netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs
@ 2020-10-19 11:50 Vinay Kumar Yadav
  2020-10-19 11:50 ` [PATCH net 1/6] chelsio/chtls: fix socket lock Vinay Kumar Yadav
                   ` (6 more replies)
  0 siblings, 7 replies; 8+ messages in thread
From: Vinay Kumar Yadav @ 2020-10-19 11:50 UTC (permalink / raw)
  To: netdev, davem, kuba; +Cc: secdev, Vinay Kumar Yadav

This series of patches fix following bugs in chelsio inline tls driver.

Patch1: Fix incorrect socket lock.
Patch2: correct netdevice for vlan interface.
Patch3: Fix panic when server is listening on ipv6.
Patch4: Fix panic when listen on multiadapter.
Patch5: correct function return and return type.
Patch6: Fix writing freed memory.

Thanks,
Vinay

Vinay Kumar Yadav (6):
  chelsio/chtls: fix socket lock
  chelsio/chtls: correct netdevice for vlan interface
  chelsio/chtls: fix panic when server is on ipv6
  chelsio/chtls: Fix panic when listen on multiadapter
  chelsio/chtls: correct function return and return type
  chelsio/chtls: fix writing freed memory

 .../chelsio/inline_crypto/chtls/chtls_cm.c    | 19 +++++++++++++------
 .../chelsio/inline_crypto/chtls/chtls_io.c    |  5 +++--
 2 files changed, 16 insertions(+), 8 deletions(-)

-- 
2.18.1


^ permalink raw reply	[flat|nested] 8+ messages in thread

* [PATCH net 1/6] chelsio/chtls: fix socket lock
  2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
@ 2020-10-19 11:50 ` Vinay Kumar Yadav
  2020-10-19 11:50 ` [PATCH net 2/6] chelsio/chtls: correct netdevice for vlan interface Vinay Kumar Yadav
                   ` (5 subsequent siblings)
  6 siblings, 0 replies; 8+ messages in thread
From: Vinay Kumar Yadav @ 2020-10-19 11:50 UTC (permalink / raw)
  To: netdev, davem, kuba; +Cc: secdev, Vinay Kumar Yadav

In chtls_sendpage() socket lock is released but not acquired,
fix it by taking lock.

Fixes: 36bedb3f2e5b ("crypto: chtls - Inline TLS record Tx")
Signed-off-by: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
---
 drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c
index 2e9acae1cba3..28c6c538032d 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c
@@ -1240,6 +1240,7 @@ int chtls_sendpage(struct sock *sk, struct page *page,
 	copied = 0;
 	csk = rcu_dereference_sk_user_data(sk);
 	cdev = csk->cdev;
+	lock_sock(sk);
 	timeo = sock_sndtimeo(sk, flags & MSG_DONTWAIT);
 
 	err = sk_stream_wait_connect(sk, &timeo);
-- 
2.18.1


^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [PATCH net 2/6] chelsio/chtls: correct netdevice for vlan interface
  2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
  2020-10-19 11:50 ` [PATCH net 1/6] chelsio/chtls: fix socket lock Vinay Kumar Yadav
@ 2020-10-19 11:50 ` Vinay Kumar Yadav
  2020-10-19 11:50 ` [PATCH net 3/6] chelsio/chtls: fix panic when server is on ipv6 Vinay Kumar Yadav
                   ` (4 subsequent siblings)
  6 siblings, 0 replies; 8+ messages in thread
From: Vinay Kumar Yadav @ 2020-10-19 11:50 UTC (permalink / raw)
  To: netdev, davem, kuba; +Cc: secdev, Vinay Kumar Yadav, Venkatesh Ellapu

Check if netdevice is a vlan interface and find real vlan netdevice.

Fixes: cc35c88ae4db ("crypto : chtls - CPL handler definition")
Signed-off-by: Venkatesh Ellapu <venkatesh.e@chelsio.com>
Signed-off-by: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
---
 drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
index 05520dccd906..2f9eceaf706d 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
@@ -1157,6 +1157,9 @@ static struct sock *chtls_recv_sock(struct sock *lsk,
 	ndev = n->dev;
 	if (!ndev)
 		goto free_dst;
+	if (is_vlan_dev(ndev))
+		ndev = vlan_dev_real_dev(ndev);
+
 	port_id = cxgb4_port_idx(ndev);
 
 	csk = chtls_sock_create(cdev);
-- 
2.18.1


^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [PATCH net 3/6] chelsio/chtls: fix panic when server is on ipv6
  2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
  2020-10-19 11:50 ` [PATCH net 1/6] chelsio/chtls: fix socket lock Vinay Kumar Yadav
  2020-10-19 11:50 ` [PATCH net 2/6] chelsio/chtls: correct netdevice for vlan interface Vinay Kumar Yadav
@ 2020-10-19 11:50 ` Vinay Kumar Yadav
  2020-10-19 11:50 ` [PATCH net 4/6] chelsio/chtls: Fix panic when listen on multiadapter Vinay Kumar Yadav
                   ` (3 subsequent siblings)
  6 siblings, 0 replies; 8+ messages in thread
From: Vinay Kumar Yadav @ 2020-10-19 11:50 UTC (permalink / raw)
  To: netdev, davem, kuba; +Cc: secdev, Vinay Kumar Yadav, Venkatesh Ellapu

