[PATCH 07/18] net/tls: sanitize MSG_EOR handling

Sagi Grimberg sagi at grimberg.me
Mon Apr 17 08:19:12 PDT 2023 

> The TLS stack is using MSG_EOR internally, so the flag cannot be
> set for sendmsg()/sendpage(). But to avoid having the caller to
> check whether TLS is active modify the code to clear the MSG_EOR
> flag. And blank out MSG_MORE / MSG_SENDPAGE_NOTLAST, too, as they
> conflict with MSG_EOR anyway.

This looks like a temporary workaround to me.

The networking folks really need to be CC'd on this (same for patch 6).

CC'ing Jakub for starters.

> Signed-off-by: Hannes Reinecke <hare at suse.de>
> ---
>   net/tls/tls_device.c | 10 ++++++++++
>   net/tls/tls_sw.c     | 21 +++++++++++++++++++++
>   2 files changed, 31 insertions(+)
> 
> diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
> index a7cc4f9faac2..38e44e216865 100644
> --- a/net/tls/tls_device.c
> +++ b/net/tls/tls_device.c
> @@ -576,6 +576,10 @@ int tls_device_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
>   	mutex_lock(&tls_ctx->tx_lock);
>   	lock_sock(sk);
>   
> +	/* MSG_EOR conflicts with MSG_MORE, so clear both */
> +	if (msg->msg_flags & MSG_EOR)
> +		msg->msg_flags &= ~(MSG_EOR | MSG_MORE);
> +
>   	if (unlikely(msg->msg_controllen)) {
>   		rc = tls_process_cmsg(sk, msg, &record_type);
>   		if (rc)
> @@ -604,6 +608,12 @@ int tls_device_sendpage(struct sock *sk, struct page *page,
>   	if (flags & MSG_SENDPAGE_NOTLAST)
>   		flags |= MSG_MORE;
>   
> +	/*
> +	 * MSG_EOR conflicts with MSG_MORE/MSG_SENDPAGE_NOTLAST,
> +	 * so clear all of them */
> +	if (flags & MSG_EOR)
> +		flags &= ~(MSG_EOR | MSG_SENDPAGE_NOTLAST | MSG_MORE);
> +
>   	mutex_lock(&tls_ctx->tx_lock);
>   	lock_sock(sk);
>   
> diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
> index 827292e29f99..d0e6b7a04176 100644
> --- a/net/tls/tls_sw.c
> +++ b/net/tls/tls_sw.c
> @@ -952,6 +952,11 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
>   	int ret = 0;
>   	int pending;
>   
> +	if (msg->msg_flags & MSG_EOR) {
> +		eor = true;
> +		/* MSG_EOR conflicts with MSG_MORE, so clear both */
> +		msg->msg_flags &= ~(MSG_EOR | MSG_MORE);
> +	}
>   	if (msg->msg_flags & ~(MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL |
>   			       MSG_CMSG_COMPAT))
>   		return -EOPNOTSUPP;
> @@ -1274,6 +1279,14 @@ static int tls_sw_do_sendpage(struct sock *sk, struct page *page,
>   int tls_sw_sendpage_locked(struct sock *sk, struct page *page,
>   			   int offset, size_t size, int flags)
>   {
> +	/*
> +	 * MSG_EOR is invalid for TLS, and conflicts
> +	 * with MSG_MORE / MSG_SENDPAGE_NOTLAST.
> +	 * So clear all of them.
> +	 */
> +	if (flags & MSG_EOR)
> +		flags &= ~(MSG_MORE | MSG_SENDPAGE_NOTLAST | MSG_EOR);
> +
>   	if (flags & ~(MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL |
>   		      MSG_SENDPAGE_NOTLAST | MSG_SENDPAGE_NOPOLICY |
>   		      MSG_NO_SHARED_FRAGS))
> @@ -1288,6 +1301,14 @@ int tls_sw_sendpage(struct sock *sk, struct page *page,
>   	struct tls_context *tls_ctx = tls_get_ctx(sk);
>   	int ret;
>   
> +	/*
> +	 * MSG_EOR is invalid for TLS, and conflicts
> +	 * with MSG_MORE / MSG_SENDPAGE_NOTLAST.
> +	 * So clear all of them.
> +	 */
> +	if (flags & MSG_EOR)
> +		flags &= ~(MSG_MORE | MSG_SENDPAGE_NOTLAST | MSG_EOR);
> +
>   	if (flags & ~(MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL |
>   		      MSG_SENDPAGE_NOTLAST | MSG_SENDPAGE_NOPOLICY))
>   		return -EOPNOTSUPP;

More information about the Linux-nvme mailing list