From owner-dev-commits-src-all@freebsd.org Fri Jun 4 01:09:33 2021 Return-Path: Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 858F66446B4; Fri, 4 Jun 2021 01:09:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fx4Rd2nP7z3Jl4; Fri, 4 Jun 2021 01:09:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4869813FEF; Fri, 4 Jun 2021 01:09:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 15419XdM047793; Fri, 4 Jun 2021 01:09:33 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 15419XwY047792; Fri, 4 Jun 2021 01:09:33 GMT (envelope-from git) Date: Fri, 4 Jun 2021 01:09:33 GMT Message-Id: <202106040109.15419XwY047792@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 75683ed20b70 - stable/13 - Fix handling of errors from pru_send(PRUS_NOTREADY) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 75683ed20b70da2b813e5a9da220cfee94c0b307 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for all branches of the src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jun 2021 01:09:33 -0000 The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=75683ed20b70da2b813e5a9da220cfee94c0b307 commit 75683ed20b70da2b813e5a9da220cfee94c0b307 Author: Mark Johnston AuthorDate: 2021-05-21 21:44:46 +0000 Commit: Mark Johnston CommitDate: 2021-06-04 01:02:02 +0000 Fix handling of errors from pru_send(PRUS_NOTREADY) PRUS_NOTREADY indicates that the caller has not yet populated the chain with data, and so it is not ready for transmission. This is used by sendfile (for async I/O) and KTLS (for encryption). In particular, if pru_send returns an error, the caller is responsible for freeing the chain since other implicit references to the data buffers exist. For async sendfile, it happens that an error will only be returned if the connection was dropped, in which case tcp_usr_ready() will handle freeing the chain. But since KTLS can be used in conjunction with the regular socket I/O system calls, many more error cases - which do not result in the connection being dropped - are reachable. In these cases, KTLS was effectively assuming success. So: - Change sosend_generic() to free the mbuf chain if pru_send(PRUS_NOTREADY) fails. Nothing else owns a reference to the chain at that point. - Similarly, in vn_sendfile() change the !async I/O && KTLS case to free the chain. - If async I/O is still outstanding when pru_send fails in vn_sendfile(), set an error in the sfio structure so that the connection is aborted and the mbuf chain is freed. Reviewed by: gallatin, tuexen Discussed with: jhb Sponsored by: The FreeBSD Foundation (cherry picked from commit 916c61a5ed37da8ecdedd3c5512813d8dcec9a24) --- sys/kern/kern_sendfile.c | 12 ++++++++---- sys/kern/uipc_socket.c | 19 +++++++------------ 2 files changed, 15 insertions(+), 16 deletions(-) diff --git a/sys/kern/kern_sendfile.c b/sys/kern/kern_sendfile.c index 520b7c9c62d0..ac1072ca2406 100644 --- a/sys/kern/kern_sendfile.c +++ b/sys/kern/kern_sendfile.c @@ -1175,8 +1175,12 @@ prepend_header: if (tls != NULL && tls->mode == TCP_TLS_MODE_SW) { error = (*so->so_proto->pr_usrreqs->pru_send) (so, PRUS_NOTREADY, m, NULL, NULL, td); - soref(so); - ktls_enqueue(m, so, tls_enq_cnt); + if (error != 0) { + m_freem(m); + } else { + soref(so); + ktls_enqueue(m, so, tls_enq_cnt); + } } else #endif error = (*so->so_proto->pr_usrreqs->pru_send) @@ -1187,11 +1191,11 @@ prepend_header: soref(so); error = (*so->so_proto->pr_usrreqs->pru_send) (so, PRUS_NOTREADY, m, NULL, NULL, td); - sendfile_iodone(sfio, NULL, 0, 0); + sendfile_iodone(sfio, NULL, 0, error); } CURVNET_RESTORE(); - m = NULL; /* pru_send always consumes */ + m = NULL; if (error) goto done; sbytes += space + hdrlen; diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index 77ce876fd20f..852132e45e58 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -1763,18 +1763,13 @@ restart: #ifdef KERN_TLS if (tls != NULL && tls->mode == TCP_TLS_MODE_SW) { - /* - * Note that error is intentionally - * ignored. - * - * Like sendfile(), we rely on the - * completion routine (pru_ready()) - * to free the mbufs in the event that - * pru_send() encountered an error and - * did not append them to the sockbuf. - */ - soref(so); - ktls_enqueue(top, so, tls_enq_cnt); + if (error != 0) { + m_freem(top); + top = NULL; + } else { + soref(so); + ktls_enqueue(top, so, tls_enq_cnt); + } } #endif clen = 0;