lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <165030068031.5246.6914334811243049065.stgit@oracle-102.nfsv4.dev> Date: Mon, 18 Apr 2022 12:51:20 -0400 From: Chuck Lever <chuck.lever@...cle.com> To: netdev@...r.kernel.org, linux-nfs@...r.kernel.org, linux-nvme@...ts.infradead.org, linux-cifs@...r.kernel.org, linux-fsdevel@...r.kernel.org Cc: ak@...pesta-tech.com, borisp@...dia.com, simo@...hat.com Subject: [PATCH RFC 02/15] SUNRPC: Ignore data_ready callbacks during TLS handshakes The RPC header parser doesn't recognize TLS handshake traffic, so it will close the connection prematurely. To avoid that, shunt the transport's data_ready callback when there is a TLS handshake in progress. The ignore_dr boolean will be toggled by code added in a subsequent patch. Signed-off-by: Chuck Lever <chuck.lever@...cle.com> --- include/linux/sunrpc/xprtsock.h | 1 + net/sunrpc/xprtsock.c | 7 +++++++ 2 files changed, 8 insertions(+) diff --git a/include/linux/sunrpc/xprtsock.h b/include/linux/sunrpc/xprtsock.h index 38284f25eddf..426c3bd516fe 100644 --- a/include/linux/sunrpc/xprtsock.h +++ b/include/linux/sunrpc/xprtsock.h @@ -40,6 +40,7 @@ struct sock_xprt { len; unsigned long copied; + bool ignore_dr; } recv; /* diff --git a/net/sunrpc/xprtsock.c b/net/sunrpc/xprtsock.c index e62d339ba589..b5bc03c52b9b 100644 --- a/net/sunrpc/xprtsock.c +++ b/net/sunrpc/xprtsock.c @@ -703,6 +703,8 @@ static void xs_poll_check_readable(struct sock_xprt *transport) { clear_bit(XPRT_SOCK_DATA_READY, &transport->sock_state); + if (transport->recv.ignore_dr) + return; if (!xs_poll_socket_readable(transport)) return; if (!test_and_set_bit(XPRT_SOCK_DATA_READY, &transport->sock_state)) @@ -1394,6 +1396,10 @@ static void xs_data_ready(struct sock *sk) trace_xs_data_ready(xprt); transport->old_data_ready(sk); + + if (transport->recv.ignore_dr) + return; + /* Any data means we had a useful conversation, so * then we don't need to delay the next reconnect */ @@ -2779,6 +2785,7 @@ static struct rpc_xprt *xs_setup_xprt(struct xprt_create *args, } new = container_of(xprt, struct sock_xprt, xprt); + new->recv.ignore_dr = false; mutex_init(&new->recv_mutex); memcpy(&xprt->addr, args->dstaddr, args->addrlen); xprt->addrlen = args->addrlen;
Powered by blists - more mailing lists