Page MenuHomeFreeBSD
Differential D31536

ktls: Fix accounting for TLS 1.0 empty fragments.
ClosedPublic
Actions

Authored by jhb on Aug 13 2021, 11:13 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Feb 26, 5:13 PM
Unknown Object (File)
Sun, Feb 22, 4:43 AM
Unknown Object (File)
Feb 8 2026, 11:08 AM
Unknown Object (File)
Feb 8 2026, 2:21 AM
Unknown Object (File)
Feb 2 2026, 1:47 PM
Unknown Object (File)
Jan 30 2026, 8:37 AM
Unknown Object (File)
Jan 28 2026, 1:59 AM
Unknown Object (File)
Jan 26 2026, 1:42 AM
View All Files
Subscribers
imp

Details

Reviewers
gallatin
Commits
rGaae23f64c28b: ktls: Fix accounting for TLS 1.0 empty fragments.
rGd16cb228c1a6: ktls: Fix accounting for TLS 1.0 empty fragments.
Summary

TLS 1.0 empty fragment mbufs have no payload and thus m_epg_npgs is
zero. However, these mbufs need to occupy a "unit" of space for the
purposes of M_NOTREADY tracking similar to regular mbufs. Previously
this was done for the page count returned from ktls_frame() and passed
to ktls_enqueue() as well as the page count passed to pru_ready().

However, sbready() and mb_free_notready() only use m_epg_nrdy to
determine the number of "units" of space in an M_EXT mbuf, so when a
TLS 1.0 fragment was marked ready it would mark one unit of the next
mbuf in the socket buffer as ready as well. To fix, set m_epg_nrdy to
1 for empty fragments. This actually simplifies the code as now only
ktls_frame() has to handle TLS 1.0 fragments explicitly and the rest
of the KTLS functions can just use m_epg_nrdy.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
sys/
kern/
12 lines

Diff 93768

View Options

sys/kern/uipc_ktls.c

Loading...