From nobody Fri Dec 19 04:58:07 2025
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 020DC196C9B
	for <linux-kernel@vger.kernel.org>; Wed,  4 Dec 2024 07:48:05 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=170.10.133.124
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1733298487; cv=none;
 b=IeQfyQXx19YuNHktfEwL7PsAE6gc427AwwqGok/i/rxoBgoQyDVqwAb34JAdwymdF9WZ8Qh+oiott97o3ROruGCYeEnmEK63BrOxQMI9zcUWQu67IN9HDL0jl8LYNFc8AFdlIKO7rrTJQMti4GRcatrjR7FdAH5eTT/stQiZV2g=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1733298487; c=relaxed/simple;
	bh=zTMR4ciaXX8z8BIXCn8qa/xEjaRm9tVcN1NCX2QeVl4=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=UPRtp9OxRfy0JsYmbeRfCytN8FfCMX9gqyGsaG6BkLM8XIr9zoTAalcCHp6g8z0LRxrXfNBdmDehVMonI+051j0Y42kmhqkx+lFGZw9I+qsoynjBX/ZEsKiU9Wo7gsbbVWek+j/wUNAjTABaB4gViwXVerVzZRSOCoCDumWm9CI=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=redhat.com;
 spf=pass smtp.mailfrom=redhat.com;
 dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com
 header.b=R7qAy+MG; arc=none smtp.client-ip=170.10.133.124
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=redhat.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com
 header.b="R7qAy+MG"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1733298485;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=hgT0KaAv7Mulncn7BWSw8qo4G9KhUray8DDjrIXNIWU=;
	b=R7qAy+MG669lp6AjYrtQIubNetia0VpwBBy7lWRieq1s0UuE4h3diULarXaNhk0AOOaGJt
	Zxs2DudZ5IDULH3Ctm4QbV9AkYl6WjRaaUNYHYW5Bxv7VYYZQu8QAqy6F7zYQoGNC2avVT
	f5owqRL+a5qaDfI0HI6FmlmetcPwcIs=
Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com
 (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by
 relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,
 cipher=TLS_AES_256_GCM_SHA384) id us-mta-646-8acrGF5jNoW0SGWfDxNbIA-1; Wed,
 04 Dec 2024 02:48:02 -0500
X-MC-Unique: 8acrGF5jNoW0SGWfDxNbIA-1
X-Mimecast-MFC-AGG-ID: 8acrGF5jNoW0SGWfDxNbIA
Received: from mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com
 (mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.15])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS
 id 7AEF91955E7A;
	Wed,  4 Dec 2024 07:48:00 +0000 (UTC)
Received: from warthog.procyon.org.uk.com (unknown [10.42.28.48])
	by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP
 id B3AB41956089;
	Wed,  4 Dec 2024 07:47:57 +0000 (UTC)
From: David Howells <dhowells@redhat.com>
To: netdev@vger.kernel.org
Cc: David Howells <dhowells@redhat.com>,
	Marc Dionne <marc.dionne@auristor.com>,
	Yunsheng Lin <linyunsheng@huawei.com>,
	"David S. Miller" <davem@davemloft.net>,
	Eric Dumazet <edumazet@google.com>,
	Jakub Kicinski <kuba@kernel.org>,
	Paolo Abeni <pabeni@redhat.com>,
	linux-afs@lists.infradead.org,
	linux-kernel@vger.kernel.org
Subject: [PATCH net-next v2 10/39] rxrpc: Separate the packet length from the
 data length in rxrpc_txbuf
Date: Wed,  4 Dec 2024 07:46:38 +0000
Message-ID: <20241204074710.990092-11-dhowells@redhat.com>
In-Reply-To: <20241204074710.990092-1-dhowells@redhat.com>
References: <20241204074710.990092-1-dhowells@redhat.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.0 on 10.30.177.15
Content-Type: text/plain; charset="utf-8"

Separate the packet length from the data length (txb->len) stored in the
rxrpc_txbuf to make security calculations easier.  Also store the
allocation size as that's an upper bound on the size of the security
wrapper and change a number of fields to unsigned short as the amount of
data can't exceed the capacity of a UDP packet.

