From: Jakub Kicinski <kuba@kernel.org>
To: Eric Dumazet <edumazet@google.com>
Cc: davem@davemloft.net, netdev@vger.kernel.org, pabeni@redhat.com,
andrew+netdev@lunn.ch, horms@kernel.org, borisp@nvidia.com,
john.fastabend@gmail.com, shuah@kernel.org,
linux-kselftest@vger.kernel.org, sd@queasysnail.net,
will@willsroot.io, savy@syst3mfailure.io
Subject: Re: [PATCH net 1/2] tls: handle data disappearing from under the TLS ULP
Date: Wed, 6 Aug 2025 13:20:34 -0700 [thread overview]
Message-ID: <20250806132034.55292365@kernel.org> (raw)
In-Reply-To: <CANn89iKvW8jSrktWVd6g4m8qycp32-M=gFxwZRJ3LZi1h2Q80Q@mail.gmail.com>
On Wed, 6 Aug 2025 11:35:28 -0700 Eric Dumazet wrote:
> > TLS expects that it owns the receive queue of the TCP socket.
> > This cannot be guaranteed in case the reader of the TCP socket
> > entered before the TLS ULP was installed, or uses some non-standard
> > read API (eg. zerocopy ones). Make sure that the TCP sequence
> > numbers match between ->data_ready and ->recvmsg, otherwise
> > don't trust the work that ->data_ready has done.
> >
> > Signed-off-by: William Liu <will@willsroot.io>
> > Signed-off-by: Savino Dicanosa <savy@syst3mfailure.io>
>
> I presume you meant Reported-by tags ?
Oops..
> > Link: https://lore.kernel.org/tFjq_kf7sWIG3A7CrCg_egb8CVsT_gsmHAK0_wxDPJXfIzxFAMxqmLwp3MlU5EHiet0AwwJldaaFdgyHpeIUCS-3m3llsmRzp9xIOBR4lAI=@syst3mfailure.io
> > Fixes: 84c61fe1a75b ("tls: rx: do not use the standard strparser")
> > Signed-off-by: Jakub Kicinski <kuba@kernel.org>
> > ---
> > include/net/tls.h | 1 +
> > net/tls/tls.h | 2 +-
> > net/tls/tls_strp.c | 17 ++++++++++++++---
> > net/tls/tls_sw.c | 3 ++-
> > 4 files changed, 18 insertions(+), 5 deletions(-)
> >
> > diff --git a/include/net/tls.h b/include/net/tls.h
> > index 857340338b69..37344a39e4c9 100644
> > --- a/include/net/tls.h
> > +++ b/include/net/tls.h
> > @@ -117,6 +117,7 @@ struct tls_strparser {
> > bool msg_ready;
> >
> > struct strp_msg stm;
> > + u32 copied_seq;
>
> Can a 2^32 wrap occur eventually ?
Hm, good point. Is it good enough if we also check it in data_ready?
That way we should notice that someone is eating our data before
the seq had a chance to wrap?
next prev parent reply other threads:[~2025-08-06 20:20 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-06 18:05 [PATCH net 1/2] tls: handle data disappearing from under the TLS ULP Jakub Kicinski
2025-08-06 18:05 ` [PATCH net 2/2] selftests: tls: test TCP stealing data from under the TLS socket Jakub Kicinski
2025-08-06 18:35 ` [PATCH net 1/2] tls: handle data disappearing from under the TLS ULP Eric Dumazet
2025-08-06 20:20 ` Jakub Kicinski [this message]
2025-08-08 13:51 ` Eric Dumazet
2025-08-08 13:57 ` Jakub Kicinski
2025-08-08 14:06 ` Eric Dumazet
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250806132034.55292365@kernel.org \
--to=kuba@kernel.org \
--cc=andrew+netdev@lunn.ch \
--cc=borisp@nvidia.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=horms@kernel.org \
--cc=john.fastabend@gmail.com \
--cc=linux-kselftest@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=savy@syst3mfailure.io \
--cc=sd@queasysnail.net \
--cc=shuah@kernel.org \
--cc=will@willsroot.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).