summaryrefslogtreecommitdiffstats
path: root/include/net/tls.h
diff options
context:
space:
mode:
authorJakub Kicinski <kuba@kernel.org>2022-07-15 07:22:25 +0200
committerDavid S. Miller <davem@davemloft.net>2022-07-18 12:24:10 +0200
commit4cbc325ed6b4dce4910be06d9d6940a8b919c59b (patch)
treee425c352dc8bf8f9d93bcc5b59d674d85ffbfb1d /include/net/tls.h
parentMerge branch 'net-smc-virt-contig-buffers' (diff)
downloadlinux-4cbc325ed6b4dce4910be06d9d6940a8b919c59b.tar.xz
linux-4cbc325ed6b4dce4910be06d9d6940a8b919c59b.zip
tls: rx: allow only one reader at a time
recvmsg() in TLS gets data from the skb list (rx_list) or fresh skbs we read from TCP via strparser. The former holds skbs which were already decrypted for peek or decrypted and partially consumed. tls_wait_data() only notices appearance of fresh skbs coming out of TCP (or psock). It is possible, if there is a concurrent call to peek() and recv() that the peek() will move the data from input to rx_list without recv() noticing. recv() will then read data out of order or never wake up. This is not a practical use case/concern, but it makes the self tests less reliable. This patch solves the problem by allowing only one reader in. Because having multiple processes calling read()/peek() is not normal avoid adding a lock and try to fast-path the single reader case. Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net/tls.h')
-rw-r--r--include/net/tls.h3
1 files changed, 3 insertions, 0 deletions
diff --git a/include/net/tls.h b/include/net/tls.h
index 8742e13bc362..e8935cfe0cd6 100644
--- a/include/net/tls.h
+++ b/include/net/tls.h
@@ -116,11 +116,14 @@ struct tls_sw_context_rx {
void (*saved_data_ready)(struct sock *sk);
struct sk_buff *recv_pkt;
+ u8 reader_present;
u8 async_capable:1;
u8 zc_capable:1;
+ u8 reader_contended:1;
atomic_t decrypt_pending;
/* protect crypto_wait with decrypt_pending*/
spinlock_t decrypt_compl_lock;
+ struct wait_queue_head wq;
};
struct tls_record_info {