Re: [bpf PATCH v2 2/6] bpf: tls fix transition through disconnect with close

Jakub Kicinski wrote: > On Thu, 11 Jul 2019 14:25:54 -0700, John Fastabend wrote: > > Jakub Kicinski wrote: > > > On Thu, 11 Jul 2019 09:47:16 -0700, John Fastabend wrote: > > > > Jakub Kicinski wrote: > > > > > On Wed, 10 Jul 2019 12:34:17 -0700, Jakub Kicinski wrote: > > > > > > > > > +

Re: [bpf PATCH v2 2/6] bpf: tls fix transition through disconnect with close

On Thu, 11 Jul 2019 14:25:54 -0700, John Fastabend wrote: > Jakub Kicinski wrote: > > On Thu, 11 Jul 2019 09:47:16 -0700, John Fastabend wrote: > > > Jakub Kicinski wrote: > > > > On Wed, 10 Jul 2019 12:34:17 -0700, Jakub Kicinski wrote: > > > > > > > > + if (sk->sk_prot->unha

Re: [bpf PATCH v2 2/6] bpf: tls fix transition through disconnect with close

Jakub Kicinski wrote: > On Thu, 11 Jul 2019 09:47:16 -0700, John Fastabend wrote: > > Jakub Kicinski wrote: > > > On Wed, 10 Jul 2019 12:34:17 -0700, Jakub Kicinski wrote: > > > > > > > + if (sk->sk_prot->unhash) > > > > > > > + sk->sk_prot->unhash(sk); > > > > > > > + } >

Re: [bpf PATCH v2 2/6] bpf: tls fix transition through disconnect with close

On Thu, 11 Jul 2019 09:47:16 -0700, John Fastabend wrote: > Jakub Kicinski wrote: > > On Wed, 10 Jul 2019 12:34:17 -0700, Jakub Kicinski wrote: > > > > > > + if (sk->sk_prot->unhash) > > > > > > + sk->sk_prot->unhash(sk); > > > > > > + } > > > > > > + > > > > > > +

Re: [bpf PATCH v2 2/6] bpf: tls fix transition through disconnect with close

Jakub Kicinski wrote: > On Wed, 10 Jul 2019 12:34:17 -0700, Jakub Kicinski wrote: > > > > > + if (sk->sk_prot->unhash) > > > > > + sk->sk_prot->unhash(sk); > > > > > + } > > > > > + > > > > > + ctx = tls_get_ctx(sk); > > > > > + if (ctx->tx_conf == TLS_SW

Re: [bpf PATCH v2 2/6] bpf: tls fix transition through disconnect with close

Jakub Kicinski wrote: > On Tue, 09 Jul 2019 20:39:24 -0700, John Fastabend wrote: > > Jakub Kicinski wrote: > > > On Mon, 08 Jul 2019 19:14:05 +, John Fastabend wrote: > > > > @@ -287,6 +313,27 @@ static void tls_sk_proto_cleanup(struct sock *sk, > > > > #endif > > > > } > > > > > > > > +

Re: [bpf PATCH v2 2/6] bpf: tls fix transition through disconnect with close

On Wed, 10 Jul 2019 12:34:17 -0700, Jakub Kicinski wrote: > > > > + if (sk->sk_prot->unhash) > > > > + sk->sk_prot->unhash(sk); > > > > + } > > > > + > > > > + ctx = tls_get_ctx(sk); > > > > + if (ctx->tx_conf == TLS_SW || ctx->rx_conf == TLS_SW

Re: [bpf PATCH v2 2/6] bpf: tls fix transition through disconnect with close

On Tue, 09 Jul 2019 20:39:24 -0700, John Fastabend wrote: > Jakub Kicinski wrote: > > On Mon, 08 Jul 2019 19:14:05 +, John Fastabend wrote: > > > @@ -287,6 +313,27 @@ static void tls_sk_proto_cleanup(struct sock *sk, > > > #endif > > > } > > > > > > +static void tls_sk_proto_unhash(struct

Re: [bpf PATCH v2 2/6] bpf: tls fix transition through disconnect with close

Jakub Kicinski wrote: > On Mon, 08 Jul 2019 19:14:05 +, John Fastabend wrote: > > @@ -287,6 +313,27 @@ static void tls_sk_proto_cleanup(struct sock *sk, > > #endif > > } > > > > +static void tls_sk_proto_unhash(struct sock *sk) > > +{ > > + struct inet_connection_sock *icsk = inet_csk(sk)

Re: [bpf PATCH v2 2/6] bpf: tls fix transition through disconnect with close

On Mon, 08 Jul 2019 19:14:05 +, John Fastabend wrote: > @@ -287,6 +313,27 @@ static void tls_sk_proto_cleanup(struct sock *sk, > #endif > } > > +static void tls_sk_proto_unhash(struct sock *sk) > +{ > + struct inet_connection_sock *icsk = inet_csk(sk); > + long timeo = sock_sndtimeo

[bpf PATCH v2 2/6] bpf: tls fix transition through disconnect with close

It is possible (via shutdown()) for TCP socks to go through TCP_CLOSE state via tcp_dosconnect() without actually calling tcp_close which would then call the tls close callback. Because of this a user could disconnect a socket then put it in a LISTEN state which would break our assumptions about so