Message ID | 20201205113529.14574-1-vinay.yadav@chelsio.com |
---|---|
State | New |
Headers | show |
Series | [net,v2] net/tls: Fix kernel panic when socket is in tls toe mode | expand |
On Sat, 5 Dec 2020 17:05:30 +0530 Vinay Kumar Yadav wrote: > When socket is in tls-toe (TLS_HW_RECORD) and connections > are established in kernel stack, on every connection close > it clears tls context which is created once on socket creation, > causing kernel panic. fix it by not initializing listen in > kernel stack incase of tls-toe, allow listen in only adapter. IOW the socket will no longer be present in kernel's hash tables?
On 12/8/2020 11:49 PM, Jakub Kicinski wrote: > On Sat, 5 Dec 2020 17:05:30 +0530 Vinay Kumar Yadav wrote: >> When socket is in tls-toe (TLS_HW_RECORD) and connections >> are established in kernel stack, on every connection close >> it clears tls context which is created once on socket creation, >> causing kernel panic. fix it by not initializing listen in >> kernel stack incase of tls-toe, allow listen in only adapter. > > IOW the socket will no longer be present in kernel's hash tables? > Yes, when tls-toe devices are present.
On Wed, 9 Dec 2020 00:46:23 +0530 Vinay Kumar Yadav wrote: > On 12/8/2020 11:49 PM, Jakub Kicinski wrote: > > On Sat, 5 Dec 2020 17:05:30 +0530 Vinay Kumar Yadav wrote: > >> When socket is in tls-toe (TLS_HW_RECORD) and connections > >> are established in kernel stack, on every connection close > >> it clears tls context which is created once on socket creation, > >> causing kernel panic. fix it by not initializing listen in > >> kernel stack incase of tls-toe, allow listen in only adapter. > > > > IOW the socket will no longer be present in kernel's hash tables? > > Yes, when tls-toe devices are present. I don't think that's acceptable for a transparently enabled netdev-sanctioned feature.
diff --git a/net/tls/tls_toe.c b/net/tls/tls_toe.c index 7e1330f19..f38861ce9 100644 --- a/net/tls/tls_toe.c +++ b/net/tls/tls_toe.c @@ -81,7 +81,6 @@ int tls_toe_bypass(struct sock *sk) void tls_toe_unhash(struct sock *sk) { - struct tls_context *ctx = tls_get_ctx(sk); struct tls_toe_device *dev; spin_lock_bh(&device_spinlock); @@ -95,16 +94,13 @@ void tls_toe_unhash(struct sock *sk) } } spin_unlock_bh(&device_spinlock); - ctx->sk_proto->unhash(sk); } int tls_toe_hash(struct sock *sk) { - struct tls_context *ctx = tls_get_ctx(sk); struct tls_toe_device *dev; - int err; + int err = 0; - err = ctx->sk_proto->hash(sk); spin_lock_bh(&device_spinlock); list_for_each_entry(dev, &device_list, dev_list) { if (dev->hash) {