Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp1342767imm; Tue, 2 Oct 2018 06:49:57 -0700 (PDT) X-Google-Smtp-Source: ACcGV61Ul+7JCE1lxwYkoi7v04Vbe6oGhox54L0XeOa1efLUKww+gTqJib+lMWJrKNan2FdqM870 X-Received: by 2002:a65:668d:: with SMTP id b13-v6mr14645031pgw.163.1538488196978; Tue, 02 Oct 2018 06:49:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1538488196; cv=none; d=google.com; s=arc-20160816; b=dEMKxugo5RWVxB4q3LlIuS7MizXg079Be8xGBIARvC6b766TKCL5xFzvFsK0LJsN45 ZWvW+Mb+dBelyS26I+esnRnjJNkhlzOYhsEi+wWFArhfwGdEVRFHhOGXOsh8E2e97i2V kg5FLD4WjwivGN7h72TBQWhIkLiHbDb3tlrlzHaJo4Man4AcuvKpALYpU/5I4j4Ki6CH PSiHCHn6esRiR3G0G0OCiAGQKfz8rrXK5HvB3BFusG1u11EY6mnnwRY36R5HCY5/4IoR oGfjiA9crFHiBKsvQHAYELPAnqDKHR10MPHvgmaIdPWwDp+EVASMuuvHkPmCBACgacRV jkcg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from; bh=VGp1WEx4Jrb3gVrLhGI2iaGJxo6dpNNduqLx/kRkH4s=; b=OLzcEpbwbuD1BvnWQBl1oVtIVjima2d9o6MOZrgnhJWQ9fwyNk0U4R67KpQY7ZcQnr LJk2zvvZdbyvuF9oRa2RfKjmFn0WlTfWHLR2J4WP5HEQf8NzwGP7ZsAQQRFataC4Cldd 3QqJ5F2EXLfMr/1IkHpqdUogS6KIZ3GhWSHkTQtPGKbOjlsFhYXzg38JcIObTzojZsxD TD0KuKS29RjWSkjd3BquVFirR7vw+xPfM2JanTGoav33G1gC1waOZHNxNuOp9O2ZIYbM 2lwSl03lRyWCSw223qryGi+w02Gp4gzt1TNGYcXFIv6+I4yvOL05to33YYe8SHD0mblr 5npQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f5-v6si17270413plf.411.2018.10.02.06.49.42; Tue, 02 Oct 2018 06:49:56 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732716AbeJBUbD (ORCPT + 99 others); Tue, 2 Oct 2018 16:31:03 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:35396 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731662AbeJBUSN (ORCPT ); Tue, 2 Oct 2018 16:18:13 -0400 Received: from localhost (24-104-73-23-ip-static.hfc.comcastbusiness.net [24.104.73.23]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 6391CC3F; Tue, 2 Oct 2018 13:34:49 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, John Fastabend , Dave Watson , Daniel Borkmann , Sasha Levin Subject: [PATCH 4.14 119/137] tls: possible hang when do_tcp_sendpages hits sndbuf is full case Date: Tue, 2 Oct 2018 06:25:20 -0700 Message-Id: <20181002132506.856449731@linuxfoundation.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002132458.446916963@linuxfoundation.org> References: <20181002132458.446916963@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.14-stable review patch. If anyone has any objections, please let me know. ------------------ From: John Fastabend [ Upstream commit 67db7cd249e71f64346f481b629724376d063e08 ] Currently, the lower protocols sk_write_space handler is not called if TLS is sending a scatterlist via tls_push_sg. However, normally tls_push_sg calls do_tcp_sendpage, which may be under memory pressure, that in turn may trigger a wait via sk_wait_event. Typically, this happens when the in-flight bytes exceed the sdnbuf size. In the normal case when enough ACKs are received sk_write_space() will be called and the sk_wait_event will be woken up allowing it to send more data and/or return to the user. But, in the TLS case because the sk_write_space() handler does not wake up the events the above send will wait until the sndtimeo is exceeded. By default this is MAX_SCHEDULE_TIMEOUT so it look like a hang to the user (especially this impatient user). To fix this pass the sk_write_space event to the lower layers sk_write_space event which in the TCP case will wake any pending events. I observed the above while integrating sockmap and ktls. It initially appeared as test_sockmap (modified to use ktls) occasionally hanging. To reliably reproduce this reduce the sndbuf size and stress the tls layer by sending many 1B sends. This results in every byte needing a header and each byte individually being sent to the crypto layer. Signed-off-by: John Fastabend Acked-by: Dave Watson Signed-off-by: Daniel Borkmann Signed-off-by: Sasha Levin Signed-off-by: Greg Kroah-Hartman --- net/tls/tls_main.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c @@ -195,9 +195,14 @@ static void tls_write_space(struct sock { struct tls_context *ctx = tls_get_ctx(sk); - /* We are already sending pages, ignore notification */ - if (ctx->in_tcp_sendpages) + /* If in_tcp_sendpages call lower protocol write space handler + * to ensure we wake up any waiting operations there. For example + * if do_tcp_sendpages where to call sk_wait_event. + */ + if (ctx->in_tcp_sendpages) { + ctx->sk_write_space(sk); return; + } if (!sk->sk_write_pending && tls_is_pending_closed_record(ctx)) { gfp_t sk_allocation = sk->sk_allocation;