Also, whilst we're at it, use kzalloc() for txbufs.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Marc Dionne <marc.dionne@auristor.com>
cc: "David S. Miller" <davem@davemloft.net>
cc: Eric Dumazet <edumazet@google.com>
cc: Jakub Kicinski <kuba@kernel.org>
cc: Paolo Abeni <pabeni@redhat.com>
cc: linux-afs@lists.infradead.org
cc: netdev@vger.kernel.org
---
 net/rxrpc/ar-internal.h |  8 +++++---
 net/rxrpc/insecure.c    |  1 +
 net/rxrpc/output.c      |  7 ++++---
 net/rxrpc/rxkad.c       | 44 ++++++++++++++++++++++-------------------
 net/rxrpc/sendmsg.c     |  1 -
 net/rxrpc/txbuf.c       |  7 ++-----
 6 files changed, 36 insertions(+), 32 deletions(-)

diff --git a/net/rxrpc/ar-internal.h b/net/rxrpc/ar-internal.h
index 69e6f4b20bad..a5c0bc917641 100644
--- a/net/rxrpc/ar-internal.h
+++ b/net/rxrpc/ar-internal.h
@@ -821,9 +821,11 @@ struct rxrpc_txbuf {
 	rxrpc_serial_t		serial;		/* Last serial number transmitted with */
 	unsigned int		call_debug_id;
 	unsigned int		debug_id;
-	unsigned int		len;		/* Amount of data in buffer */
-	unsigned int		space;		/* Remaining data space */
-	unsigned int		offset;		/* Offset of fill point */
+	unsigned short		len;		/* Amount of data in buffer */
+	unsigned short		space;		/* Remaining data space */
+	unsigned short		offset;		/* Offset of fill point */
+	unsigned short		pkt_len;	/* Size of packet content */
+	unsigned short		alloc_size;	/* Amount of bufferage allocated */
 	unsigned int		flags;
 #define RXRPC_TXBUF_WIRE_FLAGS	0xff		/* The wire protocol flags */
 #define RXRPC_TXBUF_RESENT	0x100		/* Set if has been resent */
diff --git a/net/rxrpc/insecure.c b/net/rxrpc/insecure.c
index 751eb621021d..d665f486be5f 100644
--- a/net/rxrpc/insecure.c
+++ b/net/rxrpc/insecure.c
@@ -24,6 +24,7 @@ static struct rxrpc_txbuf *none_alloc_txbuf(struct rxrpc_=
call *call, size_t rema
=20
 static int none_secure_packet(struct rxrpc_call *call, struct rxrpc_txbuf =
*txb)
 {
+	txb->pkt_len =3D txb->len;
 	return 0;
 }
=20
diff --git a/net/rxrpc/output.c b/net/rxrpc/output.c
index a91be871ad96..df9af4ad4260 100644
--- a/net/rxrpc/output.c
+++ b/net/rxrpc/output.c
@@ -383,11 +383,11 @@ static size_t rxrpc_prepare_data_subpacket(struct rxr=
pc_call *call, struct rxrpc
 	enum rxrpc_req_ack_trace why;
 	struct rxrpc_connection *conn =3D call->conn;
 	struct kvec *kv =3D &call->local->kvec[subpkt];
-	size_t len =3D txb->len;
+	size_t len =3D txb->pkt_len;
 	bool last, more;
 	u8 flags;
=20
-	_enter("%x,{%d}", txb->seq, txb->len);
+	_enter("%x,%zd", txb->seq, len);
=20
 	txb->serial =3D serial;
=20
@@ -441,6 +441,7 @@ static size_t rxrpc_prepare_data_subpacket(struct rxrpc=
_call *call, struct rxrpc
 	whdr->cksum	=3D txb->cksum;
 	whdr->serviceId	=3D htons(conn->service_id);
 	kv->iov_base	=3D whdr;
+	len +=3D sizeof(*whdr);
 	// TODO: Convert into a jumbo header for tail subpackets
=20
 	trace_rxrpc_tx_data(call, txb->seq, txb->serial, flags, false);
@@ -509,7 +510,7 @@ static int rxrpc_send_data_packet(struct rxrpc_call *ca=
ll, struct rxrpc_txbuf *t
 	size_t len;
 	int ret;
=20
-	_enter("%x,{%d}", txb->seq, txb->len);
+	_enter("%x,{%d}", txb->seq, txb->pkt_len);
=20
 	len =3D rxrpc_prepare_data_packet(call, txb);
=20
diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c
index e3194d73dd84..755897fab626 100644
--- a/net/rxrpc/rxkad.c
+++ b/net/rxrpc/rxkad.c
@@ -148,14 +148,14 @@ static int rxkad_init_connection_security(struct rxrp=
c_connection *conn,
 static struct rxrpc_txbuf *rxkad_alloc_txbuf(struct rxrpc_call *call, size=
_t remain, gfp_t gfp)
 {
 	struct rxrpc_txbuf *txb;
-	size_t shdr, space;
+	size_t shdr, alloc, limit, part;
=20
 	remain =3D umin(remain, 65535 - sizeof(struct rxrpc_wire_header));
=20
 	switch (call->conn->security_level) {
 	default:
-		space =3D umin(remain, RXRPC_JUMBO_DATALEN);
-		return rxrpc_alloc_data_txbuf(call, space, 1, gfp);
+		alloc =3D umin(remain, RXRPC_JUMBO_DATALEN);
+		return rxrpc_alloc_data_txbuf(call, alloc, 1, gfp);
 	case RXRPC_SECURITY_AUTH:
 		shdr =3D sizeof(struct rxkad_level1_hdr);
 		break;
@@ -164,15 +164,21 @@ static struct rxrpc_txbuf *rxkad_alloc_txbuf(struct r=
xrpc_call *call, size_t rem
 		break;
 	}
=20
-	space =3D umin(round_down(RXRPC_JUMBO_DATALEN, RXKAD_ALIGN), remain + shd=
r);
-	space =3D round_up(space, RXKAD_ALIGN);
+	limit =3D round_down(RXRPC_JUMBO_DATALEN, RXKAD_ALIGN) - shdr;
+	if (remain < limit) {
+		part =3D remain;
+		alloc =3D round_up(shdr + part, RXKAD_ALIGN);
+	} else {
+		part =3D limit;
+		alloc =3D RXRPC_JUMBO_DATALEN;
+	}
=20
-	txb =3D rxrpc_alloc_data_txbuf(call, space, RXKAD_ALIGN, gfp);
+	txb =3D rxrpc_alloc_data_txbuf(call, alloc, RXKAD_ALIGN, gfp);
 	if (!txb)
 		return NULL;
=20
 	txb->offset +=3D shdr;
-	txb->space -=3D shdr;
+	txb->space =3D part;
 	return txb;
 }
=20
@@ -263,13 +269,13 @@ static int rxkad_secure_packet_auth(const struct rxrp=
c_call *call,
 	check =3D txb->seq ^ call->call_id;
 	hdr->data_size =3D htonl((u32)check << 16 | txb->len);
=20
-	txb->len +=3D sizeof(struct rxkad_level1_hdr);
-	pad =3D txb->len;
+	txb->pkt_len =3D sizeof(struct rxkad_level1_hdr) + txb->len;
+	pad =3D txb->pkt_len;
 	pad =3D RXKAD_ALIGN - pad;
 	pad &=3D RXKAD_ALIGN - 1;
 	if (pad) {
 		memset(txb->kvec[0].iov_base + txb->offset, 0, pad);
-		txb->len +=3D pad;
+		txb->pkt_len +=3D pad;
 	}
=20
 	/* start the encryption afresh */
@@ -298,7 +304,7 @@ static int rxkad_secure_packet_encrypt(const struct rxr=
pc_call *call,
 	struct rxkad_level2_hdr *rxkhdr =3D (void *)(whdr + 1);
 	struct rxrpc_crypt iv;
 	struct scatterlist sg;
-	size_t pad;
+	size_t content, pad;
