HomeFreeBSD

ktls: Fix races that can lead to double initialization

Description

ktls: Fix races that can lead to double initialization

ktls_enable_rx() and ktls_enable_tx() have checks to return EALREADY if
the socket already has KTLS enabled. However, these are done without
any locks held and nothing blocks concurrent attempts to set the socket
option. I believe the worst outcome of the race is leaked memory.

Fix the problem by rechecking under the sockbuf lock. While here, unify
the locking protocol for sb_tls_info: require both the sockbuf and
socket I/O locks in order to enable KTLS. This means that either lock
is sufficient for checking whether KTLS is enabled in a given sockbuf,
which simplifies some refactoring further down the road.

Note that the SOLISTENING() check can go away because
SOCK_IO_RECV_LOCK() atomically locks the socket buffer and checks
whether the socket is a listening socket. This changes the returned
errno value, so update a test which checks it.

Reviewed by: gallatin
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D45674

Details

Provenance
markjAuthored on Jul 8 2024, 3:49 PM
Reviewer
gallatin
Differential Revision
D45674: ktls: Fix races that can lead to double initialization
Parents
rGe2e771deeca7: socket: Pass capsicum rights down to socket option handlers
Branches
Unknown
Tags
Unknown