From: Sabrina Dubroca <sd@queasysnail.net>
To: Jakub Kicinski <kuba@kernel.org>
Cc: syzbot <syzbot+cca46a9d1276f38af2ae@syzkaller.appspotmail.com>,
davem@davemloft.net, edumazet@google.com, horms@kernel.org,
john.fastabend@gmail.com, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, pabeni@redhat.com,
syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [net?] WARNING in tls_err_abort
Date: Wed, 17 Jun 2026 12:00:31 +0200 [thread overview]
Message-ID: <ajJwP14SWmdwwFYg@krikkit> (raw)
In-Reply-To: <ajHENGWdBcbQUpWS@krikkit>
2026-06-16, 23:46:28 +0200, Sabrina Dubroca wrote:
> 2026-06-16, 14:23:59 -0700, Jakub Kicinski wrote:
> > On Tue, 16 Jun 2026 23:00:54 +0200 Sabrina Dubroca wrote:
> > > 2026-06-16, 08:28:16 -0700, Jakub Kicinski wrote:
> > > > On Tue, 16 Jun 2026 17:19:22 +0200 Sabrina Dubroca wrote:
> > > > Don't we depend on it being set
> > > > to avoid further state transitions once we hit a crypto error?
> > >
> > > I kind of thought so too.
> >
> > In which case the question is whether we should try to remove
> > the sock_error() instead? (stating the obvious I guess)
>
> That would make sense, but we can't prevent sock_error() being called
> from some helper.
Actually, getsockopt(SO_ERROR) will also clear sk_err. If we want to
prevent further state transitions, we'll have to use something else
(probably a flag in tls_context set by tls_err_abort()).
So I'd go with 2 separate patches. The 2nd one will be a change in
userspace-visible behavior, but hopefully not one they'd be upset
about.
--
Sabrina
prev parent reply other threads:[~2026-06-17 10:00 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-16 14:27 [syzbot] [net?] WARNING in tls_err_abort syzbot
2026-06-16 15:19 ` Sabrina Dubroca
2026-06-16 15:28 ` Jakub Kicinski
2026-06-16 21:00 ` Sabrina Dubroca
2026-06-16 21:23 ` Jakub Kicinski
2026-06-16 21:46 ` Sabrina Dubroca
2026-06-17 10:00 ` Sabrina Dubroca [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ajJwP14SWmdwwFYg@krikkit \
--to=sd@queasysnail.net \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=horms@kernel.org \
--cc=john.fastabend@gmail.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=syzbot+cca46a9d1276f38af2ae@syzkaller.appspotmail.com \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.