| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <165030068031.5246.6914334811243049065.stgit@oracle-102.nfsv4.dev>
Date: Mon, 18 Apr 2022 12:51:20 -0400
From: Chuck Lever <chuck.lever@...cle.com>
To: netdev@...r.kernel.org, linux-nfs@...r.kernel.org,
linux-nvme@...ts.infradead.org, linux-cifs@...r.kernel.org,
linux-fsdevel@...r.kernel.org
Cc: ak@...pesta-tech.com, borisp@...dia.com, simo@...hat.com
Subject: [PATCH RFC 02/15] SUNRPC: Ignore data_ready callbacks during TLS
handshakes
The RPC header parser doesn't recognize TLS handshake traffic, so it
will close the connection prematurely. To avoid that, shunt the
transport's data_ready callback when there is a TLS handshake in
progress.
The ignore_dr boolean will be toggled by code added in a subsequent
patch.
Signed-off-by: Chuck Lever <chuck.lever@...cle.com>
---
include/linux/sunrpc/xprtsock.h | 1 +
net/sunrpc/xprtsock.c | 7 +++++++
2 files changed, 8 insertions(+)
diff --git a/include/linux/sunrpc/xprtsock.h b/include/linux/sunrpc/xprtsock.h
index 38284f25eddf..426c3bd516fe 100644
--- a/include/linux/sunrpc/xprtsock.h
+++ b/include/linux/sunrpc/xprtsock.h
@@ -40,6 +40,7 @@ struct sock_xprt {
len;
unsigned long copied;
+ bool ignore_dr;
} recv;
/*
diff --git a/net/sunrpc/xprtsock.c b/net/sunrpc/xprtsock.c
index e62d339ba589..b5bc03c52b9b 100644
--- a/net/sunrpc/xprtsock.c
+++ b/net/sunrpc/xprtsock.c
@@ -703,6 +703,8 @@ static void xs_poll_check_readable(struct sock_xprt *transport)
{
clear_bit(XPRT_SOCK_DATA_READY, &transport->sock_state);
+ if (transport->recv.ignore_dr)
+ return;
if (!xs_poll_socket_readable(transport))
return;
if (!test_and_set_bit(XPRT_SOCK_DATA_READY, &transport->sock_state))
@@ -1394,6 +1396,10 @@ static void xs_data_ready(struct sock *sk)
trace_xs_data_ready(xprt);
transport->old_data_ready(sk);
+
+ if (transport->recv.ignore_dr)
+ return;
+
/* Any data means we had a useful conversation, so
* then we don't need to delay the next reconnect
*/
@@ -2779,6 +2785,7 @@ static struct rpc_xprt *xs_setup_xprt(struct xprt_create *args,
}
new = container_of(xprt, struct sock_xprt, xprt);
+ new->recv.ignore_dr = false;
mutex_init(&new->recv_mutex);
memcpy(&xprt->addr, args->dstaddr, args->addrlen);
xprt->addrlen = args->addrlen;
Powered by blists - more mailing lists