net/tls: sendfile fails with ktls offload (ea1dd3e9) · Commits · 戴 / test

At first when sendpage gets called, if there is more data, 'more' in tls_push_data() gets set which later sets pending_open_record_frags, but when there is no more data in file left, and last time tls_push_data() gets called, pending_open_record_frags doesn't get reset. And later when 2 bytes of encrypted alert comes as sendmsg, it first checks for pending_open_record_frags, and since this is set, it creates a record with 0 data bytes to encrypt, meaning record length is prepend_size + tag_size only, which causes problem. We should set/reset pending_open_record_frags based on more bit. Fixes: ("net/tls: Add generic NIC offload infrastructure") Signed-off-by:

Rohit Maheshwari <rohitm@chelsio.com> Signed-off-by:

Jakub Kicinski <kuba@kernel.org>

net/tls/tls_device.c

+6 −5

Original line number	Diff line number	Diff line
		@@ -418,14 +418,14 @@ static int tls_push_data(struct sock *sk,
		struct tls_context *tls_ctx = tls_get_ctx(sk);
		struct tls_prot_info *prot = &tls_ctx->prot_info;
		struct tls_offload_context_tx *ctx = tls_offload_ctx_tx(tls_ctx);
		int more = flags & (MSG_SENDPAGE_NOTLAST \| MSG_MORE);
		struct tls_record_info *record = ctx->open_record;
		int tls_push_record_flags;
		struct page_frag *pfrag;
		size_t orig_size = size;
		u32 max_open_record_len;
		int copy, rc = 0;
		bool more = false;
		bool done = false;
		int copy, rc = 0;
		long timeo;

		if (flags &
		@@ -492,9 +492,8 @@ handle_error:
		if (!size) {
		last_record:
		tls_push_record_flags = flags;
		if (more) {
		tls_ctx->pending_open_record_frags =
		!!record->num_frags;
		if (flags & (MSG_SENDPAGE_NOTLAST \| MSG_MORE)) {
		more = true;
		break;
		}

		@@ -526,6 +525,8 @@ last_record:
		}
		} while (!done);

		tls_ctx->pending_open_record_frags = more;

		if (orig_size - size > 0)
		rc = orig_size - size;

Admin message