lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 07 Aug 2020 14:27:48 +0200 From: Rouven Czerwinski <r.czerwinski@...gutronix.de> To: Jakub Kicinski <kuba@...nel.org>, Pooja Trivedi <poojatrivedi@...il.com> Cc: Aviad Yehezkel <aviadye@...lanox.com>, Boris Pismenny <borisp@...lanox.com>, Daniel Borkmann <daniel@...earbox.net>, netdev@...r.kernel.org, John Fastabend <john.fastabend@...il.com>, linux-kernel@...r.kernel.org, kernel@...gutronix.de, "David S. Miller" <davem@...emloft.net> Subject: Re: [PATCH v2 net-next] net/tls: allow MSG_CMSG_COMPAT in sendmsg On Fri, 2020-08-07 at 10:26 +0200, Rouven Czerwinski wrote: > On Thu, 2020-08-06 at 11:46 -0700, Jakub Kicinski wrote: > > On Thu, 6 Aug 2020 08:49:06 +0200 Rouven Czerwinski wrote: > > > Trying to use ktls on a system with 32-bit userspace and 64-bit > > > kernel > > > results in a EOPNOTSUPP message during sendmsg: > > > > > > setsockopt(3, SOL_TLS, TLS_TX, …, 40) = 0 > > > sendmsg(3, …, msg_flags=0}, 0) = -1 EOPNOTSUPP (Operation not > > > supported) > > > > > > The tls_sw implementation does strict flag checking and does not > > > allow > > > the MSG_CMSG_COMPAT flag, which is set if the message comes in > > > through > > > the compat syscall. > > > > > > This patch adds MSG_CMSG_COMPAT to the flag check to allow the > > > usage of > > > the TLS SW implementation on systems using the compat syscall > > > path. > > > > > > Note that the same check is present in the sendmsg path for the > > > TLS > > > device implementation, however the flag hasn't been added there > > > for > > > lack > > > of testing hardware. > > > > > > Signed-off-by: Rouven Czerwinski <r.czerwinski@...gutronix.de> > > > > I don't know much about the compat stuff, I trust our cmsg handling > > is > > fine? > > > > Just to be sure - did you run tools/testing/selftests/net/tls ? > > After some pains to get this to correctly compile I have two failing > tests, both for multi_chunk_sendfile: > > root@192:~ /usr/lib/kselftest/net/tls > [==========] Running 93 tests from 4 test cases. > … > [ RUN ] tls.12.multi_chunk_sendfile > multi_chunk_sendfile: Test terminated by timeout > [ FAIL ] tls.12.multi_chunk_sendfile > … > [ RUN ] tls.13.multi_chunk_sendfile > multi_chunk_sendfile: Test terminated by timeout > [ FAIL ] tls.13.multi_chunk_sendfile > … > [==========] 91 / 93 tests passed. > [ FAILED ] I just tested on my x86_64 workstation and these specific tests fail there too, do they only work on 5.8? They were added in 5.8, but I am running 5.7.11 here. It looks like these failures are not MSG_CMSG_COMPAT related. Pooja Trivedi do you have an idea? Regards, Rouven
Powered by blists - more mailing lists