[11/12] cifs: Fix problem with encrypted RDMA data read

Message ID	20230131182855.4027499-12-dhowells@redhat.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-cifs-owner@vger.kernel.org> From: David Howells <dhowells@redhat.com> To: Steve French <smfrench@gmail.com> Cc: David Howells <dhowells@redhat.com>, Al Viro <viro@zeniv.linux.org.uk>, Shyam Prasad N <nspmangalore@gmail.com>, Rohith Surabattula <rohiths.msft@gmail.com>, Tom Talpey <tom@talpey.com>, Stefan Metzmacher <metze@samba.org>, Christoph Hellwig <hch@infradead.org>, Matthew Wilcox <willy@infradead.org>, Jeff Layton <jlayton@kernel.org>, linux-cifs@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Long Li <longli@microsoft.com>, Namjae Jeon <linkinjeon@kernel.org> Subject: [PATCH 11/12] cifs: Fix problem with encrypted RDMA data read Date: Tue, 31 Jan 2023 18:28:54 +0000 Message-Id: <20230131182855.4027499-12-dhowells@redhat.com> In-Reply-To: <20230131182855.4027499-1-dhowells@redhat.com> References: <20230131182855.4027499-1-dhowells@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	smb3: Use iov_iters down to the network transport and fix DIO page pinning \| expand [00/12] smb3: Use iov_iters down to the network transport and fix DIO page pinning [01/12] netfs: Add a function to extract a UBUF or IOVEC into a BVEC iterator [02/12] netfs: Add a function to extract an iterator into a scatterlist [03/12] cifs: Implement splice_read to pass down ITER_BVEC not ITER_PIPE [04/12] cifs: Add a function to build an RDMA SGE list from an iterator [05/12] cifs: Add a function to Hash the contents of an iterator [06/12] cifs: Add some helper functions [07/12] cifs: Add a function to read into an iter from a socket [09/12] cifs: Build the RDMA SGE list directly from an iterator [10/12] cifs: Remove unused code [11/12] cifs: Fix problem with encrypted RDMA data read [12/12] cifs: DIO to/from KVEC-type iterators should now work

Message ID

20230131182855.4027499-12-dhowells@redhat.com (mailing list archive)

State

New, archived

Headers

From: David Howells <dhowells@redhat.com>
To: Steve French <smfrench@gmail.com>
Cc: David Howells <dhowells@redhat.com>,
        Al Viro <viro@zeniv.linux.org.uk>,
        Shyam Prasad N <nspmangalore@gmail.com>,
        Rohith Surabattula <rohiths.msft@gmail.com>,
        Tom Talpey <tom@talpey.com>,
        Stefan Metzmacher <metze@samba.org>,
        Christoph Hellwig <hch@infradead.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jeff Layton <jlayton@kernel.org>, linux-cifs@vger.kernel.org,
        linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
        Long Li <longli@microsoft.com>,
        Namjae Jeon <linkinjeon@kernel.org>
Subject: [PATCH 11/12] cifs: Fix problem with encrypted RDMA data read
Date: Tue, 31 Jan 2023 18:28:54 +0000
Message-Id: <20230131182855.4027499-12-dhowells@redhat.com>
In-Reply-To: <20230131182855.4027499-1-dhowells@redhat.com>
References: <20230131182855.4027499-1-dhowells@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

smb3: Use iov_iters down to the network transport and fix DIO page pinning | expand

Commit Message

David Howells Jan. 31, 2023, 6:28 p.m. UTC

When the cifs client is talking to the ksmbd server by RDMA and the ksmbd
server has "smb3 encryption = yes" in its config file, the normal PDU
stream is encrypted, but the directly-delivered data isn't in the stream
(and isn't encrypted), but is rather delivered by DDP/RDMA packets (at
least with IWarp).

Currently, the direct delivery fails with:

   buf can not contain only a part of read data
   WARNING: CPU: 0 PID: 4619 at fs/cifs/smb2ops.c:4731 handle_read_data+0x393/0x405
   ...
   RIP: 0010:handle_read_data+0x393/0x405
   ...
    smb3_handle_read_data+0x30/0x37
    receive_encrypted_standard+0x141/0x224
    cifs_demultiplex_thread+0x21a/0x63b
    kthread+0xe7/0xef
    ret_from_fork+0x22/0x30

The problem apparently stemming from the fact that it's trying to manage
the decryption, but the data isn't in the smallbuf, the bigbuf or the page
array).

This can be fixed simply by inserting an extra case into handle_read_data()
that checks to see if use_rdma_mr is true, and if it is, just setting
rdata->got_bytes to the length of data delivered and allowing normal
continuation.

This can be seen in an IWarp packet trace.  With the upstream code, it does
a DDP/RDMA packet, which produces the warning above and then retries,
retrieving the data inline, spread across several SMBDirect messages that
get glued together into a single PDU.  With the patch applied, only the
DDP/RDMA packet is seen.

