Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp218986ybt; Tue, 30 Jun 2020 19:03:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxV3OB0a+z1XTMWjQYCiNsy1b5K5vXCqkPEZLhGFJ6IPtAs16u9I5T/21YrNMGNme0dEOcp X-Received: by 2002:a50:b964:: with SMTP id m91mr27599339ede.37.1593568997812; Tue, 30 Jun 2020 19:03:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1593568997; cv=none; d=google.com; s=arc-20160816; b=W6DJqI4bxGiptQ+kUv9T0mYg712rDsHYf+bnYp4az9mRUPg6p4B2nWFK3s2FmFYtVF Lh3f3KrHll/ibQ9X6vbq6ujVEzYzSDP6BiGUxpT3oYp2R9CbpscC7Sf8/fUBkZnrbnjk RYTOQUhSatEz+66sIGbPwIqS4Vq7B//4+T6ZkZym5qzy83HVa27ghiEpa8WfAxOWExSI MDQHmafcuuekyxnSoyr1U9XMqiX1masa670KXnNsLnuV9ZaMvKX/OBBBcoWDwqKJF4QS n+T/RTP+QpXAkWEE1j47vv4/6iJkD0JAGmHjl4XrnHWG3Gq3Z/JDBopile37Pku6L+d/ J85A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:message-id:subject:cc:to:from:date; bh=qoAy7Ddr22Glt4cbd9CwY+R3OHQdhnYFEA7p5J/MTBo=; b=IQbsP7LFnVkYj1FyEHGzla3iV64kqoSHXF9BTfibPOGM/4QrK7sJI55ljOEQhgP6A6 VQOxc+LA07WvMV4ErHErQod4BlK46egBOezPoxG4QOZzNwPfvaU/ojgbiD3l5PM4Q4RQ FJgmPa2bxBXi1Ry5+U5cGwUtlF43hUjnrvg9Yo+Kz6ScaZjeDqpE2vvhds6XCKXcIu9e GZb9oDvZ6jqXyL2omzEgYB5wY+BJe5/0jC57Efw6TmuocGrrwmPVqscq0CNUC3bIPkY0 34alplQrB4pVcY1Lkyu5Te8FaW11hEVuSLT5BSEpadq5DvRXqD9gRGr3on7ZidvBrhrA ZAGQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id e5si2854714edl.520.2020.06.30.19.02.31; Tue, 30 Jun 2020 19:03:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726074AbgGACCU (ORCPT + 99 others); Tue, 30 Jun 2020 22:02:20 -0400 Received: from helcar.hmeau.com ([216.24.177.18]:35250 "EHLO fornost.hmeau.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725805AbgGACCU (ORCPT ); Tue, 30 Jun 2020 22:02:20 -0400 Received: from gwarestrin.arnor.me.apana.org.au ([192.168.0.7]) by fornost.hmeau.com with smtp (Exim 4.92 #5 (Debian)) id 1jqS4h-00058w-Ea; Wed, 01 Jul 2020 12:02:12 +1000 Received: by gwarestrin.arnor.me.apana.org.au (sSMTP sendmail emulation); Wed, 01 Jul 2020 12:02:11 +1000 Date: Wed, 1 Jul 2020 12:02:11 +1000 From: Herbert Xu To: Eric Dumazet Cc: mathieu.desnoyers@efficios.com, davem@davemloft.net, torvalds@linux-foundation.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, ycheng@google.com, joraj@efficios.com Subject: Re: [regression] TCP_MD5SIG on established sockets Message-ID: <20200701020211.GA6875@gondor.apana.org.au> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Newsgroups: apana.lists.os.linux.kernel,apana.lists.os.linux.netdev User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Eric Dumazet wrote: > > diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c > index 810cc164f795f8e1e8ca747ed5df51bb20fec8a2..ecc0e3fabce8b03bef823cbfc5c1b0a9e24df124 > 100644 > --- a/net/ipv4/tcp.c > +++ b/net/ipv4/tcp.c > @@ -4034,9 +4034,12 @@ EXPORT_SYMBOL(tcp_md5_hash_skb_data); > int tcp_md5_hash_key(struct tcp_md5sig_pool *hp, const struct > tcp_md5sig_key *key) > { > struct scatterlist sg; > + u8 keylen = key->keylen; > > - sg_init_one(&sg, key->key, key->keylen); > - ahash_request_set_crypt(hp->md5_req, &sg, NULL, key->keylen); > + smp_rmb(); /* paired with smp_wmb() in tcp_md5_do_add() */ > + > + sg_init_one(&sg, key->key, keylen); > + ahash_request_set_crypt(hp->md5_req, &sg, NULL, keylen); > return crypto_ahash_update(hp->md5_req); > } > EXPORT_SYMBOL(tcp_md5_hash_key); > diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c > index ad6435ba6d72ffd8caf783bb25cad7ec151d6909..99916fcc15ca0be12c2c133ff40516f79e6fdf7f > 100644 > --- a/net/ipv4/tcp_ipv4.c > +++ b/net/ipv4/tcp_ipv4.c > @@ -1113,6 +1113,9 @@ int tcp_md5_do_add(struct sock *sk, const union > tcp_md5_addr *addr, > if (key) { > /* Pre-existing entry - just update that one. */ > memcpy(key->key, newkey, newkeylen); > + > + smp_wmb(); /* pairs with smp_rmb() in tcp_md5_hash_key() */ > + > key->keylen = newkeylen; > return 0; > } This doesn't make sense. Your smp_rmb only guarantees that you see a version of key->key that's newer than keylen. What if the key got changed twice? You could still read more than what's in the key (if that's what you're trying to protect against). Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt