From nobody Sun May 24 20:35:16 2026
Received: from mail-pj1-f53.google.com (mail-pj1-f53.google.com
 [209.85.216.53])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id D9FAB3839B4
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 16:54:06 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.53
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779382448; cv=none;
 b=SydRmWRDNabkrhr/kNjsFVTbM+md90/UqQuDC4FiODRfRz3hyF4A6iOMbgauCtt+7lzzhmlQ3yxUHpzAO3oQbt0UIjWTMqm21GN9PiXfaTR2vTy4jQPL6idmWTllJs7bDBqXBUgQMyFDsRlt8DocXqTQSsYJd0BjM1gR+KBrMRg=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779382448; c=relaxed/simple;
	bh=jepHYHDTa1oN1HMbzfjCFYecBgYw0CAbnE+uP9SC7wQ=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=dvBme7Q7Prh4dQhCFM5VSUOJ0VjvdhzYKW1MK/Vxio5Cbxj7jWgRK6RWG9UQAkKUM5UIPFAKHhBUUyKYwmyDBCbLKE1N65uZw1wyk+Ca7t01CEHNtEZm2hIF0CAqQPdvPQpE8QUGEOFzUtmzeeJFlKbW5EszftkJ3PREPc2N0P4=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=gmail.com;
 spf=pass smtp.mailfrom=gmail.com;
 dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b=FAaxIeCY; arc=none smtp.client-ip=209.85.216.53
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b="FAaxIeCY"
Received: by mail-pj1-f53.google.com with SMTP id
 98e67ed59e1d1-365d8e43759so3380452a91.0
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 09:54:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20251104; t=1779382446; x=1779987246;
 darn=vger.kernel.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=TZ3hB279QEnpQbR0KFTvz97dZDE5pAQRU4AviwCKwk8=;
        b=FAaxIeCYupyrzk95ZLGtkoFnGrKNyKkU1ZQj52wFlciQ6rMgrso8dHO/vMrxEV6fk/
         /eW3wwQTMrUtydKY2SVHIX2P6vyu55gKCLbBpjW+oR/c5+nBWJhwN0/gqamRZhUNG/Ad
         +P+XvVKd8XcT44tLDId5tDl1JMmiSK3uANkqyTXNRzJ39yPila5ilxbs+h+2SmHcfz21
         cC1pcTZ93dgzE/cxzPGAE6syC9dl2+x6ly1/X8NEm1a8FNDwKpf2S2B12lu3QeZBldUI
         MlA9QNUhk+cgJllTSwzXYdMNlsf3Spcg3QKgStf5WI3+uXqCckozyGgZQ54t+xgEwRmm
         mbEQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779382446; x=1779987246;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
         :to:cc:subject:date:message-id:reply-to;
        bh=TZ3hB279QEnpQbR0KFTvz97dZDE5pAQRU4AviwCKwk8=;
        b=RrfEekaw+nuKiQI0NjO/FX7ywE6rJvRbdva7qLDjREcqEUCtQD6Dj4NUcsggvq0Z3R
         pe9vzt1bq/QAZNWyKdgZ9OlzV7Fexcrv4p0yyZtL2/7s9YIh197vr/ghhpPAfBx52paQ
         c/L/Ydr/J9htJfnntJQJHgHACLZHUsOzClo2i3qcgR5zgWFJANiw6/pPHtVvJMKyIB2Q
         cOQ7TwIeV72+j0vwiC9aOaYDrL4+PDE82W6kirmQ14cTT0etCldf2ACgoku0/N3aw3/Q
         Y3cLLQVY6amPNqNwYDrISCg7Slby7bvh1h5359pG+EDsj5xhamMfpBBBreygZS/FLbc5
         YAtQ==
X-Forwarded-Encrypted: i=1;
 AFNElJ9nOx7G3AnhcfG0vPksd/ia/3QHh6KA2csUqcdbrm7XdJngAmFKHtpNP1eYjEgb9t1GR8yVCht9CHHrHGo=@vger.kernel.org
X-Gm-Message-State: AOJu0YwczabpwtBldyeyeGIfZtlRM6E0f4dUKX4YALGA/w2b0lc//9vM
	KIRaP7FJYiBZWj24LPyIBObCQLHTVSzL5vMhIXIdiWKajzaipKfit9S9
X-Gm-Gg: Acq92OHLEJENWRYnUqajGdc1JOsRvWUm3n2HrdweIt/it1A4KSUv1Z4iWUi7eiqO0Vg
	EKxd29Xabinlovhh5BzNE8nkF9qMKA4pspSagIXvBeLWqp665/tRg7YtgqdO5UsQue7Rc8vgD3Q
	DqpXLP4vIxcmnkSmF374jJa+XHtgeaiwoph1jkHoxeGiuUZItBy4MUf9nVXviKec3cN9Fx5jn1F
	47vJpAfU2KLzd7luq/9TO4g7JgegYguMOLIgh0jMFU+NSgDWqTlciuIPbupzDORllbfgEKSHc9M
	dVSZwwKNdZ9ifY3ukw8XrUUMRJvxk+mfxciHvCk2UEpBzyfvEZa8NnJzc0tVSfmBY0P7ERP9M8p
	DxpxUlqPxjQm4mv9yHsSueA5vx06soY6nNHpBsNnSWLsZtrY/HXmsd76XZLaKkrgjOVGeq7k0/C
	Gu+2q/V5le2k4umWzdpvEGbzwK
X-Received: by 2002:a17:90b:2fc6:b0:35b:d795:cf5d with SMTP id
 98e67ed59e1d1-36a49029ebamr2766601a91.5.1779382446154;
        Thu, 21 May 2026 09:54:06 -0700 (PDT)
Received: from paeyz.Davolink ([49.172.60.165])
        by smtp.gmail.com with ESMTPSA id
 98e67ed59e1d1-36a3d2079bbsm2955723a91.15.2026.05.21.09.54.03
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 21 May 2026 09:54:05 -0700 (PDT)
From: Yeonju Bae <iwasbaeyz@gmail.com>
To: netdev@vger.kernel.org
Cc: gregkh@linuxfoundation.org,
	security@kernel.org,
	john.fastabend@gmail.com,
	kuba@kernel.org,
	sd@queasysnail.net,
	davem@davemloft.net,
	edumazet@google.com,
	pabeni@redhat.com,
	horms@kernel.org,
	linux-kernel@vger.kernel.org,
	Yeonju Bae <iwasbaeyz@gmail.com>
Subject: [PATCH net] tls: avoid zc receive for file-backed pages
Date: Fri, 22 May 2026 01:53:28 +0900
Message-ID: <20260521165328.16112-1-iwasbaeyz@gmail.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <2026052150-stylus-germicide-780e@gregkh>
References: <2026052150-stylus-germicide-780e@gregkh>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