Note that this doesn't happen if the server isn't told to encrypt stuff and
it does also happen with softRoCE.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Steve French <smfrench@gmail.com>
cc: Tom Talpey <tom@talpey.com>
cc: Long Li <longli@microsoft.com>
cc: Namjae Jeon <linkinjeon@kernel.org>
cc: Stefan Metzmacher <metze@samba.org>
cc: linux-cifs@vger.kernel.org

Link: https://lore.kernel.org/r/166855224228.1998592.2212551359609792175.stgit@warthog.procyon.org.uk/ # v1
---
 fs/cifs/smb2ops.c | 3 +++
 1 file changed, 3 insertions(+)

Comments

Christoph Hellwig Feb. 1, 2023, 1:36 p.m. UTC | #1

On Tue, Jan 31, 2023 at 06:28:54PM +0000, David Howells wrote:
> When the cifs client is talking to the ksmbd server by RDMA and the ksmbd
> server has "smb3 encryption = yes" in its config file, the normal PDU
> stream is encrypted, but the directly-delivered data isn't in the stream
> (and isn't encrypted), but is rather delivered by DDP/RDMA packets (at
> least with IWarp).

This really needs to be split into a separate backportable fix series.
And it seems like Stefan has just send such a series.

Stefan Metzmacher Feb. 1, 2023, 2 p.m. UTC | #2

Am 01.02.23 um 14:36 schrieb Christoph Hellwig:
> On Tue, Jan 31, 2023 at 06:28:54PM +0000, David Howells wrote:
>> When the cifs client is talking to the ksmbd server by RDMA and the ksmbd
>> server has "smb3 encryption = yes" in its config file, the normal PDU
>> stream is encrypted, but the directly-delivered data isn't in the stream
>> (and isn't encrypted), but is rather delivered by DDP/RDMA packets (at
>> least with IWarp).
> 
> This really needs to be split into a separate backportable fix series.
> And it seems like Stefan has just send such a series.

My changes are triggered by this commit...

Now I'm looking more closely as I didn't understand it...

Stefan Metzmacher Feb. 1, 2023, 2:05 p.m. UTC | #3

Am 31.01.23 um 19:28 schrieb David Howells:
> When the cifs client is talking to the ksmbd server by RDMA and the ksmbd
> server has "smb3 encryption = yes" in its config file, the normal PDU
> stream is encrypted, but the directly-delivered data isn't in the stream
> (and isn't encrypted), but is rather delivered by DDP/RDMA packets (at
> least with IWarp).
> 
> Currently, the direct delivery fails with:
> 
>     buf can not contain only a part of read data
>     WARNING: CPU: 0 PID: 4619 at fs/cifs/smb2ops.c:4731 handle_read_data+0x393/0x405
>     ...
>     RIP: 0010:handle_read_data+0x393/0x405
>     ...
>      smb3_handle_read_data+0x30/0x37
>      receive_encrypted_standard+0x141/0x224
>      cifs_demultiplex_thread+0x21a/0x63b
>      kthread+0xe7/0xef
>      ret_from_fork+0x22/0x30
> 
> The problem apparently stemming from the fact that it's trying to manage
> the decryption, but the data isn't in the smallbuf, the bigbuf or the page
> array).
> 
> This can be fixed simply by inserting an extra case into handle_read_data()
> that checks to see if use_rdma_mr is true, and if it is, just setting
> rdata->got_bytes to the length of data delivered and allowing normal
> continuation.
> 
> This can be seen in an IWarp packet trace.  With the upstream code, it does
> a DDP/RDMA packet, which produces the warning above and then retries,
> retrieving the data inline, spread across several SMBDirect messages that
> get glued together into a single PDU.  With the patch applied, only the
> DDP/RDMA packet is seen.
> 
> Note that this doesn't happen if the server isn't told to encrypt stuff and
> it does also happen with softRoCE.
> 
> Signed-off-by: David Howells <dhowells@redhat.com>
> cc: Steve French <smfrench@gmail.com>
> cc: Tom Talpey <tom@talpey.com>
> cc: Long Li <longli@microsoft.com>
> cc: Namjae Jeon <linkinjeon@kernel.org>
> cc: Stefan Metzmacher <metze@samba.org>
> cc: linux-cifs@vger.kernel.org
> 
> Link: https://lore.kernel.org/r/166855224228.1998592.2212551359609792175.stgit@warthog.procyon.org.uk/ # v1
> ---
>   fs/cifs/smb2ops.c | 3 +++
>   1 file changed, 3 insertions(+)
> 
> diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
> index cea578a45ed8..73b66ac86abf 100644
> --- a/fs/cifs/smb2ops.c
> +++ b/fs/cifs/smb2ops.c
> @@ -4733,6 +4733,9 @@ handle_read_data(struct TCP_Server_Info *server, struct mid_q_entry *mid,
>   		if (length < 0)
>   			return length;
>   		rdata->got_bytes = data_len;
> +	} else if (use_rdma_mr) {
> +		/* The data was delivered directly by RDMA. */
> +		rdata->got_bytes = data_len;

I actually don't understand why this would only be a problem with encryption.

