netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH net v2] tls: Skip tls_append_frag on zero copy size
@ 2022-04-26 15:49 Maxim Mikityanskiy
  2022-04-26 18:24 ` Jakub Kicinski
  2022-04-27 22:40 ` patchwork-bot+netdevbpf
  0 siblings, 2 replies; 3+ messages in thread
From: Maxim Mikityanskiy @ 2022-04-26 15:49 UTC (permalink / raw)
  To: Boris Pismenny, John Fastabend, Daniel Borkmann, Jakub Kicinski
  Cc: David S. Miller, Paolo Abeni, Tariq Toukan, Aviad Yehezkel,
	netdev, Maxim Mikityanskiy

Calling tls_append_frag when max_open_record_len == record->len might
add an empty fragment to the TLS record if the call happens to be on the
page boundary. Normally tls_append_frag coalesces the zero-sized
fragment to the previous one, but not if it's on page boundary.

If a resync happens then, the mlx5 driver posts dump WQEs in
tx_post_resync_dump, and the empty fragment may become a data segment
with byte_count == 0, which will confuse the NIC and lead to a CQE
error.

This commit fixes the described issue by skipping tls_append_frag on
zero size to avoid adding empty fragments. The fix is not in the driver,
because an empty fragment is hardly the desired behavior.

Fixes: e8f69799810c ("net/tls: Add generic NIC offload infrastructure")
Signed-off-by: Maxim Mikityanskiy <maximmi@nvidia.com>
Reviewed-by: Tariq Toukan <tariqt@nvidia.com>
---
 net/tls/tls_device.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index 12f7b56771d9..af875ad4a822 100644
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -483,11 +483,13 @@ static int tls_push_data(struct sock *sk,
 		copy = min_t(size_t, size, (pfrag->size - pfrag->offset));
 		copy = min_t(size_t, copy, (max_open_record_len - record->len));
 
-		rc = tls_device_copy_data(page_address(pfrag->page) +
-					  pfrag->offset, copy, msg_iter);
-		if (rc)
-			goto handle_error;
-		tls_append_frag(record, pfrag, copy);
+		if (copy) {
+			rc = tls_device_copy_data(page_address(pfrag->page) +
+						  pfrag->offset, copy, msg_iter);
+			if (rc)
+				goto handle_error;
+			tls_append_frag(record, pfrag, copy);
+		}
 
 		size -= copy;
 		if (!size) {
-- 
2.25.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH net v2] tls: Skip tls_append_frag on zero copy size
  2022-04-26 15:49 [PATCH net v2] tls: Skip tls_append_frag on zero copy size Maxim Mikityanskiy
@ 2022-04-26 18:24 ` Jakub Kicinski
  2022-04-27 22:40 ` patchwork-bot+netdevbpf
  1 sibling, 0 replies; 3+ messages in thread
From: Jakub Kicinski @ 2022-04-26 18:24 UTC (permalink / raw)
  To: Maxim Mikityanskiy
  Cc: Boris Pismenny, John Fastabend, Daniel Borkmann, David S. Miller,
	Paolo Abeni, Tariq Toukan, Aviad Yehezkel, netdev

On Tue, 26 Apr 2022 18:49:49 +0300 Maxim Mikityanskiy wrote:
> Calling tls_append_frag when max_open_record_len == record->len might
> add an empty fragment to the TLS record if the call happens to be on the
> page boundary. Normally tls_append_frag coalesces the zero-sized
> fragment to the previous one, but not if it's on page boundary.
> 
> If a resync happens then, the mlx5 driver posts dump WQEs in
> tx_post_resync_dump, and the empty fragment may become a data segment
> with byte_count == 0, which will confuse the NIC and lead to a CQE
> error.
> 
> This commit fixes the described issue by skipping tls_append_frag on
> zero size to avoid adding empty fragments. The fix is not in the driver,
> because an empty fragment is hardly the desired behavior.
> 
> Fixes: e8f69799810c ("net/tls: Add generic NIC offload infrastructure")
> Signed-off-by: Maxim Mikityanskiy <maximmi@nvidia.com>
> Reviewed-by: Tariq Toukan <tariqt@nvidia.com>

Acked-by: Jakub Kicinski <kuba@kernel.org>

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH net v2] tls: Skip tls_append_frag on zero copy size
  2022-04-26 15:49 [PATCH net v2] tls: Skip tls_append_frag on zero copy size Maxim Mikityanskiy
  2022-04-26 18:24 ` Jakub Kicinski
@ 2022-04-27 22:40 ` patchwork-bot+netdevbpf
  1 sibling, 0 replies; 3+ messages in thread
From: patchwork-bot+netdevbpf @ 2022-04-27 22:40 UTC (permalink / raw)
  To: Maxim Mikityanskiy
  Cc: borisp, john.fastabend, daniel, kuba, davem, pabeni, tariqt,
	aviadye, netdev

Hello:

This patch was applied to netdev/net.git (master)
by Jakub Kicinski <kuba@kernel.org>:

On Tue, 26 Apr 2022 18:49:49 +0300 you wrote:
> Calling tls_append_frag when max_open_record_len == record->len might
> add an empty fragment to the TLS record if the call happens to be on the
> page boundary. Normally tls_append_frag coalesces the zero-sized
> fragment to the previous one, but not if it's on page boundary.
> 
> If a resync happens then, the mlx5 driver posts dump WQEs in
> tx_post_resync_dump, and the empty fragment may become a data segment
> with byte_count == 0, which will confuse the NIC and lead to a CQE
> error.
> 
> [...]

Here is the summary with links:
  - [net,v2] tls: Skip tls_append_frag on zero copy size
    https://git.kernel.org/netdev/net/c/a0df71948e95

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html



^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-04-27 22:40 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-26 15:49 [PATCH net v2] tls: Skip tls_append_frag on zero copy size Maxim Mikityanskiy
2022-04-26 18:24 ` Jakub Kicinski
2022-04-27 22:40 ` patchwork-bot+netdevbpf

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).