Netdev is filled in egress_dev when connection is established,
If connection is closed before establishment, then egress_dev
is NULL, Fix it using ip_dev_find() rather then extracting from
egress_dev.

Fixes: 6abde0b24122 ("crypto/chtls: IPv6 support for inline TLS")
Signed-off-by: Venkatesh Ellapu <venkatesh.e@chelsio.com>
Signed-off-by: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
---
 drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
index 2f9eceaf706d..e46228ca49ad 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
@@ -736,14 +736,13 @@ void chtls_listen_stop(struct chtls_dev *cdev, struct sock *sk)
 
 #if IS_ENABLED(CONFIG_IPV6)
 	if (sk->sk_family == PF_INET6) {
-		struct chtls_sock *csk;
+		struct net_device *ndev = chtls_find_netdev(cdev, sk);
 		int addr_type = 0;
 
-		csk = rcu_dereference_sk_user_data(sk);
 		addr_type = ipv6_addr_type((const struct in6_addr *)
 					  &sk->sk_v6_rcv_saddr);
 		if (addr_type != IPV6_ADDR_ANY)
-			cxgb4_clip_release(csk->egress_dev, (const u32 *)
+			cxgb4_clip_release(ndev, (const u32 *)
 					   &sk->sk_v6_rcv_saddr, 1);
 	}
 #endif
-- 
2.18.1


^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [PATCH net 4/6] chelsio/chtls: Fix panic when listen on multiadapter
  2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
                   ` (2 preceding siblings ...)
  2020-10-19 11:50 ` [PATCH net 3/6] chelsio/chtls: fix panic when server is on ipv6 Vinay Kumar Yadav
@ 2020-10-19 11:50 ` Vinay Kumar Yadav
  2020-10-19 11:50 ` [PATCH net 5/6] chelsio/chtls: correct function return and return type Vinay Kumar Yadav
                   ` (2 subsequent siblings)
  6 siblings, 0 replies; 8+ messages in thread
From: Vinay Kumar Yadav @ 2020-10-19 11:50 UTC (permalink / raw)
  To: netdev, davem, kuba; +Cc: secdev, Vinay Kumar Yadav, Venkatesh Ellapu

Add the logic to compare net_device returned by ip_dev_find()
with the net_device list in cdev->ports[] array and return
net_device if matched else NULL.

Fixes: 6abde0b24122 ("crypto/chtls: IPv6 support for inline TLS")
Signed-off-by: Venkatesh Ellapu <venkatesh.e@chelsio.com>
Signed-off-by: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
---
 .../ethernet/chelsio/inline_crypto/chtls/chtls_cm.c    | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
index e46228ca49ad..bdb53fa41022 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
@@ -92,11 +92,13 @@ static void chtls_sock_release(struct kref *ref)
 static struct net_device *chtls_find_netdev(struct chtls_dev *cdev,
 					    struct sock *sk)
 {
+	struct adapter *adap = pci_get_drvdata(cdev->pdev);
 	struct net_device *ndev = cdev->ports[0];
 #if IS_ENABLED(CONFIG_IPV6)
 	struct net_device *temp;
 	int addr_type;
 #endif
+	int i;
 
 	switch (sk->sk_family) {
 	case PF_INET:
@@ -127,8 +129,12 @@ static struct net_device *chtls_find_netdev(struct chtls_dev *cdev,
 		return NULL;
 
 	if (is_vlan_dev(ndev))
-		return vlan_dev_real_dev(ndev);
-	return ndev;
+		ndev = vlan_dev_real_dev(ndev);
+
+	for_each_port(adap, i)
+		if (cdev->ports[i] == ndev)
+			return ndev;
+	return NULL;
 }
 
 static void assign_rxopt(struct sock *sk, unsigned int opt)
-- 
2.18.1


^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [PATCH net 5/6] chelsio/chtls: correct function return and return type
  2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
                   ` (3 preceding siblings ...)
  2020-10-19 11:50 ` [PATCH net 4/6] chelsio/chtls: Fix panic when listen on multiadapter Vinay Kumar Yadav
@ 2020-10-19 11:50 ` Vinay Kumar Yadav
  2020-10-19 11:50 ` [PATCH net 6/6] chelsio/chtls: fix writing freed memory Vinay Kumar Yadav
  2020-10-21  1:20 ` [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Jakub Kicinski
  6 siblings, 0 replies; 8+ messages in thread
From: Vinay Kumar Yadav @ 2020-10-19 11:50 UTC (permalink / raw)
  To: netdev, davem, kuba; +Cc: secdev, Vinay Kumar Yadav

csk_mem_free() should return true if send buffer is available,
false otherwise.

