[PATCH v3 05/11] SUNRPC: Ignore data_ready callbacks during TLS handshakes

[PATCH v3 00/11] client-side RPC-with-TLS · Chuck Lever <cel@kernel.org> · 2023-05-30
[PATCH v3 01/11] NFS: Improvements for fs_context-related tracepoints · Chuck Lever <cel@kernel.org> · 2023-05-30
[PATCH v3 02/11] SUNRPC: Plumb an API for setting transport layer security · Chuck Lever <cel@kernel.org> · 2023-05-30
[PATCH v3 03/11] SUNRPC: Trace the rpc_create_args · Chuck Lever <cel@kernel.org> · 2023-05-30
[PATCH v3 04/11] SUNRPC: Add RPC client support for the RPC_AUTH_TLS auth flavor · Chuck Lever <cel@kernel.org> · 2023-05-30
[PATCH v3 05/11] SUNRPC: Ignore data_ready callbacks during TLS handshakes · Chuck Lever <cel@kernel.org> · 2023-05-30
[PATCH v3 06/11] SUNRPC: Capture CMSG metadata on client-side receive · Chuck Lever <cel@kernel.org> · 2023-05-30
[PATCH v3 07/11] SUNRPC: Add a connect worker function for TLS · Chuck Lever <cel@kernel.org> · 2023-05-30
Re: [PATCH v3 07/11] SUNRPC: Add a connect worker function for TLS · Trond Myklebust <hidden> · 2023-05-30
[PATCH v3 08/11] SUNRPC: Add RPC-with-TLS support to xprtsock.c · Chuck Lever <cel@kernel.org> · 2023-05-30
[PATCH v3 09/11] SUNRPC: Add RPC-with-TLS tracepoints · Chuck Lever <cel@kernel.org> · 2023-05-30
[PATCH v3 10/11] NFS: Have struct nfs_client carry a TLS policy field · Chuck Lever <cel@kernel.org> · 2023-05-30
[PATCH v3 11/11] NFS: Add an "xprtsec=" NFS mount option · Chuck Lever <cel@kernel.org> · 2023-05-30

STALE1114d REVIEWED: 4 (4M)

From: Chuck Lever <cel@kernel.org>
Date: 2023-05-30 14:07:31
Subsystem: kernel nfsd, sunrpc, and lockd servers, networking [general], nfs, sunrpc, and lockd clients, the rest · Maintainers: Chuck Lever, Jeff Layton, "David S. Miller", Eric Dumazet, Jakub Kicinski, Paolo Abeni, Trond Myklebust, Anna Schumaker, Linus Torvalds

From: Chuck Lever <chuck.lever@oracle.com>

The RPC header parser doesn't recognize TLS handshake traffic, so it
will close the connection prematurely with an error. To avoid that,
shunt the transport's data_ready callback when there is a TLS
handshake in progress.

The XPRT_SOCK_IGNORE_RECV flag will be toggled by code added in a
subsequent patch.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
---
 include/linux/sunrpc/xprtsock.h |    1 +
 net/sunrpc/xprtsock.c           |    6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/include/linux/sunrpc/xprtsock.h b/include/linux/sunrpc/xprtsock.h
index 38284f25eddf..daef030f4848 100644
--- a/include/linux/sunrpc/xprtsock.h
+++ b/include/linux/sunrpc/xprtsock.h

@@ -90,5 +90,6 @@ struct sock_xprt {
 #define XPRT_SOCK_WAKE_DISCONNECT	(7)
 #define XPRT_SOCK_CONNECT_SENT	(8)
 #define XPRT_SOCK_NOSPACE	(9)
+#define XPRT_SOCK_IGNORE_RECV	(10)
 
 #endif /* _LINUX_SUNRPC_XPRTSOCK_H */

diff --git a/net/sunrpc/xprtsock.c b/net/sunrpc/xprtsock.c
index 5f9030b81c9e..37f608c2c0a0 100644
--- a/net/sunrpc/xprtsock.c
+++ b/net/sunrpc/xprtsock.c

@@ -695,6 +695,8 @@ static void xs_poll_check_readable(struct sock_xprt *transport)
 {
 
 	clear_bit(XPRT_SOCK_DATA_READY, &transport->sock_state);
+	if (test_bit(XPRT_SOCK_IGNORE_RECV, &transport->sock_state))
+		return;
 	if (!xs_poll_socket_readable(transport))
 		return;
 	if (!test_and_set_bit(XPRT_SOCK_DATA_READY, &transport->sock_state))

@@ -1380,6 +1382,10 @@ static void xs_data_ready(struct sock *sk)
 		trace_xs_data_ready(xprt);
 
 		transport->old_data_ready(sk);
+
+		if (test_bit(XPRT_SOCK_IGNORE_RECV, &transport->sock_state))
+			return;
+
 		/* Any data means we had a useful conversation, so
 		 * then we don't need to delay the next reconnect
 		 */

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help