• Jakub Kicinski's avatar
    net/tls: add a TX lock · 79ffe608
    Jakub Kicinski authored
    TLS TX needs to release and re-acquire the socket lock if send buffer
    fills up.
    
    TLS SW TX path currently depends on only allowing one thread to enter
    the function by the abuse of sk_write_pending. If another writer is
    already waiting for memory no new ones are allowed in.
    
    This has two problems:
     - writers don't wake other threads up when they leave the kernel;
       meaning that this scheme works for single extra thread (second
       application thread or delayed work) because memory becoming
       available will send a wake up request, but as Mallesham and
       Pooja report with larger number of threads it leads to threads
       being put to sleep indefinitely;
     - the delayed work does not get _scheduled_ but it may _run_ when
       other writers are present leading to crashes as writers don't
       expect state to change under their feet (same records get pushed
       and freed multiple times); it's hard to reliably bail from the
       work, however, because the mere presence of a writer does not
       guarantee that the writer will push pending records before exiting.
    
    Ensuring wakeups always happen will make the code basically open
    code a mutex. Just use a mutex.
    
    The TLS HW TX path does not have any locking (not even the
    sk_write_pending hack), yet it uses a per-socket sg_tx_data
    array to push records.
    
    Fixes: a42055e8 ("net/tls: Add support for async encryption of records for performance")
    Reported-by: default avatarMallesham  Jatharakonda <mallesh537@gmail.com>
    Reported-by: default avatarPooja Trivedi <poojatrivedi@gmail.com>
    Signed-off-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
    Reviewed-by: default avatarSimon Horman <simon.horman@netronome.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    79ffe608
tls_device.c 30.7 KB