I guess there's much more needed and data_offset should most likely be
ignored completely in the rdma offload case. So I'd guess its just luck
that we don't trigger the below warning/error more often.

>   	} else {
>   		/* read response payload cannot be in both buf and pages */
>   		WARN_ONCE(1, "buf can not contain only a part of read data");
>

Stefan Metzmacher Feb. 1, 2023, 2:52 p.m. UTC | #4

Am 01.02.23 um 15:05 schrieb Stefan Metzmacher:
> Am 31.01.23 um 19:28 schrieb David Howells:
>> When the cifs client is talking to the ksmbd server by RDMA and the ksmbd
>> server has "smb3 encryption = yes" in its config file, the normal PDU
>> stream is encrypted, but the directly-delivered data isn't in the stream
>> (and isn't encrypted), but is rather delivered by DDP/RDMA packets (at
>> least with IWarp).
>>
>> Currently, the direct delivery fails with:
>>
>>     buf can not contain only a part of read data
>>     WARNING: CPU: 0 PID: 4619 at fs/cifs/smb2ops.c:4731 handle_read_data+0x393/0x405
>>     ...
>>     RIP: 0010:handle_read_data+0x393/0x405
>>     ...
>>      smb3_handle_read_data+0x30/0x37
>>      receive_encrypted_standard+0x141/0x224
>>      cifs_demultiplex_thread+0x21a/0x63b
>>      kthread+0xe7/0xef
>>      ret_from_fork+0x22/0x30
>>
>> The problem apparently stemming from the fact that it's trying to manage
>> the decryption, but the data isn't in the smallbuf, the bigbuf or the page
>> array).
>>
>> This can be fixed simply by inserting an extra case into handle_read_data()
>> that checks to see if use_rdma_mr is true, and if it is, just setting
>> rdata->got_bytes to the length of data delivered and allowing normal
>> continuation.
>>
>> This can be seen in an IWarp packet trace.  With the upstream code, it does
>> a DDP/RDMA packet, which produces the warning above and then retries,
>> retrieving the data inline, spread across several SMBDirect messages that
>> get glued together into a single PDU.  With the patch applied, only the
>> DDP/RDMA packet is seen.
>>
>> Note that this doesn't happen if the server isn't told to encrypt stuff and
>> it does also happen with softRoCE.
>>
>> Signed-off-by: David Howells <dhowells@redhat.com>
>> cc: Steve French <smfrench@gmail.com>
>> cc: Tom Talpey <tom@talpey.com>
>> cc: Long Li <longli@microsoft.com>
>> cc: Namjae Jeon <linkinjeon@kernel.org>
>> cc: Stefan Metzmacher <metze@samba.org>
>> cc: linux-cifs@vger.kernel.org
>>
>> Link: https://lore.kernel.org/r/166855224228.1998592.2212551359609792175.stgit@warthog.procyon.org.uk/ # v1
>> ---
>>   fs/cifs/smb2ops.c | 3 +++
>>   1 file changed, 3 insertions(+)
>>
>> diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
>> index cea578a45ed8..73b66ac86abf 100644
>> --- a/fs/cifs/smb2ops.c
>> +++ b/fs/cifs/smb2ops.c
>> @@ -4733,6 +4733,9 @@ handle_read_data(struct TCP_Server_Info *server, struct mid_q_entry *mid,
>>           if (length < 0)
>>               return length;
>>           rdata->got_bytes = data_len;
>> +    } else if (use_rdma_mr) {
>> +        /* The data was delivered directly by RDMA. */
>> +        rdata->got_bytes = data_len;
> 
> I actually don't understand why this would only be a problem with encryption.
> 
> I guess there's much more needed and data_offset should most likely be
> ignored completely in the rdma offload case. So I'd guess its just luck
> that we don't trigger the below warning/error more often.

I guess it might be related to smb3_handle_read_data passing
server->pdu_size to handle_read_data(), while server->pdu_size is
the outer size of the transform and not the size of the decrypted pdu.

Maybe receive_encrypted_standard() needs to reset server->pdu_size
during this:

         if (mid_entry && mid_entry->handle)
                 ret = mid_entry->handle(server, mid_entry);
         else
                 ret = cifs_handle_standard(server, mid_entry);

But this code is so overly complex, that's way to hard to understand...

diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
index cea578a45ed8..73b66ac86abf 100644
--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -4733,6 +4733,9 @@  handle_read_data(struct TCP_Server_Info *server, struct mid_q_entry *mid,
 		if (length < 0)
 			return length;
 		rdata->got_bytes = data_len;
+	} else if (use_rdma_mr) {
+		/* The data was delivered directly by RDMA. */
+		rdata->got_bytes = data_len;
 	} else {
 		/* read response payload cannot be in both buf and pages */
 		WARN_ONCE(1, "buf can not contain only a part of read data");

[11/12] cifs: Fix problem with encrypted RDMA data read

Commit Message

Comments

Patch