From: Sabrina Dubroca <sd@queasysnail.net>
To: Jakub Kicinski <kuba@kernel.org>
Cc: davem@davemloft.net, netdev@vger.kernel.org, edumazet@google.com,
pabeni@redhat.com, andrew+netdev@lunn.ch, horms@kernel.org,
borisp@nvidia.com, john.fastabend@gmail.com,
syzbot+b4cd76826045a1eb93c1@syzkaller.appspotmail.com
Subject: Re: [PATCH net 1/2] net: tls: explicitly disallow disconnect
Date: Mon, 7 Apr 2025 15:02:58 +0200 [thread overview]
Message-ID: <Z_PNAl-kLE4ExJ8Q@krikkit> (raw)
In-Reply-To: <20250404180334.3224206-1-kuba@kernel.org>
2025-04-04, 11:03:33 -0700, Jakub Kicinski wrote:
> syzbot discovered that it can disconnect a TLS socket and then
> run into all sort of unexpected corner cases. I have a vague
> recollection of Eric pointing this out to us a long time ago.
> Supporting disconnect is really hard, for one thing if offload
> is enabled we'd need to wait for all packets to be _acked_.
> Disconnect is not commonly used, disallow it.
>
> The immediate problem syzbot run into is the warning in the strp,
> but that's just the easiest bug to trigger:
>
> WARNING: CPU: 0 PID: 5834 at net/tls/tls_strp.c:486 tls_strp_msg_load+0x72e/0xa80 net/tls/tls_strp.c:486
> RIP: 0010:tls_strp_msg_load+0x72e/0xa80 net/tls/tls_strp.c:486
> Call Trace:
> <TASK>
> tls_rx_rec_wait+0x280/0xa60 net/tls/tls_sw.c:1363
> tls_sw_recvmsg+0x85c/0x1c30 net/tls/tls_sw.c:2043
> inet6_recvmsg+0x2c9/0x730 net/ipv6/af_inet6.c:678
> sock_recvmsg_nosec net/socket.c:1023 [inline]
> sock_recvmsg+0x109/0x280 net/socket.c:1045
> __sys_recvfrom+0x202/0x380 net/socket.c:2237
>
> Fixes: 3c4d7559159b ("tls: kernel TLS support")
> Reported-by: syzbot+b4cd76826045a1eb93c1@syzkaller.appspotmail.com
> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Reviewed-by: Sabrina Dubroca <sd@queasysnail.net>
(hopefully nobody complains about this. but since it was broken
anyway...)
--
Sabrina
next prev parent reply other threads:[~2025-04-07 13:03 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-04 18:03 [PATCH net 1/2] net: tls: explicitly disallow disconnect Jakub Kicinski
2025-04-04 18:03 ` [PATCH net 2/2] selftests: tls: check that disconnect does nothing Jakub Kicinski
2025-04-07 13:07 ` Sabrina Dubroca
2025-04-04 18:12 ` [PATCH net 1/2] net: tls: explicitly disallow disconnect Eric Dumazet
2025-04-07 13:02 ` Sabrina Dubroca [this message]
2025-04-08 9:50 ` patchwork-bot+netdevbpf
2025-04-15 3:16 ` Ihor Solodrai
2025-04-15 8:24 ` Paolo Abeni
2025-04-15 10:43 ` Jiayuan Chen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z_PNAl-kLE4ExJ8Q@krikkit \
--to=sd@queasysnail.net \
--cc=andrew+netdev@lunn.ch \
--cc=borisp@nvidia.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=horms@kernel.org \
--cc=john.fastabend@gmail.com \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=syzbot+b4cd76826045a1eb93c1@syzkaller.appspotmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.