[net,2/2] tls: fix waitall behavior in tls_sw_recvmsg

Message ID	20180615010746.3099-3-daniel@iogearbox.net
State	Accepted, archived
Delegated to:	David Miller
Headers	show Return-Path: <netdev-owner@vger.kernel.org> From: Daniel Borkmann <daniel@iogearbox.net> To: davem@davemloft.net Cc: davejwatson@fb.com, netdev@vger.kernel.org, Daniel Borkmann <daniel@iogearbox.net> Subject: [PATCH net 2/2] tls: fix waitall behavior in tls_sw_recvmsg Date: Fri, 15 Jun 2018 03:07:46 +0200 Message-Id: <20180615010746.3099-3-daniel@iogearbox.net> In-Reply-To: <20180615010746.3099-1-daniel@iogearbox.net> References: <20180615010746.3099-1-daniel@iogearbox.net> Sender: netdev-owner@vger.kernel.org Precedence: bulk
Series	Two tls fixes \| expand [net,0/2] Two tls fixes [net,1/2] tls: fix use-after-free in tls_push_record [net,2/2] tls: fix waitall behavior in tls_sw_recvmsg

Message ID

20180615010746.3099-3-daniel@iogearbox.net

State

Accepted, archived

Delegated to:

David Miller

Headers

From: Daniel Borkmann <daniel@iogearbox.net>
To: davem@davemloft.net
Cc: davejwatson@fb.com, netdev@vger.kernel.org,
	Daniel Borkmann <daniel@iogearbox.net>
Subject: [PATCH net 2/2] tls: fix waitall behavior in tls_sw_recvmsg
Date: Fri, 15 Jun 2018 03:07:46 +0200
Message-Id: <20180615010746.3099-3-daniel@iogearbox.net>
In-Reply-To: <20180615010746.3099-1-daniel@iogearbox.net>
References: <20180615010746.3099-1-daniel@iogearbox.net>
Sender: netdev-owner@vger.kernel.org
Precedence: bulk

Series

Two tls fixes | expand

Commit Message

Daniel Borkmann June 15, 2018, 1:07 a.m. UTC

Current behavior in tls_sw_recvmsg() is to wait for incoming tls
messages and copy up to exactly len bytes of data that the user
provided. This is problematic in the sense that i) if no packet
is currently queued in strparser we keep waiting until one has been
processed and pushed into tls receive layer for tls_wait_data() to
wake up and push the decrypted bits to user space. Given after
tls decryption, we're back at streaming data, use sock_rcvlowat()
hint from tcp socket instead. Retain current behavior with MSG_WAITALL
flag and otherwise use the hint target for breaking the loop and
returning to application. This is done if currently no ctx->recv_pkt
is ready, otherwise continue to process it from our strparser
backlog.

Fixes: c46234ebb4d1 ("tls: RX path for ktls")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Dave Watson <davejwatson@fb.com>
---
 net/tls/tls_sw.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 2945a3b..f127fac 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -754,7 +754,7 @@  int tls_sw_recvmsg(struct sock *sk,
 	struct sk_buff *skb;
 	ssize_t copied = 0;
 	bool cmsg = false;
-	int err = 0;
+	int target, err = 0;
 	long timeo;
 
 	flags |= nonblock;
@@ -764,6 +764,7 @@  int tls_sw_recvmsg(struct sock *sk,
 
 	lock_sock(sk);
 
+	target = sock_rcvlowat(sk, flags & MSG_WAITALL, len);
 	timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
 	do {
 		bool zc = false;
@@ -856,6 +857,9 @@  int tls_sw_recvmsg(struct sock *sk,
 					goto recv_end;
 			}
 		}
+		/* If we have a new message from strparser, continue now. */
+		if (copied >= target && !ctx->recv_pkt)
+			break;
 	} while (len);
 
 recv_end:

[net,2/2] tls: fix waitall behavior in tls_sw_recvmsg

Commit Message

Patch