[PATCH net-next 07/10] tls: rx: return the already-copied data on crypto error

public inbox for netdev@vger.kernel.org 
 help / color / mirror / Atom feed

From: Jakub Kicinski <kuba@kernel•org>
To: davem@davemloft•net, pabeni@redhat•com
Cc: netdev@vger•kernel.org, borisp@nvidia•com,
	john.fastabend@gmail•com, daniel@iogearbox•net,
	vfedorenko@novek•ru, Jakub Kicinski <kuba@kernel•org>
Subject: [PATCH net-next 07/10] tls: rx: return the already-copied data on crypto error
Date: Mon, 11 Apr 2022 12:19:14 -0700	[thread overview]
Message-ID: <20220411191917.1240155-8-kuba@kernel.org> (raw)
In-Reply-To: <20220411191917.1240155-1-kuba@kernel.org>

async crypto handler will report the socket error no need
to report it again. We can, however, let the data we already
copied be reported to user space but we need to make sure
the error will be reported next time around.

Signed-off-by: Jakub Kicinski <kuba@kernel•org>
---
 net/tls/tls_sw.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index bba69706aea9..b5d1393aa8d4 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -1747,6 +1747,11 @@ int tls_sw_recvmsg(struct sock *sk,
 	lock_sock(sk);
 	bpf_strp_enabled = sk_psock_strp_enabled(psock);
 
+	/* If crypto failed the connection is broken */
+	err = ctx->async_wait.err;
+	if (err)
+		goto end;
+
 	/* Process pending decrypted records. It must be non-zero-copy */
 	err = process_rx_list(ctx, msg, &control, 0, len, false, is_peek);
 	if (err < 0)
@@ -1877,7 +1882,7 @@ int tls_sw_recvmsg(struct sock *sk,
 
 recv_end:
 	if (async) {
-		int pending;
+		int ret, pending;
 
 		/* Wait for all previously submitted records to be decrypted */
 		spin_lock_bh(&ctx->decrypt_compl_lock);
@@ -1885,11 +1890,10 @@ int tls_sw_recvmsg(struct sock *sk,
 		pending = atomic_read(&ctx->decrypt_pending);
 		spin_unlock_bh(&ctx->decrypt_compl_lock);
 		if (pending) {
-			err = crypto_wait_req(-EINPROGRESS, &ctx->async_wait);
-			if (err) {
-				/* one of async decrypt failed */
-				tls_err_abort(sk, err);
-				copied = 0;
+			ret = crypto_wait_req(-EINPROGRESS, &ctx->async_wait);
+			if (ret) {
+				if (err >= 0 || err == -EINPROGRESS)
+					err = ret;
 				decrypted = 0;
 				goto end;
 			}
-- 
2.34.1

next prev parent reply	other threads:[~2022-04-11 19:19 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-04-11 19:19 [PATCH net-next 00/10] tls: rx: random refactoring part 3 Jakub Kicinski
2022-04-11 19:19 ` [PATCH net-next 01/10] tls: rx: consistently use unlocked accessors for rx_list Jakub Kicinski
2022-04-11 19:19 ` [PATCH net-next 02/10] tls: rx: reuse leave_on_list label for psock Jakub Kicinski
2022-04-11 19:19 ` [PATCH net-next 03/10] tls: rx: move counting TlsDecryptErrors for sync Jakub Kicinski
2022-04-11 19:19 ` [PATCH net-next 04/10] tls: rx: don't handle TLS 1.3 in the async crypto callback Jakub Kicinski
2022-04-11 19:19 ` [PATCH net-next 05/10] tls: rx: assume crypto always calls our callback Jakub Kicinski
2022-04-11 19:19 ` [PATCH net-next 06/10] tls: rx: treat process_rx_list() errors as transient Jakub Kicinski
2022-04-11 19:19 ` Jakub Kicinski [this message]
2022-04-11 19:19 ` [PATCH net-next 08/10] tls: rx: use async as an in-out argument Jakub Kicinski
2022-04-25  7:19   ` Gal Pressman
2022-04-25 14:54     ` Jakub Kicinski
2022-04-26  6:08       ` Gal Pressman
2022-04-11 19:19 ` [PATCH net-next 09/10] tls: rx: use MAX_IV_SIZE for allocations Jakub Kicinski
2022-04-11 19:19 ` [PATCH net-next 10/10] tls: rx: only copy IV from the packet for TLS 1.2 Jakub Kicinski
2022-04-13 11:00 ` [PATCH net-next 00/10] tls: rx: random refactoring part 3 patchwork-bot+netdevbpf

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:bba69706aea dfblob:b5d1393aa8d )
 OR (
bs:"[PATCH net-next 07/10] tls: rx: return the already-copied data on crypto error" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220411191917.1240155-8-kuba@kernel.org \
    --to=kuba@kernel$(echo .)org \
    --cc=borisp@nvidia$(echo .)com \
    --cc=daniel@iogearbox$(echo .)net \
    --cc=davem@davemloft$(echo .)net \
    --cc=john.fastabend@gmail$(echo .)com \
    --cc=netdev@vger$(echo .)kernel.org \
    --cc=pabeni@redhat$(echo .)com \
    --cc=vfedorenko@novek$(echo .)ru \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox