linux

mirror of synced 2025-03-06 20:59:54 +01:00

History

Guangguan Wang a4b6539038 net/smc: fix data error when recvmsg with MSG_PEEK flag When recvmsg with MSG_PEEK flag, the data will be copied to user's buffer without advancing consume cursor and without reducing the length of rx available data. Once the expected peek length is larger than the value of bytes_to_rcv, in the loop of do while in smc_rx_recvmsg, the first loop will copy bytes_to_rcv bytes of data from the position local_tx_ctrl.cons, the second loop will copy the min(bytes_to_rcv, read_remaining) bytes from the position local_tx_ctrl.cons again because of the lacking of process with advancing consume cursor and reducing the length of available data. So do the subsequent loops. The data copied in the second loop and the subsequent loops will result in data error, as it should not be copied if no more data arrives and it should be copied from the position advancing bytes_to_rcv bytes from the local_tx_ctrl.cons if more data arrives. This issue can be reproduce by the following python script: server.py: import socket import time server_ip = '0.0.0.0' server_port = 12346 server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) server_socket.bind((server_ip, server_port)) server_socket.listen(1) print('Server is running and listening for connections...') conn, addr = server_socket.accept() print('Connected by', addr) while True: data = conn.recv(1024) if not data: break print('Received request:', data.decode()) conn.sendall(b'Hello, client!\n') time.sleep(5) conn.sendall(b'Hello, again!\n') conn.close() client.py: import socket server_ip = '<server ip>' server_port = 12346 resp=b'Hello, client!\nHello, again!\n' client_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) client_socket.connect((server_ip, server_port)) request = 'Hello, server!' client_socket.sendall(request.encode()) peek_data = client_socket.recv(len(resp), socket.MSG_PEEK \| socket.MSG_WAITALL) print('Peeked data:', peek_data.decode()) client_socket.close() Fixes: `952310ccf2` ("smc: receive data from RMBE") Reported-by: D. Wythe <alibuda@linux.alibaba.com> Signed-off-by: Guangguan Wang <guangguan.wang@linux.alibaba.com> Link: https://patch.msgid.link/20250104143201.35529-1-guangguan.wang@linux.alibaba.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>		2025-01-13 18:59:00 -08:00
..
af_smc.c	net/smc: fix data error when recvmsg with MSG_PEEK flag	2025-01-13 18:59:00 -08:00
Kconfig	net/smc: introduce loopback-ism for SMC intra-OS shortcut	2024-04-30 13:24:48 +02:00
Makefile	net/smc: Introduce IPPROTO_SMC	2024-06-17 13:14:09 +01:00
smc.h	net/smc: Address spelling errors	2024-10-10 09:05:20 -07:00
smc_cdc.c	net/smc: adapt cursor update when sndbuf and peer DMB are merged	2024-04-30 13:24:48 +02:00
smc_cdc.h	net/smc: fix kernel panic caused by race of smc_sock	2021-12-28 12:42:45 +00:00
smc_clc.c	net/smc: check return value of sock_recvmsg when draining clc data	2024-12-15 12:34:59 +00:00
smc_clc.h	net/smc: check smcd_v2_ext_offset when receiving proposal msg	2024-12-15 12:34:59 +00:00
smc_close.c	net/smc: put sk reference if close work was canceled	2023-11-06 10:01:07 +00:00
smc_close.h	net/smc: remove close abort worker	2019-10-22 11:23:44 -07:00
smc_core.c	net/smc: delete pointless divide by one	2025-01-11 13:08:54 -08:00
smc_core.h	net/smc: support SMC-R V2 for rdma devices with max_recv_sge equals to 1	2024-12-12 13:50:00 +01:00
smc_diag.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2024-01-25 14:20:08 -08:00
smc_ib.c	net/smc: support SMC-R V2 for rdma devices with max_recv_sge equals to 1	2024-12-12 13:50:00 +01:00
smc_ib.h	net/smc: fix smc clc failed issue when netdevice not in init_net	2023-10-13 16:52:02 -07:00
smc_inet.c	net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC	2024-10-10 08:48:11 -07:00
smc_inet.h	net/smc: Introduce IPPROTO_SMC	2024-06-17 13:14:09 +01:00
smc_ism.c	net/smc: add operations to merge sndbuf with peer DMB	2024-04-30 13:24:48 +02:00
smc_ism.h	net/smc: add operations to merge sndbuf with peer DMB	2024-04-30 13:24:48 +02:00
smc_llc.c	net/smc: support SMC-R V2 for rdma devices with max_recv_sge equals to 1	2024-12-12 13:50:00 +01:00
smc_llc.h	net/smc: Introduce a specific sysctl for TEST_LINK time	2022-09-22 12:58:21 +02:00
smc_loopback.c	net/smc: implement DMB-merged operations of loopback-ism	2024-04-30 13:24:49 +02:00
smc_loopback.h	net/smc: remove unreferenced header in smc_loopback.h file	2024-07-31 11:48:58 +01:00
smc_netlink.c	genetlink: start to validate reserved header bytes	2022-08-29 12:47:15 +01:00
smc_netlink.h	net/smc: add support for user defined EIDs	2021-09-14 12:49:10 +01:00
smc_netns.h	net/smc: introduce list of pnetids for Ethernet devices	2020-09-28 15:19:03 -07:00
smc_pnet.c	net/smc: Fix lookup of netdev by using ib_device_get_netdev()	2024-11-07 11:24:19 -08:00
smc_pnet.h	net/smc: Use a mutex for locking "struct smc_pnettable"	2022-02-24 09:09:33 -08:00
smc_rx.c	net/smc: fix data error when recvmsg with MSG_PEEK flag	2025-01-13 18:59:00 -08:00
smc_rx.h	net/smc: fix data error when recvmsg with MSG_PEEK flag	2025-01-13 18:59:00 -08:00
smc_stats.c	net/smc: introduce statistics for ringbufs usage of net namespace	2024-08-20 11:38:23 +02:00
smc_stats.h	net/smc: introduce statistics for ringbufs usage of net namespace	2024-08-20 11:38:23 +02:00
smc_sysctl.c	net/smc: add sysctl for smc_limit_hs	2024-09-10 12:11:04 +02:00
smc_sysctl.h	net/smc: add sysctl for max conns per lgr for SMC-R v2.1	2023-11-24 12:13:14 +00:00
smc_tracepoint.c	net/smc: Introduce tracepoint for smcr link down	2021-11-01 13:39:14 +00:00
smc_tracepoint.h	tracing/treewide: Remove second parameter of __assign_str()	2024-05-22 20:14:47 -04:00
smc_tx.c	net/smc: remove unneeded atomic operations in smc_tx_sndbuf_nonempty	2023-11-24 15:00:47 +00:00
smc_tx.h	smc: Drop smc_sendpage() in favour of smc_sendmsg() + MSG_SPLICE_PAGES	2023-06-24 15:50:12 -07:00
smc_wr.c	net/smc: support SMC-R V2 for rdma devices with max_recv_sge equals to 1	2024-12-12 13:50:00 +01:00
smc_wr.h	net/smc: Use percpu ref for wr tx reference	2023-03-17 08:59:01 +00:00