 	u16 check;
 	int ret;
=20
@@ -309,23 +315,20 @@ static int rxkad_secure_packet_encrypt(const struct r=
xrpc_call *call,
 	rxkhdr->data_size =3D htonl(txb->len | (u32)check << 16);
 	rxkhdr->checksum =3D 0;
=20
-	txb->len +=3D sizeof(struct rxkad_level2_hdr);
-	pad =3D txb->len;
-	pad =3D RXKAD_ALIGN - pad;
-	pad &=3D RXKAD_ALIGN - 1;
-	if (pad) {
+	content =3D sizeof(struct rxkad_level2_hdr) + txb->len;
+	txb->pkt_len =3D round_up(content, RXKAD_ALIGN);
+	pad =3D txb->pkt_len - content;
+	if (pad)
 		memset(txb->kvec[0].iov_base + txb->offset, 0, pad);
-		txb->len +=3D pad;
-	}
=20
 	/* encrypt from the session key */
 	token =3D call->conn->key->payload.data[0];
 	memcpy(&iv, token->kad->session_key, sizeof(iv));
=20
-	sg_init_one(&sg, rxkhdr, txb->len);
+	sg_init_one(&sg, rxkhdr, txb->pkt_len);
 	skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher);
 	skcipher_request_set_callback(req, 0, NULL, NULL);
-	skcipher_request_set_crypt(req, &sg, &sg, txb->len, iv.x);
+	skcipher_request_set_crypt(req, &sg, &sg, txb->pkt_len, iv.x);
 	ret =3D crypto_skcipher_encrypt(req);
 	skcipher_request_zero(req);
 	return ret;
@@ -384,6 +387,7 @@ static int rxkad_secure_packet(struct rxrpc_call *call,=
 struct rxrpc_txbuf *txb)
=20
 	switch (call->conn->security_level) {
 	case RXRPC_SECURITY_PLAIN:
+		txb->pkt_len =3D txb->len;
 		ret =3D 0;
 		break;
 	case RXRPC_SECURITY_AUTH:
diff --git a/net/rxrpc/sendmsg.c b/net/rxrpc/sendmsg.c
index 546abb463c3f..786c1fb1369a 100644
--- a/net/rxrpc/sendmsg.c
+++ b/net/rxrpc/sendmsg.c
@@ -391,7 +391,6 @@ static int rxrpc_send_data(struct rxrpc_sock *rx,
 				goto out;
=20
 			txb->kvec[0].iov_len +=3D txb->len;
-			txb->len =3D txb->kvec[0].iov_len;
 			rxrpc_queue_packet(rx, call, txb, notify_end_tx);
 			txb =3D NULL;
 		}
diff --git a/net/rxrpc/txbuf.c b/net/rxrpc/txbuf.c
index 2a4291617d40..8b7c854ed3d7 100644
--- a/net/rxrpc/txbuf.c
+++ b/net/rxrpc/txbuf.c
@@ -24,7 +24,7 @@ struct rxrpc_txbuf *rxrpc_alloc_data_txbuf(struct rxrpc_c=
all *call, size_t data_
 	size_t total, hoff;
 	void *buf;
=20
-	txb =3D kmalloc(sizeof(*txb), gfp);
+	txb =3D kzalloc(sizeof(*txb), gfp);
 	if (!txb)
 		return NULL;
=20
@@ -49,14 +49,11 @@ struct rxrpc_txbuf *rxrpc_alloc_data_txbuf(struct rxrpc=
_call *call, size_t data_
 	txb->last_sent		=3D KTIME_MIN;
 	txb->call_debug_id	=3D call->debug_id;
 	txb->debug_id		=3D atomic_inc_return(&rxrpc_txbuf_debug_ids);
+	txb->alloc_size		=3D data_size;
 	txb->space		=3D data_size;
-	txb->len		=3D 0;
 	txb->offset		=3D sizeof(*whdr);
 	txb->flags		=3D call->conn->out_clientflag;
-	txb->ack_why		=3D 0;
 	txb->seq		=3D call->tx_prepared + 1;
-	txb->serial		=3D 0;
-	txb->cksum		=3D 0;
 	txb->nr_kvec		=3D 1;
 	txb->kvec[0].iov_base	=3D whdr;
 	txb->kvec[0].iov_len	=3D sizeof(*whdr);