mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-08 01:29:02 +00:00
Code Issues Releases Wiki Activity
linux-stable/net/tls
History
Jakub Kicinski 581e37ad5c tls: prevent oversized sendfile() hangs by ignoring MSG_MORE 
[ Upstream commit d452d48b9f ]

We got multiple reports that multi_chunk_sendfile test
case from tls selftest fails. This was sort of expected,
as the original fix was never applied (see it in the first
Link:). The test in question uses sendfile() with count
larger than the size of the underlying file. This will
make splice set MSG_MORE on all sendpage calls, meaning
TLS will never close and flush the last partial record.

Eric seem to have addressed a similar problem in
commit 35f9c09fe9 ("tcp: tcp_sendpages() should call tcp_push() once")
by introducing MSG_SENDPAGE_NOTLAST. Unlike MSG_MORE
MSG_SENDPAGE_NOTLAST is not set on the last call
of a "pipefull" of data (PIPE_DEF_BUFFERS == 16,
so every 16 pages or whenever we run out of data).

Having a break every 16 pages should be fine, TLS
can pack exactly 4 pages into a record, so for
aligned reads there should be no difference,
unaligned may see one extra record per sendpage().

Sticking to TCP semantics seems preferable to modifying
splice, but we can revisit it if real life scenarios
show a regression.

Reported-by: Vadim Fedorenko <vfedorenko@novek.ru>
Reported-by: Seth Forshee <seth.forshee@canonical.com>
Link: https://lore.kernel.org/netdev/1591392508-14592-1-git-send-email-pooja.trivedi@stackpath.com/
Fixes: 3c4d755915 ("tls: kernel TLS support")
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Tested-by: Seth Forshee <seth.forshee@canonical.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-07-14 16:56:24 +02:00
..
Kconfig treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
Makefile net/tls: add skeleton of MIB statistics 2019-10-05 16:29:00 -07:00
tls_device.c net/tls: Fix use-after-free after the TLS device goes down and up 2021-06-10 13:39:18 +02:00
tls_device_fallback.c net/tls: Fix use-after-free after the TLS device goes down and up 2021-06-10 13:39:18 +02:00
tls_main.c net/tls: Fix use-after-free after the TLS device goes down and up 2021-06-10 13:39:18 +02:00
tls_proc.c net: fix proc_fs init handling in af_packet and tls 2021-02-23 15:53:23 +01:00
tls_sw.c tls: prevent oversized sendfile() hangs by ignoring MSG_MORE 2021-07-14 16:56:24 +02:00
tls_toe.c net/tls: rename tls_hw_* functions tls_toe_* 2019-10-04 14:07:07 -07:00
trace.c net/tls: add tracing for device/offload events 2019-10-05 16:29:00 -07:00
trace.h net/tls: add device decrypted trace point 2019-10-05 16:29:00 -07:00