diff options
author | Jakub Kicinski <kuba@kernel.org> | 2022-07-15 07:22:25 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2022-07-18 12:24:10 +0200 |
commit | 4cbc325ed6b4dce4910be06d9d6940a8b919c59b (patch) | |
tree | e425c352dc8bf8f9d93bcc5b59d674d85ffbfb1d /include/net/tls.h | |
parent | Merge branch 'net-smc-virt-contig-buffers' (diff) | |
download | linux-4cbc325ed6b4dce4910be06d9d6940a8b919c59b.tar.xz linux-4cbc325ed6b4dce4910be06d9d6940a8b919c59b.zip |
tls: rx: allow only one reader at a time
recvmsg() in TLS gets data from the skb list (rx_list) or fresh
skbs we read from TCP via strparser. The former holds skbs which were
already decrypted for peek or decrypted and partially consumed.
tls_wait_data() only notices appearance of fresh skbs coming out
of TCP (or psock). It is possible, if there is a concurrent call
to peek() and recv() that the peek() will move the data from input
to rx_list without recv() noticing. recv() will then read data out
of order or never wake up.
This is not a practical use case/concern, but it makes the self
tests less reliable. This patch solves the problem by allowing
only one reader in.
Because having multiple processes calling read()/peek() is not
normal avoid adding a lock and try to fast-path the single reader
case.
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net/tls.h')
-rw-r--r-- | include/net/tls.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/include/net/tls.h b/include/net/tls.h index 8742e13bc362..e8935cfe0cd6 100644 --- a/include/net/tls.h +++ b/include/net/tls.h @@ -116,11 +116,14 @@ struct tls_sw_context_rx { void (*saved_data_ready)(struct sock *sk); struct sk_buff *recv_pkt; + u8 reader_present; u8 async_capable:1; u8 zc_capable:1; + u8 reader_contended:1; atomic_t decrypt_pending; /* protect crypto_wait with decrypt_pending*/ spinlock_t decrypt_compl_lock; + struct wait_queue_head wq; }; struct tls_record_info { |