Skip to content

Commit

Permalink
Merge branch 'net-tls-fix-encryption-error-path'
Browse files Browse the repository at this point in the history 
Vadim Fedorenko says:

====================
net/tls: fix encryption error path

The problem with data stream corruption was found in KTLS
transmit path with small socket send buffers and large
amount of data. bpf_exec_tx_verdict() frees open record
on any type of error including EAGAIN, ENOMEM and ENOSPC
while callers are able to recover this transient errors.
Also wrong error code was returned to user space in that
case. This patchset fixes the problems.
====================

Acked-by: Jakub Kicinski <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
  • Loading branch information
@davem330
davem330 committed May 22, 2020
2 parents 04ba6b7 + 635d939 commit a553461
Showing 1 changed file with 10 additions and 7 deletions.
17 changes: 10 additions & 7 deletions net/tls/tls_sw.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -780,7 +780,7 @@ static int tls_push_record(struct sock *sk, int flags,

static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk,
bool full_record, u8 record_type,
size_t *copied, int flags)
ssize_t *copied, int flags)
{
struct tls_context *tls_ctx = tls_get_ctx(sk);
struct tls_sw_context_tx *ctx = tls_sw_ctx_tx(tls_ctx);
Expand All @@ -796,9 +796,10 @@ static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk,
psock = sk_psock_get(sk);
if (!psock || !policy) {
err = tls_push_record(sk, flags, record_type);
if (err && err != -EINPROGRESS) {
if (err && sk->sk_err == EBADMSG) {
*copied -= sk_msg_free(sk, msg);
tls_free_open_rec(sk);
err = -sk->sk_err;
}
if (psock)
sk_psock_put(sk, psock);
Expand All @@ -824,9 +825,10 @@ static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk,
switch (psock->eval) {
case __SK_PASS:
err = tls_push_record(sk, flags, record_type);
if (err && err != -EINPROGRESS) {
if (err && sk->sk_err == EBADMSG) {
*copied -= sk_msg_free(sk, msg);
tls_free_open_rec(sk);
err = -sk->sk_err;
goto out_err;
}
break;
Expand Down Expand Up @@ -916,7 +918,8 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
unsigned char record_type = TLS_RECORD_TYPE_DATA;
bool is_kvec = iov_iter_is_kvec(&msg->msg_iter);
bool eor = !(msg->msg_flags & MSG_MORE);
size_t try_to_copy, copied = 0;
size_t try_to_copy;
ssize_t copied = 0;
struct sk_msg *msg_pl, *msg_en;
struct tls_rec *rec;
int required_size;
Expand Down Expand Up @@ -1118,7 +1121,7 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)

release_sock(sk);
mutex_unlock(&tls_ctx->tx_lock);
return copied ? copied : ret;
return copied > 0 ? copied : ret;
}

static int tls_sw_do_sendpage(struct sock *sk, struct page *page,
Expand All @@ -1132,7 +1135,7 @@ static int tls_sw_do_sendpage(struct sock *sk, struct page *page,
struct sk_msg *msg_pl;
struct tls_rec *rec;
int num_async = 0;
size_t copied = 0;
ssize_t copied = 0;
bool full_record;
int record_room;
int ret = 0;
Expand Down Expand Up @@ -1234,7 +1237,7 @@ static int tls_sw_do_sendpage(struct sock *sk, struct page *page,
}
sendpage_end:
ret = sk_stream_error(sk, flags, ret);
return copied ? copied : ret;
return copied > 0 ? copied : ret;
}

int tls_sw_sendpage_locked(struct sock *sk, struct page *page,
Expand Down

0 comments on commit a553461

Please sign in to comment.