[net,0/2] tls fixes for SPLICE with more hint

Message

John Fastabend Jan. 10, 2024, 10:01 p.m. UTC

Syzbot found a splat where it tried to splice data over a tls socket
with the more hint and sending greater than the number of frags that
fit in a msg scatterlist. This resulted in an error where we do not
correctly send the data when the msg sg is full. The more flag being
just a hint not a strict contract. This then results in the syzbot
warning on the next send.

Edward generated an initial patch for this which checked for a full
msg on entry to the sendmsg hook.  This fixed the WARNING, but didn't
fully resolve the issue because the full msg_pl scatterlist was never
sent resulting in a stuck socket. In this series instead avoid the
situation by forcing the send on the splice that fills the scatterlist.

Also in original thread I mentioned it didn't seem to be enough to
simply fix the send on full sg problem. That was incorrect and was
really a bug in my test program that was hanging the test program.
I had setup a repair socket and wasn't handling it correctly so my
tester got stuck.

Thanks. Please review. Fix in patch 1 and test in patch 2.


John Fastabend (2):
  net: tls, fix WARNIING in __sk_msg_free
  net: tls, add test to capture error on large splice

 net/tls/tls_sw.c                  |  6 +++++-
 tools/testing/selftests/net/tls.c | 14 ++++++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)