stuartl/linux-mainline
1
0
Fork 0
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux synced 2025-09-28 19:57:53 +10:00
Code Issues Releases Wiki Activity
50c6b58a81
linux-mainline/tools/testing/selftests/net
History
Daniel Borkmann 50c6b58a81 tls: fix currently broken MSG_PEEK behavior 
In kTLS MSG_PEEK behavior is currently failing, strace example:

  [pid  2430] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3
  [pid  2430] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 4
  [pid  2430] bind(4, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
  [pid  2430] listen(4, 10)               = 0
  [pid  2430] getsockname(4, {sa_family=AF_INET, sin_port=htons(38855), sin_addr=inet_addr("0.0.0.0")}, [16]) = 0
  [pid  2430] connect(3, {sa_family=AF_INET, sin_port=htons(38855), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
  [pid  2430] setsockopt(3, SOL_TCP, 0x1f /* TCP_??? */, [7564404], 4) = 0
  [pid  2430] setsockopt(3, 0x11a /* SOL_?? */, 1, "\3\0033\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 40) = 0
  [pid  2430] accept(4, {sa_family=AF_INET, sin_port=htons(49636), sin_addr=inet_addr("127.0.0.1")}, [16]) = 5
  [pid  2430] setsockopt(5, SOL_TCP, 0x1f /* TCP_??? */, [7564404], 4) = 0
  [pid  2430] setsockopt(5, 0x11a /* SOL_?? */, 2, "\3\0033\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 40) = 0
  [pid  2430] close(4)                    = 0
  [pid  2430] sendto(3, "test_read_peek", 14, 0, NULL, 0) = 14
  [pid  2430] sendto(3, "_mult_recs\0", 11, 0, NULL, 0) = 11
  [pid  2430] recvfrom(5, "test_read_peektest_read_peektest"..., 64, MSG_PEEK, NULL, NULL) = 64

As can be seen from strace, there are two TLS records sent,
i) 'test_read_peek' and ii) '_mult_recs\0' where we end up
peeking 'test_read_peektest_read_peektest'. This is clearly
wrong, and what happens is that given peek cannot call into
tls_sw_advance_skb() to unpause strparser and proceed with
the next skb, we end up looping over the current one, copying
the 'test_read_peek' over and over into the user provided
buffer.

Here, we can only peek into the currently held skb (current,
full TLS record) as otherwise we would end up having to hold
all the original skb(s) (depending on the peek depth) in a
separate queue when unpausing strparser to process next
records, minimally intrusive is to return only up to the
current record's size (which likely was what c46234ebb4
("tls: RX path for ktls") originally intended as well). Thus,
after patch we properly peek the first record:

  [pid  2046] wait4(2075,  <unfinished ...>
  [pid  2075] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3
  [pid  2075] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 4
  [pid  2075] bind(4, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
  [pid  2075] listen(4, 10)               = 0
  [pid  2075] getsockname(4, {sa_family=AF_INET, sin_port=htons(55115), sin_addr=inet_addr("0.0.0.0")}, [16]) = 0
  [pid  2075] connect(3, {sa_family=AF_INET, sin_port=htons(55115), sin_addr=inet_addr("0.0.0.0")}, 16) = 0
  [pid  2075] setsockopt(3, SOL_TCP, 0x1f /* TCP_??? */, [7564404], 4) = 0
  [pid  2075] setsockopt(3, 0x11a /* SOL_?? */, 1, "\3\0033\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 40) = 0
  [pid  2075] accept(4, {sa_family=AF_INET, sin_port=htons(45732), sin_addr=inet_addr("127.0.0.1")}, [16]) = 5
  [pid  2075] setsockopt(5, SOL_TCP, 0x1f /* TCP_??? */, [7564404], 4) = 0
  [pid  2075] setsockopt(5, 0x11a /* SOL_?? */, 2, "\3\0033\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 40) = 0
  [pid  2075] close(4)                    = 0
  [pid  2075] sendto(3, "test_read_peek", 14, 0, NULL, 0) = 14
  [pid  2075] sendto(3, "_mult_recs\0", 11, 0, NULL, 0) = 11
  [pid  2075] recvfrom(5, "test_read_peek", 64, MSG_PEEK, NULL, NULL) = 14

Fixes: c46234ebb4 ("tls: RX path for ktls")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-09-17 08:03:09 -07:00
..
forwarding selftests: forwarding: gre_multipath: Update next-hop statistics match criteria 2018-08-07 16:02:30 -07:00
.gitignore selftests/net: add tls to .gitignore 2018-07-26 09:37:21 -07:00
config selftests: net: add config fragments 2018-06-21 09:47:25 +09:00
fib_rule_tests.sh
fib_tests.sh net/ipv6: Revert attempt to simplify route replace and append 2018-07-04 15:22:13 +09:00
fib-onlink-tests.sh
in_netns.sh
ip6_gre_headroom.sh selftests: net: Test headroom handling of ip6_gre devices 2018-06-26 23:03:01 +09:00
Makefile selftests: tls: add selftests for TLS sockets 2018-07-16 13:33:10 -07:00
msg_zerocopy.c
msg_zerocopy.sh selftests/net: enable msg_zerocopy test 2018-06-04 09:49:39 -04:00
netdevice.sh
pmtu.sh selftests: pmtu: detect correct binary to ping ipv6 addresses 2018-08-31 23:14:20 -07:00
psock_fanout.c
psock_lib.h
psock_snd.c selftests/net: add packet socket packet_snd test 2018-06-04 09:50:01 -04:00
psock_snd.sh selftests/net: add packet socket packet_snd test 2018-06-04 09:50:01 -04:00
psock_tpacket.c
reuseaddr_conflict.c
reuseport_bpf_cpu.c
reuseport_bpf_numa.c
reuseport_bpf.c
reuseport_dualstack.c
rtnetlink.sh selftests: rtnetlink: add ipsec offload API test 2018-06-28 16:10:08 +09:00
run_afpackettests
run_netsocktests
socket.c
tcp_inq.c
tcp_mmap.c selftest/net: fix protocol family to work for IPv4. 2018-08-02 10:30:12 -07:00
test_bpf.sh
tls.c tls: fix currently broken MSG_PEEK behavior 2018-09-17 08:03:09 -07:00
udpgso_bench_rx.c
udpgso_bench_tx.c
udpgso_bench.sh selftests: in udpgso_bench do not test udp zerocopy 2018-07-12 16:56:50 -07:00
udpgso.c selftests/net: udpgso: test small gso_size boundary conditions 2018-06-04 09:49:39 -04:00
udpgso.sh