On Mon, May 25, 2026 at 10:54:59AM -0700, Jakub Kicinski wrote:

quoted

kTLS RX zc decrypt writes unauthenticated AEAD output directly into
pages pinned from the recvmsg iterator via tls_setup_from_iter().
For MAP_SHARED, PROT_WRITE file-backed destinations, those pages are
live page-cache pages rather than anonymous copies: MAP_SHARED does not
trigger copy-on-write, so FOLL_WRITE returns the actual page-cache page.

As does MAP_SHARED for any other mapping.

quoted

via COW; PROT_READ-only destinations fail at iov_iter_get_pages2()
before any decryption occurs.

Btw, this really needs to stop using iov_iter_get_pages2 and switch to
iov_iter_extract_pages / iov_iter_extract_bvecs.  This does not fix
your probleb, but other potentially exploitable races.

iov_iter_get_pages2 and friends must never be used for writing,
and preferably should go away entirely.

quoted

Avoid zc receive for file-backed destination pages.  In
tls_setup_from_iter(), after iov_iter_get_pages2() pins pages, check
each page with folio_mapping(page_folio(page)).  If any pinned page is
file-backed (mapping != NULL), release the pinned pages and return
-EOPNOTSUPP.  Handle -EOPNOTSUPP in tls_decrypt_sw() by clearing
darg->zc and retrying, which causes tls_decrypt_sg() to allocate a
kernel bounce buffer instead.  Decryption output never reaches the
file-backed page; on tag failure the bounce buffer is discarded.

I can't see how this is not a problem for non-file backed shared
mappings.