Skip to content

bpf,ktls: Fix data corruption caused by using bpf_msg_pop_data() in ktls #8990

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

bpf,ktls: Fix data corruption caused by using bpf_msg_pop_data() in ktls #8990

wants to merge 2 commits into from

Conversation

kernel-patches-daemon-bpf[bot]
Copy link

Pull request for series with
subject: bpf,ktls: Fix data corruption caused by using bpf_msg_pop_data() in ktls
version: 1
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854

@kernel-patches-daemon-bpf
Copy link
Author

Upstream branch: 8259eb0
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854
version: 1

@kernel-patches-daemon-bpf
Copy link
Author

Upstream branch: bfccacd
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot force-pushed the series/965854=>bpf-next branch from ce6ed3b to 4088749 Compare May 23, 2025 17:25
@kernel-patches-daemon-bpf
Copy link
Author

Upstream branch: 079e5c5
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot force-pushed the series/965854=>bpf-next branch from 4088749 to 3af889f Compare May 23, 2025 20:33
@kernel-patches-daemon-bpf
Copy link
Author

Upstream branch: db22b13
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot force-pushed the series/965854=>bpf-next branch from 3af889f to 8e80682 Compare May 27, 2025 16:55
@kernel-patches-daemon-bpf
Copy link
Author

Upstream branch: 1ae7a84
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot force-pushed the series/965854=>bpf-next branch from 8e80682 to 99b73d1 Compare May 27, 2025 17:35
@kernel-patches-daemon-bpf
Copy link
Author

Upstream branch: 86bc9c7
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot force-pushed the series/965854=>bpf-next branch from 99b73d1 to f274dfe Compare May 27, 2025 17:48
@kernel-patches-daemon-bpf
Copy link
Author

Upstream branch: d496557
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot force-pushed the series/965854=>bpf-next branch from f274dfe to e36451a Compare May 27, 2025 17:54
@kernel-patches-daemon-bpf
Copy link
Author

Upstream branch: ca56fbd
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot force-pushed the series/965854=>bpf-next branch from e36451a to c71ec37 Compare May 27, 2025 18:00
@kernel-patches-daemon-bpf
Copy link
Author

Upstream branch: 5ffb537
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854
version: 1

@kernel-patches-daemon-bpf
Copy link
Author

Upstream branch: 90b83ef
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot force-pushed the series/965854=>bpf-next branch from db90132 to b648972 Compare May 30, 2025 14:52
@kernel-patches-daemon-bpf
Copy link
Author

Upstream branch: bb1556e
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot force-pushed the series/965854=>bpf-next branch from b648972 to 60e3f45 Compare June 1, 2025 18:04
@kernel-patches-daemon-bpf
Copy link
Author

Upstream branch: bb1556e
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot force-pushed the series/965854=>bpf-next branch from 60e3f45 to 51385e3 Compare June 2, 2025 06:43
@kernel-patches-daemon-bpf
Copy link
Author

Upstream branch: cd2e103
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot force-pushed the series/965854=>bpf-next branch from 51385e3 to ca96111 Compare June 2, 2025 17:54
mrpre added 2 commits June 2, 2025 10:59
@mrpre
bpf,ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
3ad934d 
When sending plaintext data, we initially calculated the corresponding
ciphertext length. However, if we later reduced the plaintext data length
via socket policy, we failed to recalculate the ciphertext length.

This results in transmitting buffers containing uninitialized data during
ciphertext transmission.

This causes uninitialized bytes to be appended after a complete
"Application Data" packet, leading to errors on the receiving end when
parsing TLS record.

Fixes: d3b18ad ("tls: add bpf support to sk_msg handling")
Reported-by: Cong Wang <[email protected]>
Signed-off-by: Jiayuan Chen <[email protected]>
Reviewed-by: John Fastabend <[email protected]>
@mrpre
selftests/bpf: Add test to cover ktls with bpf_msg_pop_data
bdefd6f 
The selftest can reproduce an issue where using bpf_msg_pop_data() in
ktls causes errors on the receiving end.

Signed-off-by: Jiayuan Chen <[email protected]>
Reviewed-by: John Fastabend <[email protected]>
@kernel-patches-daemon-bpf
Copy link
Author

Upstream branch: cd2e103
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=965854
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot force-pushed the series/965854=>bpf-next branch from ca96111 to bdefd6f Compare June 2, 2025 18:00
@kernel-patches-daemon-bpf
Copy link
Author

At least one diff in series https://patchwork.kernel.org/project/netdevbpf/list/?series=965854 expired. Closing PR.

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot deleted the series/965854=>bpf-next branch June 7, 2025 21:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bpf-next changes-requested V1-ci-pass V1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@mrpre