kTLS RX zc decrypt writes unauthenticated AEAD output directly into
pages pinned from the recvmsg iterator via tls_setup_from_iter().
For MAP_SHARED, PROT_WRITE file-backed destinations, those pages are
live page-cache pages rather than anonymous copies: MAP_SHARED does not
trigger copy-on-write, so FOLL_WRITE returns the actual page-cache page.

crypto_aead_decrypt() writes CTR-mode decryption output into the
scatter-gather list before the authentication tag is verified.  If the
tag check fails (-EBADMSG), the plaintext-like output is already
resident in the page-cache page.  exit_free_pages() calls put_page()
without any content cleanup, so the modification persists through the
backing file.  An independent open(O_RDONLY)/read() of the same file
returns different content and its SHA-256 changes.  MAP_PRIVATE is safe
via COW; PROT_READ-only destinations fail at iov_iter_get_pages2()
before any decryption occurs.

Avoid zc receive for file-backed destination pages.  In
tls_setup_from_iter(), after iov_iter_get_pages2() pins pages, check
each page with folio_mapping(page_folio(page)).  If any pinned page is
file-backed (mapping !=3D NULL), release the pinned pages and return
-EOPNOTSUPP.  Handle -EOPNOTSUPP in tls_decrypt_sw() by clearing
darg->zc and retrying, which causes tls_decrypt_sg() to allocate a
kernel bounce buffer instead.  Decryption output never reaches the
file-backed page; on tag failure the bounce buffer is discarded.

This follows the existing opportunistic zc retry pattern already used
for TLS 1.3 record type mismatches in tls_decrypt_sw().

Verified on linux-7.0-rc3 QEMU (x86-64), four destination types:
  MAP_SHARED+RW:   file_changed=3D0  (was 4077/4096 bytes before patch)
  MAP_PRIVATE+RW:  file_changed=3D0  (COW isolation; unchanged)
  anonymous heap:  no file backing  (unchanged)
  PROT_READ only:  file_changed=3D0  (EFAULT before decrypt; unchanged)

Signed-off-by: Yeonju Bae <iwasbaeyz@gmail.com>
---
 net/tls/tls_sw.c | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index a977b0434..c312a83b4 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -36,6 +36,7 @@
  */
=20
 #include <linux/bug.h>
+#include <linux/pagemap.h>
 #include <linux/sched/signal.h>
 #include <linux/module.h>
 #include <linux/kernel.h>
@@ -1443,6 +1444,34 @@ static int tls_setup_from_iter(struct iov_iter *from,
=20
 		length -=3D copied;
 		size +=3D copied;
+		/* Reject file-backed destination pages.  Writing unauthenticated
+		 * AEAD output into a page-cache page before tag verification
+		 * leaves the backing file modified even when recvmsg() returns
+		 * -EBADMSG.  Return -EOPNOTSUPP so the caller retries via the
+		 * non-ZC bounce-buffer path.
+		 */
+		{
+			ssize_t remain =3D copied;
+			size_t  off    =3D offset;
+			int     np =3D 0, j;
+
+			while (remain > 0) {
+				remain -=3D min_t(ssize_t, remain,
+						(ssize_t)(PAGE_SIZE - off));
+				off =3D 0;
+				np++;
+			}
+			for (j =3D 0; j < np; j++) {
+				if (folio_mapping(page_folio(pages[j]))) {
+					int k;
+
+					for (k =3D 0; k < np; k++)
+						put_page(pages[k]);
+					rc =3D -EOPNOTSUPP;
+					goto out;
+				}
+			}
+		}
 		while (copied) {
 			use =3D min_t(int, copied, PAGE_SIZE - offset);
=20
@@ -1699,6 +1728,14 @@ tls_decrypt_sw(struct sock *sk, struct tls_context *=
tls_ctx,
 	if (err < 0) {
 		if (err =3D=3D -EBADMSG)
 			TLS_INC_STATS(sock_net(sk), LINUX_MIB_TLSDECRYPTERROR);
+		if (err =3D=3D -EOPNOTSUPP && darg->zc) {
+			/* tls_setup_from_iter detected file-backed destination
+			 * pages; retry without ZC via the bounce-buffer path.
+			 */
+			darg->zc =3D false;
+			TLS_INC_STATS(sock_net(sk), LINUX_MIB_TLSDECRYPTRETRY);
+			return tls_decrypt_sw(sk, tls_ctx, msg, darg);
+		}
 		return err;
 	}
 	/* keep going even for ->async, the code below is TLS 1.3 */
--=20
2.43.0