bpf: Sockmap/tls, skmsg can have wrapped skmsg that needs extra chaining

Its possible through a set of push, pop, apply helper calls to construct
a skmsg, which is just a ring of scatterlist elements, with the start
value larger than the end value. For example,

      end       start
  |_0_|_1_| ... |_n_|_n+1_|

Where end points at 1 and start points and n so that valid elements is
the set {n, n+1, 0, 1}.

Currently, because we don't build the correct chain only {n, n+1} will
be sent. This adds a check and sg_chain call to correctly submit the
above to the crypto and tls send path.

Fixes: 635a8c9b3da8d ("tls: add bpf support to sk_msg handling")
Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Jonathan Lemon <jonathan.lemon@gmail.com>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/bpf/20200111061206.8028-8-john.fastabend@gmail.com

diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 31f6bbbc899233b8142f41896ced4adbfe74dfaa..21c7725d17ca8d285b3fc1b91e79c216a365670a 100644 (file)
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -729,6 +729,12 @@ static int tls_push_record(struct sock *sk, int flags,
                sg_mark_end(sk_msg_elem(msg_pl, i));
        }
 
+       if (msg_pl->sg.end < msg_pl->sg.start) {
+               sg_chain(&msg_pl->sg.data[msg_pl->sg.start],
+                        MAX_SKB_FRAGS - msg_pl->sg.start + 1,
+                        msg_pl->sg.data);
+       }
+
        i = msg_pl->sg.start;
        sg_chain(rec->sg_aead_in, 2, &msg_pl->sg.data[i]);