lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240812162329.7224eb26@kernel.org>
Date: Mon, 12 Aug 2024 16:23:29 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Sagi Grimberg <sagi@...mberg.me>
Cc: Christoph Hellwig <hch@....de>, Tariq Toukan <ttoukan.linux@...il.com>,
 Anna Schumaker <Anna.Schumaker@...app.com>, Trond Myklebust
 <trondmy@...nel.org>, linux-nfs@...r.kernel.org, Boris Pismenny
 <borisp@...dia.com>, John Fastabend <john.fastabend@...il.com>, Maxim
 Mikityanskiy <maxtram95@...il.com>, Saeed Mahameed <saeedm@...dia.com>, Gal
 Pressman <gal@...dia.com>, Networking <netdev@...r.kernel.org>, Paolo Abeni
 <pabeni@...hat.com>, Eric Dumazet <edumazet@...gle.com>, "David S. Miller"
 <davem@...emloft.net>, Linux Kernel Mailing List
 <linux-kernel@...r.kernel.org>, Leon Romanovsky <leon@...nel.org>, Tariq
 Toukan <tariqt@...dia.com>
Subject: Re: [Bug report] NFS patch breaks TLS device-offloaded TX zerocopy

On Mon, 12 Aug 2024 12:13:51 +0300 Sagi Grimberg wrote:
> On 12/08/2024 12:02, Christoph Hellwig wrote:
> > On Tue, Aug 06, 2024 at 01:07:47PM +0300, Tariq Toukan wrote:  
> >> Adding Maxim Mikityanskiy, he might have some insights.  
> > I think the important part to find out is if the in-kernel TLS API
> > has a limitation to PAGE_SIZE buffer segments, or not.  
> 
> I don't see why it should. Also note that sw tls does not suffer from
> this. Maybe Jakub can add more light here in case something was missed?

I don't recall anything special. For SW crypto the splice is kinda moot,
because we encrypt and use the ciphertext so the plaintext pages are
likely to be freed before sendmsg() returns. For offload we wait until
the data is acked (not just sent) so any potential race window is
significantly longer. There's also the use of pfrag in the offload path.
Dunno..

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