| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <be4dfc12-5593-e93a-3f78-638ee8ea9ad8@samba.org>
Date: Wed, 1 Feb 2023 15:05:06 +0100
From: Stefan Metzmacher <metze@...ba.org>
To: David Howells <dhowells@...hat.com>,
Steve French <smfrench@...il.com>
Cc: Al Viro <viro@...iv.linux.org.uk>,
Shyam Prasad N <nspmangalore@...il.com>,
Rohith Surabattula <rohiths.msft@...il.com>,
Tom Talpey <tom@...pey.com>,
Christoph Hellwig <hch@...radead.org>,
Matthew Wilcox <willy@...radead.org>,
Jeff Layton <jlayton@...nel.org>, linux-cifs@...r.kernel.org,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
Long Li <longli@...rosoft.com>,
Namjae Jeon <linkinjeon@...nel.org>
Subject: Re: [PATCH 11/12] cifs: Fix problem with encrypted RDMA data read
Am 31.01.23 um 19:28 schrieb David Howells:
> When the cifs client is talking to the ksmbd server by RDMA and the ksmbd
> server has "smb3 encryption = yes" in its config file, the normal PDU
> stream is encrypted, but the directly-delivered data isn't in the stream
> (and isn't encrypted), but is rather delivered by DDP/RDMA packets (at
> least with IWarp).
>
> Currently, the direct delivery fails with:
>
> buf can not contain only a part of read data
> WARNING: CPU: 0 PID: 4619 at fs/cifs/smb2ops.c:4731 handle_read_data+0x393/0x405
> ...
> RIP: 0010:handle_read_data+0x393/0x405
> ...
> smb3_handle_read_data+0x30/0x37
> receive_encrypted_standard+0x141/0x224
> cifs_demultiplex_thread+0x21a/0x63b
> kthread+0xe7/0xef
> ret_from_fork+0x22/0x30
>
> The problem apparently stemming from the fact that it's trying to manage
> the decryption, but the data isn't in the smallbuf, the bigbuf or the page
> array).
>
> This can be fixed simply by inserting an extra case into handle_read_data()
> that checks to see if use_rdma_mr is true, and if it is, just setting
> rdata->got_bytes to the length of data delivered and allowing normal
> continuation.
>
> This can be seen in an IWarp packet trace. With the upstream code, it does
> a DDP/RDMA packet, which produces the warning above and then retries,
> retrieving the data inline, spread across several SMBDirect messages that
> get glued together into a single PDU. With the patch applied, only the
> DDP/RDMA packet is seen.
>
> Note that this doesn't happen if the server isn't told to encrypt stuff and
> it does also happen with softRoCE.
>
> Signed-off-by: David Howells <dhowells@...hat.com>
> cc: Steve French <smfrench@...il.com>
> cc: Tom Talpey <tom@...pey.com>
> cc: Long Li <longli@...rosoft.com>
> cc: Namjae Jeon <linkinjeon@...nel.org>
> cc: Stefan Metzmacher <metze@...ba.org>
> cc: linux-cifs@...r.kernel.org
>
> Link: https://lore.kernel.org/r/166855224228.1998592.2212551359609792175.stgit@warthog.procyon.org.uk/ # v1
> ---
> fs/cifs/smb2ops.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
> index cea578a45ed8..73b66ac86abf 100644
> --- a/fs/cifs/smb2ops.c
> +++ b/fs/cifs/smb2ops.c
> @@ -4733,6 +4733,9 @@ handle_read_data(struct TCP_Server_Info *server, struct mid_q_entry *mid,
> if (length < 0)
> return length;
> rdata->got_bytes = data_len;
> + } else if (use_rdma_mr) {
> + /* The data was delivered directly by RDMA. */
> + rdata->got_bytes = data_len;
I actually don't understand why this would only be a problem with encryption.
I guess there's much more needed and data_offset should most likely be
ignored completely in the rdma offload case. So I'd guess its just luck
that we don't trigger the below warning/error more often.
> } else {
> /* read response payload cannot be in both buf and pages */
> WARN_ONCE(1, "buf can not contain only a part of read data");
>
Powered by blists - more mailing lists