| Message ID | 20240904-ktls-wait-async-v1-1-a62892833110@pengutronix.de (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | 54001d0f2fdbc7852136a00f3e6fc395a9547ae5 |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | net: tls: wait for async completion on last message | expand |
Hello: This patch was applied to netdev/net-next.git (main) by Jakub Kicinski <kuba@kernel.org>: On Wed, 04 Sep 2024 14:17:41 +0200 you wrote: > When asynchronous encryption is used KTLS sends out the final data at > proto->close time. This becomes problematic when the task calling > close() receives a signal. In this case it can happen that > tcp_sendmsg_locked() called at close time returns -ERESTARTSYS and the > final data is not sent. > > The described situation happens when KTLS is used in conjunction with > io_uring, as io_uring uses task_work_add() to add work to the current > userspace task. A discussion of the problem along with a reproducer can > be found in [1] and [2] > > [...] Here is the summary with links: - net: tls: wait for async completion on last message https://git.kernel.org/netdev/net-next/c/54001d0f2fdb You are awesome, thank you!
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 305a412785f50..bbf26cc4f6ee2 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -1201,7 +1201,7 @@ static int tls_sw_sendmsg_locked(struct sock *sk, struct msghdr *msg, if (!num_async) { goto send_end; - } else if (num_zc) { + } else if (num_zc || eor) { int err; /* Wait for pending encryptions to get completed */
When asynchronous encryption is used KTLS sends out the final data at proto->close time. This becomes problematic when the task calling close() receives a signal. In this case it can happen that tcp_sendmsg_locked() called at close time returns -ERESTARTSYS and the final data is not sent. The described situation happens when KTLS is used in conjunction with io_uring, as io_uring uses task_work_add() to add work to the current userspace task. A discussion of the problem along with a reproducer can be found in [1] and [2] Fix this by waiting for the asynchronous encryption to be completed on the final message. With this there is no data left to be sent at close time. [1] https://lore.kernel.org/all/20231010141932.GD3114228@pengutronix.de/ [2] https://lore.kernel.org/all/20240315100159.3898944-1-s.hauer@pengutronix.de/ Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> --- A previous attempt to solve this problem can be found here: https://lore.kernel.org/all/20240410-ktls-defer-close-v1-1-b59e6626b8e4@pengutronix.de/ This patch had KASAN issues when running the tls selftests. This is a new approach, solving the issue at send time, not at close time. This patch can now run the tls selftests successfully. --- net/tls/tls_sw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- base-commit: 431c1646e1f86b949fa3685efc50b660a364c2b6 change-id: 20240904-ktls-wait-async-0a4e9a513f6f Best regards,