Re: [PATCH] tls: defer close to kernel task

From: Jakub Kicinski
Date: Wed Apr 10 2024 - 09:11:39 EST


On Wed, 10 Apr 2024 08:33:07 +0200 Sascha Hauer wrote:
> proto->close is normally called from a userspace task which can be
> interrupted by signals. When asynchronous encryption is used then KTLS
> sends out the final data at close time. When a signal comes in during
> close then it can happen tcp_sendmsg_locked() is interrupted by that
> signal while waiting for memory in sk_stream_wait_memory() which then
> returns with -ERSTARTSYS. It is not possible to recover from this situation
> and the final transmit data is lost.
>
> With this patch we defer the close operation to a kernel task which
> doesn't get signals.
>
> The described situation happens when KTLS is used in conjunction with
> io_uring, as io_uring uses task_work_add() to add work to the current
> userspace task.
>
> The problem is discussed in [1] and [2] and the solution implemented in
> this patch is suggested by Pavel Begunkov here [3]

Appears to crash reliably.
Please run the tls selftests with KASAN enabled.
--
pw-bot: cr