* [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs
@ 2020-10-19 11:50 Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 1/6] chelsio/chtls: fix socket lock Vinay Kumar Yadav
` (6 more replies)
0 siblings, 7 replies; 8+ messages in thread
From: Vinay Kumar Yadav @ 2020-10-19 11:50 UTC (permalink / raw)
To: netdev, davem, kuba; +Cc: secdev, Vinay Kumar Yadav
This series of patches fix following bugs in chelsio inline tls driver.
Patch1: Fix incorrect socket lock.
Patch2: correct netdevice for vlan interface.
Patch3: Fix panic when server is listening on ipv6.
Patch4: Fix panic when listen on multiadapter.
Patch5: correct function return and return type.
Patch6: Fix writing freed memory.
Thanks,
Vinay
Vinay Kumar Yadav (6):
chelsio/chtls: fix socket lock
chelsio/chtls: correct netdevice for vlan interface
chelsio/chtls: fix panic when server is on ipv6
chelsio/chtls: Fix panic when listen on multiadapter
chelsio/chtls: correct function return and return type
chelsio/chtls: fix writing freed memory
.../chelsio/inline_crypto/chtls/chtls_cm.c | 19 +++++++++++++------
.../chelsio/inline_crypto/chtls/chtls_io.c | 5 +++--
2 files changed, 16 insertions(+), 8 deletions(-)
--
2.18.1
^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH net 1/6] chelsio/chtls: fix socket lock
2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
@ 2020-10-19 11:50 ` Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 2/6] chelsio/chtls: correct netdevice for vlan interface Vinay Kumar Yadav
` (5 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: Vinay Kumar Yadav @ 2020-10-19 11:50 UTC (permalink / raw)
To: netdev, davem, kuba; +Cc: secdev, Vinay Kumar Yadav
In chtls_sendpage() socket lock is released but not acquired,
fix it by taking lock.
Fixes: 36bedb3f2e5b ("crypto: chtls - Inline TLS record Tx")
Signed-off-by: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
---
drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c
index 2e9acae1cba3..28c6c538032d 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c
@@ -1240,6 +1240,7 @@ int chtls_sendpage(struct sock *sk, struct page *page,
copied = 0;
csk = rcu_dereference_sk_user_data(sk);
cdev = csk->cdev;
+ lock_sock(sk);
timeo = sock_sndtimeo(sk, flags & MSG_DONTWAIT);
err = sk_stream_wait_connect(sk, &timeo);
--
2.18.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH net 2/6] chelsio/chtls: correct netdevice for vlan interface
2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 1/6] chelsio/chtls: fix socket lock Vinay Kumar Yadav
@ 2020-10-19 11:50 ` Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 3/6] chelsio/chtls: fix panic when server is on ipv6 Vinay Kumar Yadav
` (4 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: Vinay Kumar Yadav @ 2020-10-19 11:50 UTC (permalink / raw)
To: netdev, davem, kuba; +Cc: secdev, Vinay Kumar Yadav, Venkatesh Ellapu
Check if netdevice is a vlan interface and find real vlan netdevice.
Fixes: cc35c88ae4db ("crypto : chtls - CPL handler definition")
Signed-off-by: Venkatesh Ellapu <venkatesh.e@chelsio.com>
Signed-off-by: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
---
drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
index 05520dccd906..2f9eceaf706d 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
@@ -1157,6 +1157,9 @@ static struct sock *chtls_recv_sock(struct sock *lsk,
ndev = n->dev;
if (!ndev)
goto free_dst;
+ if (is_vlan_dev(ndev))
+ ndev = vlan_dev_real_dev(ndev);
+
port_id = cxgb4_port_idx(ndev);
csk = chtls_sock_create(cdev);
--
2.18.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH net 3/6] chelsio/chtls: fix panic when server is on ipv6
2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 1/6] chelsio/chtls: fix socket lock Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 2/6] chelsio/chtls: correct netdevice for vlan interface Vinay Kumar Yadav
@ 2020-10-19 11:50 ` Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 4/6] chelsio/chtls: Fix panic when listen on multiadapter Vinay Kumar Yadav
` (3 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: Vinay Kumar Yadav @ 2020-10-19 11:50 UTC (permalink / raw)
To: netdev, davem, kuba; +Cc: secdev, Vinay Kumar Yadav, Venkatesh Ellapu
Netdev is filled in egress_dev when connection is established,
If connection is closed before establishment, then egress_dev
is NULL, Fix it using ip_dev_find() rather then extracting from
egress_dev.
