@ -824,9 +825,10 @@ more_data:
|
||||||
switch (psock->eval) {
|
switch (psock->eval) {
|
||||||
case __SK_PASS:
|
case __SK_PASS:
|
||||||
err = tls_push_record(sk, flags, record_type);
|
err = tls_push_record(sk, flags, record_type);
|
||||||
if (err && err != -EINPROGRESS) {
|
if (err && sk->sk_err == EBADMSG) {
|
||||||
*copied -= sk_msg_free(sk, msg);
|
*copied -= sk_msg_free(sk, msg);
|
||||||
tls_free_open_rec(sk);
|
tls_free_open_rec(sk);
|
||||||
|
err = -sk->sk_err;
|
||||||
goto out_err;
|
goto out_err;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
@ -916,7 +918,8 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
|
||||||
unsigned char record_type = TLS_RECORD_TYPE_DATA;
|
unsigned char record_type = TLS_RECORD_TYPE_DATA;
|
||||||
bool is_kvec = iov_iter_is_kvec(&msg->msg_iter);
|
bool is_kvec = iov_iter_is_kvec(&msg->msg_iter);
|
||||||
bool eor = !(msg->msg_flags & MSG_MORE);
|
bool eor = !(msg->msg_flags & MSG_MORE);
|
||||||
size_t try_to_copy, copied = 0;
|
size_t try_to_copy;
|
||||||
|
ssize_t copied = 0;
|
||||||
struct sk_msg *msg_pl, *msg_en;
|
struct sk_msg *msg_pl, *msg_en;
|
||||||
struct tls_rec *rec;
|
struct tls_rec *rec;
|
||||||
int required_size;
|
int required_size;
|
||||||
|
|
@ -1118,7 +1121,7 @@ send_end:
|
||||||
|
|
||||||
release_sock(sk);
|
release_sock(sk);
|
||||||
mutex_unlock(&tls_ctx->tx_lock);
|
mutex_unlock(&tls_ctx->tx_lock);
|
||||||
return copied ? copied : ret;
|
return copied > 0 ? copied : ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int tls_sw_do_sendpage(struct sock *sk, struct page *page,
|
static int tls_sw_do_sendpage(struct sock *sk, struct page *page,
|
||||||
|
|
@ -1132,7 +1135,7 @@ static int tls_sw_do_sendpage(struct sock *sk, struct page *page,
|
||||||
struct sk_msg *msg_pl;
|
struct sk_msg *msg_pl;
|
||||||
struct tls_rec *rec;
|
struct tls_rec *rec;
|
||||||
int num_async = 0;
|
int num_async = 0;
|
||||||
size_t copied = 0;
|
ssize_t copied = 0;
|
||||||
bool full_record;
|
bool full_record;
|
||||||
int record_room;
|
int record_room;
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
|
|
@ -1234,7 +1237,7 @@ wait_for_memory:
|
||||||
}
|
}
|
||||||
sendpage_end:
|
sendpage_end:
|
||||||
ret = sk_stream_error(sk, flags, ret);
|
ret = sk_stream_error(sk, flags, ret);
|
||||||
return copied ? copied : ret;
|
return copied > 0 ? copied : ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
int tls_sw_sendpage_locked(struct sock *sk, struct page *page,
|
int tls_sw_sendpage_locked(struct sock *sk, struct page *page,
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue