From patchwork Tue Nov 15 14:23:27 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antoine Damhet X-Patchwork-Id: 1704107 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4NBT2L5x4sz23lt for ; Wed, 16 Nov 2022 01:24:09 +1100 (AEDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ouwqw-00072l-3E; Tue, 15 Nov 2022 09:23:54 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ouwqt-0006wZ-Mh for qemu-devel@nongnu.org; Tue, 15 Nov 2022 09:23:51 -0500 Received: from mail.cri.epita.fr ([91.243.117.197] helo=mail-2.srv.cri.epita.fr) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ouwqq-0004j2-Mw for qemu-devel@nongnu.org; Tue, 15 Nov 2022 09:23:51 -0500 Received: from localhost (unknown [185.123.26.202]) (Authenticated sender: damhet_a) by mail-2.srv.cri.epita.fr (Postfix) with ESMTPSA id 2E9123FB8A; Tue, 15 Nov 2022 15:23:41 +0100 (CET) From: antoine.damhet@shadow.tech To: qemu-devel@nongnu.org Cc: vm@shadow.tech, Antoine Damhet Subject: [PATCH 0/2] TLS: fix read stall with large buffers Date: Tue, 15 Nov 2022 15:23:27 +0100 Message-Id: <20221115142329.92524-1-antoine.damhet@shadow.tech> X-Mailer: git-send-email 2.38.1 MIME-Version: 1.0 Received-SPF: pass client-ip=91.243.117.197; envelope-from=SRS0=Pw4Z=3P=lse.epita.fr=xdbob@cri.epita.fr; helo=mail-2.srv.cri.epita.fr X-Spam_score_int: -15 X-Spam_score: -1.6 X-Spam_bar: - X-Spam_report: (-1.6 / 5.0 requ) BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org From: Antoine Damhet At least with the TCP backend the tls implementation can stall because the current notification mechanism is based on the readyness status of the underlying file descriptor but gnutls can read all the data available while the consumer has only handled part (eg: the TCP implementation is capped to 4096 bytes per read). We encountered the bug on the real world using encrypted USB-redirection but we could reproduce it with virtio-serial. On the host side: ``` $ mkdir /tmp/tls-test $ echo 'test:8e6da54b954357236ec2eed1df0dc3542163dd03bf9c94f2d90781a3a3e443c9' > /tmp/tls-test/keys.psk $ qemu-system-x86_64 -m 4G -enable-kvm -device virtio-serial \ -object tls-creds-psk,id=tls0,endpoint=server,dir=/tmp/tls-test \ -chardev socket,server=on,wait=off,id=serial-sock,port=4242,host=127.0.0.1,tls-creds=tls0 \ -device virtserialport,chardev=serial-sock,name=test.serial \ -cdrom archlinux-2022.11.01-x86_64.iso # The sleep is to keep the socket open during the test $ python -c 'print(8192 * "a"); import time; time.sleep(600);' | \ openssl s_client -connect 127.0.0.1:4242 \ -psk 8e6da54b954357236ec2eed1df0dc3542163dd03bf9c94f2d90781a3a3e443c9 \ -psk_identity test ``` On the guest side: ``` # The socket is forced open, we stop cat manually $ cat /dev/virtio-ports/test.serial > test.data ^C # only part of the data was readable $ wc -c test.data 4096 ``` Antoine Damhet (2): crypto: TLS: introduce `check_pending` io/channel-tls: fix handling of bigger read buffers crypto/tlssession.c | 14 ++++++++ include/crypto/tlssession.h | 11 +++++++ io/channel-tls.c | 66 ++++++++++++++++++++++++++++++++++++- 3 files changed, 90 insertions(+), 1 deletion(-)