From nobody Wed May 4 20:33:54 2022 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 8BD591AB4E53; Wed, 4 May 2022 20:33:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KtpSy3T8qz3nkP; Wed, 4 May 2022 20:33:54 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1651696434; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=abvDA7OeyyRNkEgLdXt3pIqer6mdjEuKR/qH1dx+oNs=; b=hn9CwgCXR3H/hun7JcpQHYlms7mmlfaacIfveLMyiSczhF6No7LEyS4uBoe7eS0XvjY6Dy wWSibFpO56yTnT+gV5V40aLaIuCmVHpR4CTyA7KgdDLzx9pWsUjoxRoDm44Md98Tf9WNTE wWB/GDT2rLAE10Im5LVoW3zznQEENpJcddeeREOoEkzipEFYZrh8o5DGo1d7hATtccRNQg XG5UmpI0JhddN2aKB4t/tWpUv83B0FuxvgJ0+Wci2CJl4mt4eoxa6DWGBS/x9HDw5FHfke oTlBucuNcUOdmAFd8HshWlkR+O4smMHXWeaWzaNJNzzE8CG6THM/DjtXBdb8kQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 581FA1A131; Wed, 4 May 2022 20:33:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 244KXsTx053074; Wed, 4 May 2022 20:33:54 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 244KXsdU053073; Wed, 4 May 2022 20:33:54 GMT (envelope-from git) Date: Wed, 4 May 2022 20:33:54 GMT Message-Id: <202205042033.244KXsdU053073@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: John Baldwin Subject: git: f6e5fcdc848f - main - OpenSSL: Cleanup record length checks for KTLS List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: f6e5fcdc848fc24fe71f01ba583f13e762c0ab54 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1651696434; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=abvDA7OeyyRNkEgLdXt3pIqer6mdjEuKR/qH1dx+oNs=; b=d4kqUZgAU62gC0EhC0YMp/0jlB+Ne4yi+M6rJpJMPG7nkukvDp8vdrlduLCoJJGqqugapk JDmURASBfwstoqY6oMyJKXxmHEbgHzRjTJdwzFxgIfWqIjcumMrrKRPf/8fnMGUjlhm7Ob tHvERU2MfhTudn+qhW3I15cBKSfqJrZKa4tpmwJK8J/5j3Vv5qIyszUQo+SaUzmWxPuK4M mlFICF2253jPnpWLGSwxkrmuNTFyZ9h3YeruX4bODu0AvRJrx7y5jwJjT8AyFIAfW8CSyE HNc0yTBjI1R0Zfd9+NDyy6wKZFWCVuTFmtC0Xne/xS2k/GtbmZ3q409MJZpqTw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1651696434; a=rsa-sha256; cv=none; b=sDcPTH8QDa9wmSZSCVrileOk8/MgX7IakPJwQQhpV3TlAlhsNXQcUQ/68FJiTwZr88w+R1 35ITH4eQ7+h78m7gNK8Cx+0tJl3rt1vGiwW4pkkWsWkqS6eZBQ2ozdUWgvOGYuNxYzFM4g fB6NcOLK6MalPx5VmK7DP9BhqnkxvwWhaffgt4nhXpPMI+iD/l/NcI9IVURNcCujKX1JeH BidKyB5Jj2nxHR2bJwmz/u+5Z85n38N5K8mfL4pgVEbi7FkyoludUbO8XxX+v7UHuNmQvD kYVghx1gitb1Npj83B5fPv1U7568KSiBZmDJB1OFT6yDrk/5FwFLENw4kzI/Aw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=f6e5fcdc848fc24fe71f01ba583f13e762c0ab54 commit f6e5fcdc848fc24fe71f01ba583f13e762c0ab54 Author: John Baldwin AuthorDate: 2022-05-04 20:07:36 +0000 Commit: John Baldwin CommitDate: 2022-05-04 20:07:36 +0000 OpenSSL: Cleanup record length checks for KTLS In some corner cases the check for packets which exceed the allowed record length was missing when KTLS is initially enabled, when some unprocessed packets are still pending. Approved by: jkim Obtained from: OpenSSL commit 8fff986d52606e1a33f9404504535e2e2aee3e8b MFC after: 1 week Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D34972 --- crypto/openssl/ssl/record/ssl3_record.c | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/crypto/openssl/ssl/record/ssl3_record.c b/crypto/openssl/ssl/record/ssl3_record.c index 9dda123d44fa..4fd22019ee7b 100644 --- a/crypto/openssl/ssl/record/ssl3_record.c +++ b/crypto/openssl/ssl/record/ssl3_record.c @@ -190,7 +190,7 @@ int ssl3_get_record(SSL *s) rr = RECORD_LAYER_get_rrec(&s->rlayer); rbuf = RECORD_LAYER_get_rbuf(&s->rlayer); - is_ktls_left = (rbuf->left > 0); + is_ktls_left = (SSL3_BUFFER_get_left(rbuf) > 0); max_recs = s->max_pipelines; if (max_recs == 0) max_recs = 1; @@ -412,7 +412,11 @@ int ssl3_get_record(SSL *s) len -= SSL3_RT_MAX_COMPRESSED_OVERHEAD; #endif - if (thisrr->length > len && !BIO_get_ktls_recv(s->rbio)) { + /* KTLS may use all of the buffer */ + if (BIO_get_ktls_recv(s->rbio) && !is_ktls_left) + len = SSL3_BUFFER_get_left(rbuf); + + if (thisrr->length > len) { SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_SSL3_GET_RECORD, SSL_R_ENCRYPTED_LENGTH_TOO_LONG); return -1; @@ -775,16 +779,28 @@ int ssl3_get_record(SSL *s) return -1; } - if (thisrr->length > SSL3_RT_MAX_PLAIN_LENGTH && !BIO_get_ktls_recv(s->rbio)) { + /* + * Usually thisrr->length is the length of a single record, but when + * KTLS handles the decryption, thisrr->length may be larger than + * SSL3_RT_MAX_PLAIN_LENGTH because the kernel may have coalesced + * multiple records. + * Therefore we have to rely on KTLS to check the plaintext length + * limit in the kernel. + */ + if (thisrr->length > SSL3_RT_MAX_PLAIN_LENGTH + && (!BIO_get_ktls_recv(s->rbio) || is_ktls_left)) { SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_SSL3_GET_RECORD, SSL_R_DATA_LENGTH_TOO_LONG); return -1; } - /* If received packet overflows current Max Fragment Length setting */ + /* + * Check if the received packet overflows the current + * Max Fragment Length setting. + * Note: USE_MAX_FRAGMENT_LENGTH_EXT and KTLS are mutually exclusive. + */ if (s->session != NULL && USE_MAX_FRAGMENT_LENGTH_EXT(s->session) - && thisrr->length > GET_MAX_FRAGMENT_LENGTH(s->session) - && !BIO_get_ktls_recv(s->rbio)) { + && thisrr->length > GET_MAX_FRAGMENT_LENGTH(s->session)) { SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_SSL3_GET_RECORD, SSL_R_DATA_LENGTH_TOO_LONG); return -1;