Re: [PATCH net-next v10 08/16] tls: Inline do_tcp_sendpages()

From: Jakub Kicinski
Date: Thu Aug 03 2023 - 23:14:38 EST

Next message: Yang, Weijiang: "Re: [PATCH v5 08/19] KVM:x86: Report KVM supported CET MSRs as to-be-saved"
Previous message: suijingfeng: "Re: [PATCH] PCI/VGA: Make the vga_is_firmware_default() arch-independent"
In reply to: Tariq Toukan: "Re: [PATCH net-next v10 08/16] tls: Inline do_tcp_sendpages()"
Next in thread: Tariq Toukan: "Re: [PATCH net-next v10 08/16] tls: Inline do_tcp_sendpages()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 3 Aug 2023 14:47:35 +0300 Tariq Toukan wrote:
> When applying this patch, repro disappears! :)
> Apparently it is related to the warning.
> Please go on and submit it.

I have no idea how. I found a different bug, staring at this code
for another hour. But I still don't get how we can avoid UaF on
a page by having the TCP take a ref on it rather than copy it.

If anything we should have 2 refs on any page in the sg, one because
it's on the sg, and another held by the re-tx handling.

So I'm afraid we're papering over something here :( We need to keep
digging.

Next message: Yang, Weijiang: "Re: [PATCH v5 08/19] KVM:x86: Report KVM supported CET MSRs as to-be-saved"
Previous message: suijingfeng: "Re: [PATCH] PCI/VGA: Make the vga_is_firmware_default() arch-independent"
In reply to: Tariq Toukan: "Re: [PATCH net-next v10 08/16] tls: Inline do_tcp_sendpages()"
Next in thread: Tariq Toukan: "Re: [PATCH net-next v10 08/16] tls: Inline do_tcp_sendpages()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]