LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org,
Jakub Kicinski <jakub.kicinski@netronome.com>,
Dirk van der Merwe <dirk.vandermerwe@netronome.com>,
"David S. Miller" <davem@davemloft.net>
Subject: [PATCH 4.19 24/32] net/tls: fix state removal with feature flags off
Date: Mon, 3 Jun 2019 11:08:18 +0200 [thread overview]
Message-ID: <20190603090315.200642387@linuxfoundation.org> (raw)
In-Reply-To: <20190603090308.472021390@linuxfoundation.org>
From: Jakub Kicinski <jakub.kicinski@netronome.com>
[ Upstream commit 3686637e507b48525fcea6fb91e1988bdbc14530 ]
TLS offload drivers shouldn't (and currently don't) block
the TLS offload feature changes based on whether there are
active offloaded connections or not.
This seems to be a good idea, because we want the admin to
be able to disable the TLS offload at any time, and there
is no clean way of disabling it for active connections
(TX side is quite problematic). So if features are cleared
existing connections will stay offloaded until they close,
and new connections will not attempt offload to a given
device.
However, the offload state removal handling is currently
broken if feature flags get cleared while there are
active TLS offloads.
RX side will completely bail from cleanup, even on normal
remove path, leaving device state dangling, potentially
causing issues when the 5-tuple is reused. It will also
fail to release the netdev reference.
Remove the RX-side warning message, in next release cycle
it should be printed when features are disabled, rather
than when connection dies, but for that we need a more
efficient method of finding connection of a given netdev
(a'la BPF offload code).
Fixes: 4799ac81e52a ("tls: Add rx inline crypto offload")
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/tls/tls_device.c | 6 ------
1 file changed, 6 deletions(-)
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -916,12 +916,6 @@ void tls_device_offload_cleanup_rx(struc
if (!netdev)
goto out;
- if (!(netdev->features & NETIF_F_HW_TLS_RX)) {
- pr_err_ratelimited("%s: device is missing NETIF_F_HW_TLS_RX cap\n",
- __func__);
- goto out;
- }
-
netdev->tlsdev_ops->tls_dev_del(netdev, tls_ctx,
TLS_OFFLOAD_CTX_DIR_RX);
next prev parent reply other threads:[~2019-06-03 9:10 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-03 9:07 [PATCH 4.19 00/32] 4.19.48-stable review Greg Kroah-Hartman
2019-06-03 9:07 ` [PATCH 4.19 01/32] bonding/802.3ad: fix slave link initialization transition states Greg Kroah-Hartman
2019-06-03 9:07 ` [PATCH 4.19 02/32] cxgb4: offload VLAN flows regardless of VLAN ethtype Greg Kroah-Hartman
2019-06-03 9:07 ` [PATCH 4.19 03/32] inet: switch IP ID generator to siphash Greg Kroah-Hartman
2019-06-03 9:07 ` [PATCH 4.19 04/32] ipv4/igmp: fix another memory leak in igmpv3_del_delrec() Greg Kroah-Hartman
2019-06-03 9:07 ` [PATCH 4.19 05/32] ipv4/igmp: fix build error if !CONFIG_IP_MULTICAST Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 06/32] ipv6: Consider sk_bound_dev_if when binding a raw socket to an address Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 07/32] ipv6: Fix redirect with VRF Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 08/32] llc: fix skb leak in llc_build_and_send_ui_pkt() Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 09/32] net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 10/32] net: fec: fix the clk mismatch in failed_reset path Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 11/32] net-gro: fix use-after-free read in napi_gro_frags() Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 12/32] net: mvneta: Fix err code path of probe Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 13/32] net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 14/32] net: phy: marvell10g: report if the PHY fails to boot firmware Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 15/32] net: sched: dont use tc_action->order during action dump Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 16/32] net: stmmac: fix reset gpio free missing Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 17/32] usbnet: fix kernel crash after disconnect Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 18/32] net/mlx5: Avoid double free in fs init error unwinding path Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 19/32] tipc: Avoid copying bytes beyond the supplied data Greg Kroah-Hartman
2019-06-04 7:49 ` Pavel Machek
2019-06-03 9:08 ` [PATCH 4.19 20/32] net/mlx5: Allocate root ns memory using kzalloc to match kfree Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 21/32] net/mlx5e: Disable rxhash when CQE compress is enabled Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 22/32] net: stmmac: dma channel control register need to be init first Greg Kroah-Hartman
2019-06-04 7:53 ` Pavel Machek
2019-06-03 9:08 ` [PATCH 4.19 23/32] bnxt_en: Fix aggregation buffer leak under OOM condition Greg Kroah-Hartman
2019-06-03 9:08 ` Greg Kroah-Hartman [this message]
2019-06-03 9:08 ` [PATCH 4.19 25/32] net/tls: dont ignore netdev notifications if no TLS features Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 26/32] crypto: vmx - ghash: do nosimd fallback manually Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 27/32] include/linux/compiler*.h: define asm_volatile_goto Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 28/32] compiler.h: give up __compiletime_assert_fallback() Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 29/32] jump_label: move asm goto support test to Kconfig Greg Kroah-Hartman
2019-06-04 9:30 ` Pavel Machek
2019-06-04 9:55 ` Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 30/32] xen/pciback: Dont disable PCI_COMMAND on PCI device reset Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 31/32] Revert "tipc: fix modprobe tipc failed after switch order of device registration" Greg Kroah-Hartman
2019-06-03 9:08 ` [PATCH 4.19 32/32] tipc: fix modprobe tipc failed after switch order of device registration Greg Kroah-Hartman
2019-06-03 15:09 ` [PATCH 4.19 00/32] 4.19.48-stable review kernelci.org bot
2019-06-03 17:16 ` Guenter Roeck
2019-06-03 18:33 ` Jon Hunter
2019-06-03 19:39 ` Naresh Kamboju
2019-06-03 23:33 ` shuah
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190603090315.200642387@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=davem@davemloft.net \
--cc=dirk.vandermerwe@netronome.com \
--cc=jakub.kicinski@netronome.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--subject='Re: [PATCH 4.19 24/32] net/tls: fix state removal with feature flags off' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).