Fixes: 3b8305f5c844 ("crypto: chtls - wait for memory sendmsg, sendpage")
Signed-off-by: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
---
 drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c
index 28c6c538032d..9fb5ca6682ea 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_io.c
@@ -902,9 +902,9 @@ static int chtls_skb_copy_to_page_nocache(struct sock *sk,
 	return 0;
 }
 
-static int csk_mem_free(struct chtls_dev *cdev, struct sock *sk)
+static bool csk_mem_free(struct chtls_dev *cdev, struct sock *sk)
 {
-	return (cdev->max_host_sndbuf - sk->sk_wmem_queued);
+	return (cdev->max_host_sndbuf - sk->sk_wmem_queued > 0);
 }
 
 static int csk_wait_memory(struct chtls_dev *cdev,
-- 
2.18.1


^ permalink raw reply related	[flat|nested] 8+ messages in thread

* [PATCH net 6/6] chelsio/chtls: fix writing freed memory
  2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
                   ` (4 preceding siblings ...)
  2020-10-19 11:50 ` [PATCH net 5/6] chelsio/chtls: correct function return and return type Vinay Kumar Yadav
@ 2020-10-19 11:50 ` Vinay Kumar Yadav
  2020-10-21  1:20 ` [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Jakub Kicinski
  6 siblings, 0 replies; 8+ messages in thread
From: Vinay Kumar Yadav @ 2020-10-19 11:50 UTC (permalink / raw)
  To: netdev, davem, kuba; +Cc: secdev, Vinay Kumar Yadav

When chtls_sock *csk is freed, same memory can be allocated
to different csk in chtls_sock_create().
csk->cdev = NULL; statement might ends up modifying wrong
csk, eventually causing kernel panic.
removing (csk->cdev = NULL) statement as it is not required.

Fixes: 3a0a97838923 ("crypto/chtls: Fix chtls crash in connection cleanup")
Signed-off-by: Vinay Kumar Yadav <vinay.yadav@chelsio.com>
---
 drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
index bdb53fa41022..ec4f79049a06 100644
--- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
+++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
@@ -483,7 +483,6 @@ void chtls_destroy_sock(struct sock *sk)
 	chtls_purge_write_queue(sk);
 	free_tls_keyid(sk);
 	kref_put(&csk->kref, chtls_sock_release);
-	csk->cdev = NULL;
 	if (sk->sk_family == AF_INET)
 		sk->sk_prot = &tcp_prot;
 #if IS_ENABLED(CONFIG_IPV6)
-- 
2.18.1


^ permalink raw reply related	[flat|nested] 8+ messages in thread

* Re: [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs
  2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
                   ` (5 preceding siblings ...)
  2020-10-19 11:50 ` [PATCH net 6/6] chelsio/chtls: fix writing freed memory Vinay Kumar Yadav
@ 2020-10-21  1:20 ` Jakub Kicinski
  6 siblings, 0 replies; 8+ messages in thread
From: Jakub Kicinski @ 2020-10-21  1:20 UTC (permalink / raw)
  To: Vinay Kumar Yadav; +Cc: netdev, davem, secdev

On Mon, 19 Oct 2020 17:20:19 +0530 Vinay Kumar Yadav wrote:
> This series of patches fix following bugs in chelsio inline tls driver.
> 
> Patch1: Fix incorrect socket lock.
> Patch2: correct netdevice for vlan interface.
> Patch3: Fix panic when server is listening on ipv6.
> Patch4: Fix panic when listen on multiadapter.
> Patch5: correct function return and return type.
> Patch6: Fix writing freed memory.

Applied, thanks.

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2020-10-21  1:20 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-19 11:50 [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 1/6] chelsio/chtls: fix socket lock Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 2/6] chelsio/chtls: correct netdevice for vlan interface Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 3/6] chelsio/chtls: fix panic when server is on ipv6 Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 4/6] chelsio/chtls: Fix panic when listen on multiadapter Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 5/6] chelsio/chtls: correct function return and return type Vinay Kumar Yadav
2020-10-19 11:50 ` [PATCH net 6/6] chelsio/chtls: fix writing freed memory Vinay Kumar Yadav
2020-10-21  1:20 ` [PATCH net 0/6] chelsio/chtls: Fix inline tls bugs Jakub Kicinski

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).