From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 09753C0015E for ; Fri, 4 Aug 2023 03:12:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 86F612802C0; Thu, 3 Aug 2023 23:12:17 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 8465A2802BC; Thu, 3 Aug 2023 23:12:17 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 736B32802C0; Thu, 3 Aug 2023 23:12:17 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 656572802BC for ; Thu, 3 Aug 2023 23:12:17 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 2DBB080276 for ; Fri, 4 Aug 2023 03:12:17 +0000 (UTC) X-FDA: 81084948714.13.5A3E5ED Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf27.hostedemail.com (Postfix) with ESMTP id 8FD0840008 for ; Fri, 4 Aug 2023 03:12:15 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=R0WGwn2s; dmarc=pass (policy=none) header.from=kernel.org; spf=pass (imf27.hostedemail.com: domain of kuba@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=kuba@kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1691118735; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=JRNDrr8Q5XicQAEnr/UMUDvJf9uks/FyRXeJTq4Lonc=; b=dxkF9VaMQx6Sb0HgnqEITbZG5p5CBH9KmBoAS0TAlGg4L2w1u2BjIG4p00TArLVDhDvSXk Kz1XFaCxApovO4omJClbWu5dlG2/86sFDXkRlE0ez8CLFO+8Jo8uhOnQbq/DAU4NGPEaC3 Qrx328X4mLamFvi0/dqXPAIvx4K8QPQ= ARC-Authentication-Results: i=1; imf27.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=R0WGwn2s; dmarc=pass (policy=none) header.from=kernel.org; spf=pass (imf27.hostedemail.com: domain of kuba@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=kuba@kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1691118735; a=rsa-sha256; cv=none; b=UB3OfAHpaAvJF1Zqxjv53tiJrmeQv9iEQAiIK/bVGWEoCxGN4GdCrlZIv2iCNf3HbnXzhz /q/TCmWT9pmzBaildcSCNNywvezk4RIzS5OEA5VHHWm5/MKglL8VEC9w5Pc1K++U7EdC1U S/TfVQsw+MRAzTFHrQVHL7BCwn9y5WU= Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 740F861E94; Fri, 4 Aug 2023 03:12:14 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 049F2C433C7; Fri, 4 Aug 2023 03:12:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1691118733; bh=JRNDrr8Q5XicQAEnr/UMUDvJf9uks/FyRXeJTq4Lonc=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=R0WGwn2s0vAe/DsI3XGK11OMvfOJmtznPvIDw84m40aHVTpIpcqb2BBYLuzfuLVXk dZ9acA9IAQwtQzTU28t9fuHvoxracxbRDCqOkzLX1LeJe0NAsASu8TMADmINbZgGdd BX1P/gy9WCmjlM0BVG0hX4jELQWFjCNAAo0NB2evy4APrirEumPedKRUVDBkxVBYCa fUd1SRVIjlviVLoEWElgozH8jaA3DN65SmuYGQbu3LeHFnLKFAiUC4/TJ29BR+GhsW RhGkM/EcwsZYTxHL13maI270zR85GYjtNQTRlmot3tdxlHuqRiD6Jvh+6E17duy9Fk pAi6/OWVkJa3g== Date: Thu, 3 Aug 2023 20:12:12 -0700 From: Jakub Kicinski To: Tariq Toukan Cc: David Howells , netdev@vger.kernel.org, "David S. Miller" , Eric Dumazet , Paolo Abeni , Willem de Bruijn , David Ahern , Matthew Wilcox , Al Viro , Christoph Hellwig , Jens Axboe , Jeff Layton , Christian Brauner , Chuck Lever III , Linus Torvalds , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, Boris Pismenny , John Fastabend , Gal Pressman , ranro@nvidia.com, samiram@nvidia.com, drort@nvidia.com, Tariq Toukan Subject: Re: [PATCH net-next v10 08/16] tls: Inline do_tcp_sendpages() Message-ID: <20230803201212.1d5dd0f9@kernel.org> In-Reply-To: <852cef0c-2c1a-fdcd-4ee9-4a0bca3f54c5@gmail.com> References: <4c49176f-147a-4283-f1b1-32aac7b4b996@gmail.com> <20230522121125.2595254-1-dhowells@redhat.com> <20230522121125.2595254-9-dhowells@redhat.com> <2267272.1686150217@warthog.procyon.org.uk> <5a9d4ffb-a569-3f60-6ac8-070ab5e5f5ad@gmail.com> <776549.1687167344@warthog.procyon.org.uk> <7337a904-231d-201d-397a-7bbe7cae929f@gmail.com> <20230630102143.7deffc30@kernel.org> <20230705091914.5bee12f8@kernel.org> <20230725173036.442ba8ba@kernel.org> <852cef0c-2c1a-fdcd-4ee9-4a0bca3f54c5@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 8FD0840008 X-Stat-Signature: c6yyuea637s84po8eusxecx183bwd7t7 X-Rspam-User: X-HE-Tag: 1691118735-137263 X-HE-Meta: U2FsdGVkX19TJt5z9IBSNGP5K9qo0qwbhtj/YmxNTFBk6V/N3XoGRb7wWtZ5aoEKBaA7XOFXk0LlziZA8OW1ZuNWIAPREOE+P6E4Nj9cx17+1kv/+hvZTuSOv4bt2F/b6V9ZsqkWYDmCjDgaSIJ7KnuJFLs6nvGiOSbv+fZSuTKrZRo4uw9Xj/BUyp8GcwLo9tIz5DzKIKdb+9/IhASzi9Gm6oVav2lmt1PXL06RkX1WIP7P8EjpmJzW0ddfqZpMFpyoYTGpcJ+76BuXsoOHMLkBu8aWqEdmzN3Ci0drAeZil+5QV/x4JbPKk3v+jpgeFBdQl1gXm6AXbyk++nj7IW0XEB9B02SjHQw3bxSS5ZylPQZEHaJe9slbsjBlsIoPp3sLEQZJEhBazSqwzwQ88Yx9ba762mjet0+7MSMiQ7GCCG5/NoOnJftbmXYu4955R7Nwkg6PwYEYSChNjG5X8ZO3PBhlnSuiVl6ry0vdGUBg94DVeMBS6qeVZPXBczlL5m2BKOmsdRsVaIDGiZttXVsmKKao4/pNN7XHdSAAT9ppblwdr/77ticSk8f8eNYlUEIVebKLBne4j7pt35f2kSV5XPH74C/UXERWHb96hSOtSTMjqfJpv9iif0owqujbJ88505pML/7NEHLrc9TYu6NYgwq4b0hzTDbXZA0oiD/FoMEVJo0J7mU3zWdxJKHAx0yzBATSRRwA5UhtrYqJ9lEVqWXVnf4ZaP1Uhb0aeu/m5trTlGVUKVIKqQjmZbkqyXPKtanZkft/Zft7+3kQu1kNB2MIOKQwJEGSzZ5LEjygVt6K3wtAmWbDkxE74knY+bGjvisccqPTDOPViQJfyc8fYnvx8BU3m86MIb6KyacMbma6/L1ifazOh092cea9gRrYR9sWj2wd7kdW8J+VnDGC465paqKgO3MM+KN0TbbTJMZ5egQvUnDWJaW2XWGD50fvFnK3jp80n8f6s2H zegCV+gD GSyIyuo0NgJwohp3ShAROXZFgumdkuzfcdYoTab+hUR1lJBwJ+ceMT7nOtJ5ZIXIC7xvnIm6BNd9YysYdDx0vUWRpyf6UoljGC4dSuYELfReWw8Y6BC7ZcMcT/QIZWCM4NBU0fyIVphG/IlU4bZ9EJdXsjTd0EDTWeCkT6ess9QjRJ4DgpCahCYM1r42CdYEF6TFDsB+dVgphnT1Yrdp+GuiCIAzf/RoJFyvs1mZPS7l0JsJ0mnQWp0dVWyiSFlNAdN7HhAt/QSX05wXlKlrhfrigdjb8V2pinxOr6Te63s63L/2RkMAKRqYQzdINf/+FKGnjGw20h5QWTED6LB47VkFyixUkfkL6I00CUbtdzRSXGErWljgNJpNeDUklTfMf4PfYzrHGM18fGGmPz50xbCflRSEqEHO3hXocimqvihzrn4pMhsqPVqNYDA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, 3 Aug 2023 14:47:35 +0300 Tariq Toukan wrote: > When applying this patch, repro disappears! :) > Apparently it is related to the warning. > Please go on and submit it. I have no idea how. I found a different bug, staring at this code for another hour. But I still don't get how we can avoid UaF on a page by having the TCP take a ref on it rather than copy it. If anything we should have 2 refs on any page in the sg, one because it's on the sg, and another held by the re-tx handling. So I'm afraid we're papering over something here :( We need to keep digging.