Fixes: 6abde0b24122 ("crypto/chtls: IPv6 support for inline TLS")
Signed-off-by: Venkatesh Ellapu <venkatesh.e@chelsio.com>
Signed-off-by: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
---
drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
index 2f9eceaf706d..e46228ca49ad 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
@@ -736,14 +736,13 @@ void chtls_listen_stop(struct chtls_dev *cdev, struct sock *sk)
#if IS_ENABLED(CONFIG_IPV6)
if (sk->sk_family == PF_INET6) {
- struct chtls_sock *csk;
+ struct net_device *ndev = chtls_find_netdev(cdev, sk);
int addr_type = 0;
- csk = rcu_dereference_sk_user_data(sk);
addr_type = ipv6_addr_type((const struct in6_addr *)
&sk->sk_v6_rcv_saddr);
if (addr_type != IPV6_ADDR_ANY)
- cxgb4_clip_release(csk->egress_dev, (const u32 *)
+ cxgb4_clip_release(ndev, (const u32 *)
&sk->sk_v6_rcv_saddr, 1);
}
#endif
--
2.18.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH net 4/6] chelsio/chtls: Fix panic when listen on multiadapter
2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
` (2 preceding siblings ...)
2020-10-19 11:50 ` [PATCH net 3/6] chelsio/chtls: fix panic when server is on ipv6 Vinay Kumar Yadav
@ 2020-10-19 11:50 ` Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 5/6] chelsio/chtls: correct function return and return type Vinay Kumar Yadav
` (2 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: Vinay Kumar Yadav @ 2020-10-19 11:50 UTC (permalink / raw)
To: netdev, davem, kuba; +Cc: secdev, Vinay Kumar Yadav, Venkatesh Ellapu
Add the logic to compare net_device returned by ip_dev_find()
with the net_device list in cdev->ports[] array and return
net_device if matched else NULL.
Fixes: 6abde0b24122 ("crypto/chtls: IPv6 support for inline TLS")
Signed-off-by: Venkatesh Ellapu <venkatesh.e@chelsio.com>
Signed-off-by: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
---
.../ethernet/chelsio/inline_crypto/chtls/chtls_cm.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
index e46228ca49ad..bdb53fa41022 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
@@ -92,11 +92,13 @@ static void chtls_sock_release(struct kref *ref)
static struct net_device *chtls_find_netdev(struct chtls_dev *cdev,
struct sock *sk)
{
+ struct adapter *adap = pci_get_drvdata(cdev->pdev);
struct net_device *ndev = cdev->ports[0];
#if IS_ENABLED(CONFIG_IPV6)
struct net_device *temp;
int addr_type;
#endif
+ int i;
switch (sk->sk_family) {
case PF_INET:
@@ -127,8 +129,12 @@ static struct net_device *chtls_find_netdev(struct chtls_dev *cdev,
return NULL;
if (is_vlan_dev(ndev))
- return vlan_dev_real_dev(ndev);
- return ndev;
+ ndev = vlan_dev_real_dev(ndev);
+
+ for_each_port(adap, i)
+ if (cdev->ports[i] == ndev)
+ return ndev;
+ return NULL;
}
static void assign_rxopt(struct sock *sk, unsigned int opt)
--
2.18.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH net 5/6] chelsio/chtls: correct function return and return type
2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
` (3 preceding siblings ...)
