From: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
To: "Valentin Vidić" <vvidic@valentin-vidic.from.hr>
Cc: Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
Jakub Kicinski <jakub.kicinski@netronome.com>,
Boris Pismenny <borisp@mellanox.com>,
Aviad Yehezkel <aviadye@mellanox.com>,
John Fastabend <john.fastabend@gmail.com>,
Daniel Borkmann <daniel@iogearbox.net>,
"David S. Miller" <davem@davemloft.net>,
Network Development <netdev@vger.kernel.org>,
linux-kernel <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v3] net/tls: Fix return values to avoid ENOTSUPP
Date: Thu, 5 Dec 2019 16:26:14 -0500 [thread overview]
Message-ID: <CA+FuTSeu-ouuT37d9r40o62=_PcGBUmE_HaOAr9EsNPzpTw=ag@mail.gmail.com> (raw)
In-Reply-To: <20191205204343.GA20116@valentin-vidic.from.hr>
On Thu, Dec 5, 2019 at 3:44 PM Valentin Vidić
<vvidic@valentin-vidic.from.hr> wrote:
>
> On Thu, Dec 05, 2019 at 03:06:55PM -0500, Willem de Bruijn wrote:
> > On Thu, Dec 5, 2019 at 2:34 PM Jakub Kicinski
> > <jakub.kicinski@netronome.com> wrote:
> > >
> > > On Thu, 5 Dec 2019 07:41:18 +0100, Valentin Vidic wrote:
> > > > ENOTSUPP is not available in userspace, for example:
> > > >
> > > > setsockopt failed, 524, Unknown error 524
> > > >
> > > > Signed-off-by: Valentin Vidic <vvidic@valentin-vidic.from.hr>
> > >
> > > > diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
> > > > index 0683788bbef0..cd91ad812291 100644
> > > > --- a/net/tls/tls_device.c
> > > > +++ b/net/tls/tls_device.c
> > > > @@ -429,7 +429,7 @@ static int tls_push_data(struct sock *sk,
> > > >
> > > > if (flags &
> > > > ~(MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL | MSG_SENDPAGE_NOTLAST))
> > > > - return -ENOTSUPP;
> > > > + return -EOPNOTSUPP;
> > > >
> > > > if (unlikely(sk->sk_err))
> > > > return -sk->sk_err;
> > > > @@ -571,7 +571,7 @@ int tls_device_sendpage(struct sock *sk, struct page *page,
> > > > lock_sock(sk);
> > > >
> > > > if (flags & MSG_OOB) {
> > > > - rc = -ENOTSUPP;
> > > > + rc = -EOPNOTSUPP;
> > >
> > > Perhaps the flag checks should return EINVAL? Willem any opinions?
> >
> > No strong opinion. Judging from do_tcp_sendpages MSG_OOB is a
> > supported flag in general for sendpage, so signaling that the TLS
> > variant cannot support that otherwise valid request sounds fine to me.
>
> I based these on the description from the sendmsg manpage, but you decide:
>
> EOPNOTSUPP
> Some bit in the flags argument is inappropriate for the socket type.
Interesting. That is a narrower interpretation than asm-generic/errno.h
#define EOPNOTSUPP 95 /* Operation not supported on
transport endpoint */
which is also the string that strerror() generates.
>
> > > > diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c
> > > > index bdca31ffe6da..5830b8e02a36 100644
> > > > --- a/net/tls/tls_main.c
> > > > +++ b/net/tls/tls_main.c
> > > > @@ -496,7 +496,7 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval,
> > > > /* check version */
> > > > if (crypto_info->version != TLS_1_2_VERSION &&
> > > > crypto_info->version != TLS_1_3_VERSION) {
> > > > - rc = -ENOTSUPP;
> > > > + rc = -EINVAL;
> > >
> > > This one I think Willem asked to be EOPNOTSUPP OTOH.
> >
> > Indeed (assuming no one disagrees). Based on the same rationale: the
> > request may be valid, it just cannot be accommodated (yet).
>
> In this case other checks in the same function like crypto_info->cipher_type
> return EINVAL, so I used the same here.
That makes sense.
I think there is a fundamental difference between, say, passing an
argument of incorrect length (optlen < sizeof(..)) and asking for a
possibly unsupported cipher mode. But consistency trumps that.
I don't mean to drag this out by bike-shedding.
Happy to defer to maintainers on whether the errno on published code
can and should be changed, which is the more fundamental issue than
the exact errno.
FWIW, I also did not see existing openssl and gnutls callers test the
specific errno. The calls just fail on any setsockopt return value -1.
next prev parent reply other threads:[~2019-12-05 21:26 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-03 22:44 [PATCH] net/tls: Fix return values for setsockopt Valentin Vidic
2019-12-03 22:55 ` Jakub Kicinski
2019-12-04 18:29 ` [PATCH v2] " Valentin Vidic
2019-12-04 19:22 ` [PATCH] " Willem de Bruijn
2019-12-04 19:35 ` Jakub Kicinski
2019-12-04 20:43 ` Willem de Bruijn
2019-12-04 20:51 ` David Miller
2019-12-04 23:01 ` Jakub Kicinski
2019-12-05 0:55 ` David Miller
2019-12-05 6:41 ` [PATCH v3] net/tls: Fix return values to avoid ENOTSUPP Valentin Vidic
2019-12-05 19:34 ` Jakub Kicinski
2019-12-05 20:06 ` Willem de Bruijn
2019-12-05 20:43 ` Valentin Vidić
2019-12-05 20:45 ` Jakub Kicinski
2019-12-05 21:26 ` Willem de Bruijn [this message]
2019-12-05 23:08 ` Valentin Vidić
2019-12-07 4:17 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CA+FuTSeu-ouuT37d9r40o62=_PcGBUmE_HaOAr9EsNPzpTw=ag@mail.gmail.com' \
--to=willemdebruijn.kernel@gmail.com \
--cc=aviadye@mellanox.com \
--cc=borisp@mellanox.com \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=jakub.kicinski@netronome.com \
--cc=john.fastabend@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=vvidic@valentin-vidic.from.hr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.