[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240110220124.452746-1-john.fastabend@gmail.com>
Date: Wed, 10 Jan 2024 14:01:22 -0800
From: John Fastabend <john.fastabend@...il.com>
To: netdev@...r.kernel.org,
eadavis@...com,
kuba@...nel.org
Cc: john.fastabend@...il.com,
bpf@...r.kernel.org,
borisp@...dia.com
Subject: [PATCH net 0/2] tls fixes for SPLICE with more hint
Syzbot found a splat where it tried to splice data over a tls socket
with the more hint and sending greater than the number of frags that
fit in a msg scatterlist. This resulted in an error where we do not
correctly send the data when the msg sg is full. The more flag being
just a hint not a strict contract. This then results in the syzbot
warning on the next send.
Edward generated an initial patch for this which checked for a full
msg on entry to the sendmsg hook. This fixed the WARNING, but didn't
fully resolve the issue because the full msg_pl scatterlist was never
sent resulting in a stuck socket. In this series instead avoid the
situation by forcing the send on the splice that fills the scatterlist.
Also in original thread I mentioned it didn't seem to be enough to
simply fix the send on full sg problem. That was incorrect and was
really a bug in my test program that was hanging the test program.
I had setup a repair socket and wasn't handling it correctly so my
tester got stuck.
Thanks. Please review. Fix in patch 1 and test in patch 2.
John Fastabend (2):
net: tls, fix WARNIING in __sk_msg_free
net: tls, add test to capture error on large splice
net/tls/tls_sw.c | 6 +++++-
tools/testing/selftests/net/tls.c | 14 ++++++++++++++
2 files changed, 19 insertions(+), 1 deletion(-)
--
2.33.0
Powered by blists - more mailing lists