From: Sabrina Dubroca <sd@queasysnail.net>
To: netdev@vger.kernel.org
Cc: Sabrina Dubroca <sd@queasysnail.net>,
Gaurav Jain <gaurav.jain@nxp.com>,
Simon Horman <horms@kernel.org>,
Boris Pismenny <borisp@nvidia.com>,
John Fastabend <john.fastabend@gmail.com>,
Jakub Kicinski <kuba@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Paolo Abeni <pabeni@redhat.com>
Subject: [PATCH net 2/4] tls: adjust recv return with async crypto and failed copy to userspace
Date: Mon, 25 Mar 2024 16:56:46 +0100 [thread overview]
Message-ID: <1b5a1eaab3c088a9dd5d9f1059ceecd7afe888d1.1711120964.git.sd@queasysnail.net> (raw)
In-Reply-To: <cover.1711120964.git.sd@queasysnail.net>
process_rx_list may not copy as many bytes as we want to the userspace
buffer, for example in case we hit an EFAULT during the copy. If this
happens, we should only count the bytes that were actually copied,
which may be 0.
Subtracting async_copy_bytes is correct in both peek and !peek cases,
because decrypted == async_copy_bytes + peeked for the peek case: peek
is always !ZC, and we can go through either the sync or async path. In
the async case, we add chunk to both decrypted and
async_copy_bytes. In the sync case, we add chunk to both decrypted and
peeked. I missed that in commit 6caaf104423d ("tls: fix peeking with
sync+async decryption").
Fixes: 4d42cd6bc2ac ("tls: rx: fix return value for async crypto")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
---
I'll send a patch removing the peeked variable and simplifying the
process_rx_list call for net-next after this series lands there
net/tls/tls_sw.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 3cdc6bc9fba6..14faf6189eb1 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -2158,6 +2158,9 @@ int tls_sw_recvmsg(struct sock *sk,
else
err = process_rx_list(ctx, msg, &control, 0,
async_copy_bytes, is_peek, NULL);
+
+ /* we could have copied less than we wanted, and possibly nothing */
+ decrypted += max(err, 0) - async_copy_bytes;
}
copied += decrypted;
--
2.43.0
next prev parent reply other threads:[~2024-03-25 15:56 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-25 15:56 [PATCH net 0/4] tls: recvmsg fixes Sabrina Dubroca
2024-03-25 15:56 ` [PATCH net 1/4] tls: recv: process_rx_list shouldn't use an offset with kvec Sabrina Dubroca
2024-03-26 11:58 ` Simon Horman
2024-03-25 15:56 ` Sabrina Dubroca [this message]
2024-03-26 11:59 ` [PATCH net 2/4] tls: adjust recv return with async crypto and failed copy to userspace Simon Horman
2024-03-25 15:56 ` [PATCH net 3/4] selftests: tls: add test with a partially invalid iov Sabrina Dubroca
2024-03-26 11:59 ` Simon Horman
2024-03-25 15:56 ` [PATCH net 4/4] tls: get psock ref after taking rxlock to avoid leak Sabrina Dubroca
2024-03-26 11:59 ` Simon Horman
2024-03-27 4:09 ` [PATCH net 0/4] tls: recvmsg fixes patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1b5a1eaab3c088a9dd5d9f1059ceecd7afe888d1.1711120964.git.sd@queasysnail.net \
--to=sd@queasysnail.net \
--cc=borisp@nvidia.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=gaurav.jain@nxp.com \
--cc=horms@kernel.org \
--cc=john.fastabend@gmail.com \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.