git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Benjamin Coddington <bcodding@redhat.com>
	Fri, 15 Nov 2024 13:59:36 +0000 (08:59 -0500)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 5 Dec 2024 13:03:09 +0000 (14:03 +0100)
commit	a84e6c15f101cd08f7534b09ecab5c21bdc0d72b
tree	fed43a0279ed3db4aaa2187b2df5dc732318f47f	tree
parent	66d11ca91bf5100ae2e6b5efad97e58d8448843a	commit \| diff

SUNRPC: timeout and cancel TLS handshake with -ETIMEDOUT

[ Upstream commit d7bdd849ef1b681da03ac05ca0957b2cbe2d24b6 ]

We've noticed a situation where an unstable TCP connection can cause the
TLS handshake to timeout waiting for userspace to complete it.  When this
happens, we don't want to return from xs_tls_handshake_sync() with zero, as
this will cause the upper xprt to be set CONNECTED, and subsequent attempts
to transmit will be returned with -EPIPE.  The sunrpc machine does not
recover from this situation and will spin attempting to transmit.

The return value of tls_handshake_cancel() can be used to detect a race
with completion:

* tls_handshake_cancel - cancel a pending handshake
* Return values:
*   %true - Uncompleted handshake request was canceled
*   %false - Handshake request already completed or not found

If true, we do not want the upper xprt to be connected, so return
-ETIMEDOUT.  If false, its possible the handshake request was lost and
that may be the reason for our timeout.  Again we do not want the upper
xprt to be connected, so return -ETIMEDOUT.

Ensure that we alway return an error from xs_tls_handshake_sync() if we
call tls_handshake_cancel().

Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Fixes: 75eb6af7acdf ("SUNRPC: Add a TCP-with-TLS RPC transport class")
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>