Page MenuHomeFreeBSD
Differential D31536

ktls: Fix accounting for TLS 1.0 empty fragments.
ClosedPublic
Actions

Authored by jhb on Aug 13 2021, 11:13 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Oct 13, 11:17 AM
Unknown Object (File)
Sun, Oct 12, 4:25 PM
Unknown Object (File)
Sun, Oct 12, 3:54 PM
Unknown Object (File)
Sun, Oct 12, 4:55 AM
Unknown Object (File)
Sat, Oct 11, 10:26 PM
Unknown Object (File)
Sep 15 2025, 12:13 AM
Unknown Object (File)
Aug 2 2025, 9:39 AM
Unknown Object (File)
Jul 8 2025, 3:57 PM
View All 87 Files
Subscribers
imp

Details

Reviewers
gallatin
Commits
rGaae23f64c28b: ktls: Fix accounting for TLS 1.0 empty fragments.
rGd16cb228c1a6: ktls: Fix accounting for TLS 1.0 empty fragments.
Summary

TLS 1.0 empty fragment mbufs have no payload and thus m_epg_npgs is
zero. However, these mbufs need to occupy a "unit" of space for the
purposes of M_NOTREADY tracking similar to regular mbufs. Previously
this was done for the page count returned from ktls_frame() and passed
to ktls_enqueue() as well as the page count passed to pru_ready().

However, sbready() and mb_free_notready() only use m_epg_nrdy to
determine the number of "units" of space in an M_EXT mbuf, so when a
TLS 1.0 fragment was marked ready it would mark one unit of the next
mbuf in the socket buffer as ready as well. To fix, set m_epg_nrdy to
1 for empty fragments. This actually simplifies the code as now only
ktls_frame() has to handle TLS 1.0 fragments explicitly and the rest
of the KTLS functions can just use m_epg_nrdy.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
sys/
kern/
12 lines

Diff 93768

View Options

sys/kern/uipc_ktls.c

Loading...