From: Krishnamraju Eraparaju <krishna2@chelsio.com>
To: Doug Ledford <dledford@redhat.com>
Cc: jgg@ziepe.ca, bmt@zurich.ibm.com, linux-rdma@vger.kernel.org,
bharat@chelsio.com, nirranjan@chelsio.com
Subject: Re: [PATCH for-rc] siw: MPA Reply handler tries to read beyond MPA message
Date: Thu, 1 Aug 2019 17:04:23 +0530 [thread overview]
Message-ID: <20190801113421.GA3145@chelsio.com> (raw)
In-Reply-To: <b5c1a7d76e4aaf89063c56f1437fa803e3d7ea45.camel@redhat.com>
On Wednesday, July 07/31/19, 2019 at 15:17:40 -0400, Doug Ledford wrote:
> On Wed, 2019-07-31 at 16:03 +0530, Krishnamraju Eraparaju wrote:
> > while processing MPA Reply, SIW driver is trying to read extra 4 bytes
> > than what peer has advertised as private data length.
> >
> > If a FPDU data is received before even siw_recv_mpa_rr() completed
> > reading MPA reply, then ksock_recv() in siw_recv_mpa_rr() could also
> > read FPDU, if "size" is larger than advertised MPA reply length.
> >
> > 501 static int siw_recv_mpa_rr(struct siw_cep *cep)
> > 502 {
> > .............
> > 572
> > 573 if (rcvd > to_rcv)
> > 574 return -EPROTO; <----- Failure here
> >
> > Looks like the intention here is to throw an ERROR if the received
> > data
> > is more than the total private data length advertised by the peer. But
> > reading beyond MPA message causes siw_cm to generate
> > RDMA_CM_EVENT_CONNECT_ERROR event when TCP socket recv buffer is
> > already
> > queued with FPDU messages.
> >
> > Hence, this function should only read upto private data length.
> >
> > Signed-off-by: Krishnamraju Eraparaju <krishna2@chelsio.com>
>
> Once you apply this patch, the if (rcvd > to_rcv) test you listed above
> in the commit message becomes dead code. So I removed it while applying
> the patch. Thanks.
>
Thanks Doug.
> --
> Doug Ledford <dledford@redhat.com>
> GPG KeyID: B826A3330E572FDD
> Fingerprint = AE6B 1BDA 122B 23B4 265B 1274 B826 A333 0E57 2FDD
next prev parent reply other threads:[~2019-08-01 11:34 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-31 10:33 [PATCH for-rc] siw: MPA Reply handler tries to read beyond MPA message Krishnamraju Eraparaju
2019-07-31 19:17 ` Doug Ledford
2019-08-01 11:34 ` Krishnamraju Eraparaju [this message]
2019-08-01 10:56 ` Bernard Metzler
2019-08-01 15:36 ` Doug Ledford
2019-08-01 18:53 ` Tom Talpey
2019-08-02 11:18 ` Bernard Metzler
2019-08-02 12:47 ` Tom Talpey
[not found] ` <20190805172605.GA5549@chelsio.com>
2019-08-08 15:05 ` Bernard Metzler
2019-08-08 16:46 ` Krishnamraju Eraparaju
2019-08-09 10:29 ` Bernard Metzler
2019-08-09 12:27 ` Tom Talpey
2019-08-09 13:52 ` Bernard Metzler
2019-08-09 20:35 ` Tom Talpey
2019-08-12 9:58 ` Krishnamraju Eraparaju
2019-08-12 12:56 ` Bernard Metzler
2019-08-13 8:05 ` Krishnamraju Eraparaju
2019-08-09 12:32 ` Tom Talpey
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190801113421.GA3145@chelsio.com \
--to=krishna2@chelsio.com \
--cc=bharat@chelsio.com \
--cc=bmt@zurich.ibm.com \
--cc=dledford@redhat.com \
--cc=jgg@ziepe.ca \
--cc=linux-rdma@vger.kernel.org \
--cc=nirranjan@chelsio.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.