2020-10-19 11:50 ` [PATCH net 4/6] chelsio/chtls: Fix panic when listen on multiadapter Vinay Kumar Yadav
@ 2020-10-19 11:50 ` Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 6/6] chelsio/chtls: fix writing freed memory Vinay Kumar Yadav
2020-10-21 1:20 ` [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Jakub Kicinski
6 siblings, 0 replies; 8+ messages in thread
From: Vinay Kumar Yadav @ 2020-10-19 11:50 UTC (permalink / raw)
To: netdev, davem, kuba; +Cc: secdev, Vinay Kumar Yadav
csk_mem_free() should return true if send buffer is available,
false otherwise.
Fixes: 3b8305f5c844 ("crypto: chtls - wait for memory sendmsg, sendpage")
Signed-off-by: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
---
drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c
index 28c6c538032d..9fb5ca6682ea 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c
@@ -902,9 +902,9 @@ static int chtls_skb_copy_to_page_nocache(struct sock *sk,
return 0;
}
-static int csk_mem_free(struct chtls_dev *cdev, struct sock *sk)
+static bool csk_mem_free(struct chtls_dev *cdev, struct sock *sk)
{
- return (cdev->max_host_sndbuf - sk->sk_wmem_queued);
+ return (cdev->max_host_sndbuf - sk->sk_wmem_queued > 0);
}
static int csk_wait_memory(struct chtls_dev *cdev,
--
2.18.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH net 6/6] chelsio/chtls: fix writing freed memory
2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
` (4 preceding siblings ...)
2020-10-19 11:50 ` [PATCH net 5/6] chelsio/chtls: correct function return and return type Vinay Kumar Yadav
@ 2020-10-19 11:50 ` Vinay Kumar Yadav
2020-10-21 1:20 ` [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Jakub Kicinski
6 siblings, 0 replies; 8+ messages in thread
From: Vinay Kumar Yadav @ 2020-10-19 11:50 UTC (permalink / raw)
To: netdev, davem, kuba; +Cc: secdev, Vinay Kumar Yadav
When chtls_sock *csk is freed, same memory can be allocated
to different csk in chtls_sock_create().
csk->cdev = NULL; statement might ends up modifying wrong
csk, eventually causing kernel panic.
removing (csk->cdev = NULL) statement as it is not required.
Fixes: 3a0a97838923 ("crypto/chtls: Fix chtls crash in connection cleanup")
Signed-off-by: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
---
drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
index bdb53fa41022..ec4f79049a06 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
@@ -483,7 +483,6 @@ void chtls_destroy_sock(struct sock *sk)
chtls_purge_write_queue(sk);
free_tls_keyid(sk);
kref_put(&csk->kref, chtls_sock_release);
- csk->cdev = NULL;
if (sk->sk_family == AF_INET)
sk->sk_prot = &tcp_prot;
#if IS_ENABLED(CONFIG_IPV6)
--
2.18.1
^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs
2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
` (5 preceding siblings ...)
2020-10-19 11:50 ` [PATCH net 6/6] chelsio/chtls: fix writing freed memory Vinay Kumar Yadav
@ 2020-10-21 1:20 ` Jakub Kicinski
6 siblings, 0 replies; 8+ messages in thread
From: Jakub Kicinski @ 2020-10-21 1:20 UTC (permalink / raw)
To: Vinay Kumar Yadav; +Cc: netdev, davem, secdev
On Mon, 19 Oct 2020 17:20:19 +0530 Vinay Kumar Yadav wrote:
> This series of patches fix following bugs in chelsio inline tls driver.
>
> Patch1: Fix incorrect socket lock.
> Patch2: correct netdevice for vlan interface.
> Patch3: Fix panic when server is listening on ipv6.
> Patch4: Fix panic when listen on multiadapter.
> Patch5: correct function return and return type.
> Patch6: Fix writing freed memory.
Applied, thanks.
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2020-10-21 1:20 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 1/6] chelsio/chtls: fix socket lock Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 2/6] chelsio/chtls: correct netdevice for vlan interface Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 3/6] chelsio/chtls: fix panic when server is on ipv6 Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 4/6] chelsio/chtls: Fix panic when listen on multiadapter Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 5/6] chelsio/chtls: correct function return and return type Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 6/6] chelsio/chtls: fix writing freed memory Vinay Kumar Yadav
2020-10-21 1:20 ` [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Jakub Kicinski
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).