From: Justin Worrell <jworrell@gmail.com>
To: Olga Kornievskaia <aglo@umich.edu>
Cc: linux-nfs@vger.kernel.org, smayhew@redhat.com,
trondmy@hammerspace.com, okorniev@redhat.com
Subject: Re: [PATCH] xs_sock_recv_cmsg failing to call xs_sock_process_cmsg
Date: Tue, 2 Sep 2025 15:46:33 -0500 [thread overview]
Message-ID: <851ebd04-8f9c-4a17-aa55-654c021f07a5@gmail.com> (raw)
In-Reply-To: <CAN-5tyGHKCt0KhTt2jKNdx77H3RcgY-xPKwkL4udvciR99=rrw@mail.gmail.com>
On 9/2/25 11:21 AM, Olga Kornievskaia wrote:
> On Tue, Sep 2, 2025 at 8:27 AM Justin Worrell <jworrell@gmail.com> wrote:
>>
>> xs_sock_recv_cmsg was failing to call xs_sock_process_cmsg for any cmsg
>> type other than TLS_RECORD_TYPE_ALERT (TLS_RECORD_TYPE_DATA, and other
>> values not handled.) Based on my reading of the previous commit
>> (cc5d5908: sunrpc: fix client side handling of tls alerts), it looks
>> like only iov_iter_revert should be conditional on TLS_RECORD_TYPE_ALERT
>> (but that other cmsg types should still call xs_sock_process_cmsg). On
>> my machine, I was unable to connect (over mtls) to an NFS share hosted
>> on FreeBSD. With this patch applied, I am able to mount the share again.
>
> Thanks for the catch Justin. Indeed, the client fails to return an
> error in case it receives anything other than TLS DATA or TLS ALERT.
> Could you tell what kind of TLS message the FreeBSD server is sending?
> Either a network trace or turning on tls_contentype tracepoint should
> show what type the client has been receiving.
Hi Olga,
Unfortunately, I don't know much (anything, really) about Kernel
debugging or the SSL protocol. I do have root on both boxes and am happy
to provide whatever information would help with better understanding the
issue. Could you provide some guidance (even if just where to go to
rtfm) to fetch the requested info? I don't imagine just a tcpdump of the
ciphertext is sufficient. If providing this assistance is too spammy for
the list, it is okay to reach out off-list.
>> ---
>> diff --git a/net/sunrpc/xprtsock.c b/net/sunrpc/xprtsock.c
>> --- a/net/sunrpc/xprtsock.c (revision
>> b320789d6883cc00ac78ce83bccbfe7ed58afcf0)
>> +++ b/net/sunrpc/xprtsock.c (date 1756813457481)
>> @@ -407,9 +407,9 @@
>> iov_iter_kvec(&msg.msg_iter, ITER_DEST, &alert_kvec, 1,
>> alert_kvec.iov_len);
>> ret = sock_recvmsg(sock, &msg, flags);
>> - if (ret > 0 &&
>> - tls_get_record_type(sock->sk, &u.cmsg) == TLS_RECORD_TYPE_ALERT) {
>> - iov_iter_revert(&msg.msg_iter, ret);
>> + if (ret > 0) {
>> + if (tls_get_record_type(sock->sk, &u.cmsg) == TLS_RECORD_TYPE_ALERT)
>> + iov_iter_revert(&msg.msg_iter, ret);
>> ret = xs_sock_process_cmsg(sock, &msg, msg_flags, &u.cmsg,
>> -EAGAIN);
>> }
>>
next prev parent reply other threads:[~2025-09-02 20:46 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-02 11:58 [PATCH] xs_sock_recv_cmsg failing to call xs_sock_process_cmsg Justin Worrell
2025-09-02 16:21 ` Olga Kornievskaia
2025-09-02 20:46 ` Justin Worrell [this message]
2025-09-02 21:11 ` Olga Kornievskaia
2025-09-02 23:06 ` Justin Worrell
2025-09-03 16:39 ` Olga Kornievskaia
2025-09-03 20:54 ` Scott Mayhew
2025-09-04 14:32 ` [PATCH v2 0/1] call xs_sock_process_cmsg for all cmsg Justin Worrell
2025-09-04 14:33 ` [PATCH v2 1/1] " Justin Worrell
2025-09-04 17:12 ` [PATCH v2 0/1] " Scott Mayhew
2025-09-04 21:09 ` [PATCH v3] " Justin Worrell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=851ebd04-8f9c-4a17-aa55-654c021f07a5@gmail.com \
--to=jworrell@gmail.com \
--cc=aglo@umich.edu \
--cc=linux-nfs@vger.kernel.org \
--cc=okorniev@redhat.com \
--cc=smayhew@redhat.com \
--cc=trondmy@hammerspace.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox