[PATCH 4.17 10/70] tls: fix waitall behavior in tls_sw_recvmsg

From: Greg Kroah-Hartman
Date: Sun Jun 24 2018 - 11:40:05 EST


4.17-stable review patch. If anyone has any objections, please let me know.

------------------

From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>

[ Upstream commit 06030dbaf3b6c5801dcdb7fe4fbab3b91c8da84a ]

Current behavior in tls_sw_recvmsg() is to wait for incoming tls
messages and copy up to exactly len bytes of data that the user
provided. This is problematic in the sense that i) if no packet
is currently queued in strparser we keep waiting until one has been
processed and pushed into tls receive layer for tls_wait_data() to
wake up and push the decrypted bits to user space. Given after
tls decryption, we're back at streaming data, use sock_rcvlowat()
hint from tcp socket instead. Retain current behavior with MSG_WAITALL
flag and otherwise use the hint target for breaking the loop and
returning to application. This is done if currently no ctx->recv_pkt
is ready, otherwise continue to process it from our strparser
backlog.

Fixes: c46234ebb4d1 ("tls: RX path for ktls")
Signed-off-by: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
Acked-by: Dave Watson <davejwatson@xxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/tls/tls_sw.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)

--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -755,7 +755,7 @@ int tls_sw_recvmsg(struct sock *sk,
struct sk_buff *skb;
ssize_t copied = 0;
bool cmsg = false;
- int err = 0;
+ int target, err = 0;
long timeo;

flags |= nonblock;
@@ -765,6 +765,7 @@ int tls_sw_recvmsg(struct sock *sk,

lock_sock(sk);

+ target = sock_rcvlowat(sk, flags & MSG_WAITALL, len);
timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
do {
bool zc = false;
@@ -857,6 +858,9 @@ fallback_to_reg_recv:
goto recv_end;
}
}
+ /* If we have a new message from strparser, continue now. */
+ if (copied >= target && !ctx->recv_pkt)
+ break;
} while (len);

recv_end: