From nobody Sat May 14 00:09:58 2022 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id D0F411AE315F; Sat, 14 May 2022 00:09:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4L0Qr64jdhz4SRm; Sat, 14 May 2022 00:09:58 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1652486998; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/uEgjaGpdM0iNBrYGpR0ymMwys60TpjkD7Qkkm44YUg=; b=PznJJc1FJ0TCjPr36Zorms1bT6Ist56CftMsEygocf50pVqABOdFhXpbNZ96gex2f6cjKT tsFNJPW/DJ6jKvGgfXI4ojpw6DHOpdDPXNNEIEvmdCIXneKt4FGRx62kn1LoRlcWD/RySS 8JEHMDViINp9Yr++x3T6JMS/hFlVJlNVXdhJ3rDHsqt7xfM0UBVp6C3yLv3vBdLSTmnOxJ FvhOZXILgry7dTpZCh+s8xCF+N7KYZo+701AgLhU53NrgI7bu13DUUJBuR7KUfdaj9sh6X Pdhym0JPpCbpXhnbYW8PYCDBumKbBb0H5XMSgrju3nLGIf0fENqIr7a92yARQA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6749D48B3; Sat, 14 May 2022 00:09:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 24E09wMh073713; Sat, 14 May 2022 00:09:58 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 24E09wi0073712; Sat, 14 May 2022 00:09:58 GMT (envelope-from git) Date: Sat, 14 May 2022 00:09:58 GMT Message-Id: <202205140009.24E09wi0073712@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: John Baldwin Subject: git: 2d6f628ab54a - stable/13 - OpenSSL: Cleanup record length checks for KTLS List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 2d6f628ab54aa90867a00c521a10203adee3b5c3 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1652486998; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/uEgjaGpdM0iNBrYGpR0ymMwys60TpjkD7Qkkm44YUg=; b=qxHSg/ldDEcj+CBmTBroN5bQNGvgmYFg8TR3PPpsQqX7oiP4Gc44WCewzXmprtNMhgvC6C 0p3OHZ5OsG7Ligr3+lNuv9wbJbSpyv2El/SVsXh7XCDaadYKdwNn/4ahEn+l5/JCkHrXEc y5ejk8c6xqfmetuVbe2Ux4gja4KXCfLfBZa4QgBoBvkn1uVHNC6HoyOvpyW6ZzVjd3T5YO WAlg6LxI31e8gB3ZBNtWSUxwpaAq0jqZtWk3bJT5DVvVd8GiNxbY7wHe2dc908jSXBLKzt MExfI7g5mWct7vgNEbg4mptelioqYoipzgiCXYkxsEXzZxaCQD1wxdsIkDHEoQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1652486998; a=rsa-sha256; cv=none; b=e5bIefDNJvbyih/j7GUCk9SEPggreP+zRu32UvO3VQpJhbnZ/wS3/BxG4xVKfEWaiSTN+1 chNNpP4JpVFcsbm/ZDR9S7k5qFK67EsGTuFun1KBiqTmnnTDwONFLFgBi7FdV2bHz5ZyHG K76hYpn6h04Q+qgW7VIm6AE5/XXTLirTOEdULkVbsI47g7bo+OztgXnpsn4I8iz3QKn5mJ Vp1ammaLqSUvV7F/fH2LFz0wtBsiSBy7w7N9d9L3bQ2B7pXfdRdmyBG/9DIiRy0HgokeN6 ZNupnOJiF3v0mAPb/NdzV6kRMUCOFtNSn9r9L1dcclHpCT097uuNl3nfKU3jSw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=2d6f628ab54aa90867a00c521a10203adee3b5c3 commit 2d6f628ab54aa90867a00c521a10203adee3b5c3 Author: John Baldwin AuthorDate: 2022-05-04 20:07:36 +0000 Commit: John Baldwin CommitDate: 2022-05-13 23:50:43 +0000 OpenSSL: Cleanup record length checks for KTLS In some corner cases the check for packets which exceed the allowed record length was missing when KTLS is initially enabled, when some unprocessed packets are still pending. Approved by: jkim Obtained from: OpenSSL commit 8fff986d52606e1a33f9404504535e2e2aee3e8b MFC after: 1 week Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D34972 (cherry picked from commit f6e5fcdc848fc24fe71f01ba583f13e762c0ab54) --- crypto/openssl/ssl/record/ssl3_record.c | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/crypto/openssl/ssl/record/ssl3_record.c b/crypto/openssl/ssl/record/ssl3_record.c index 9dda123d44fa..4fd22019ee7b 100644 --- a/crypto/openssl/ssl/record/ssl3_record.c +++ b/crypto/openssl/ssl/record/ssl3_record.c @@ -190,7 +190,7 @@ int ssl3_get_record(SSL *s) rr = RECORD_LAYER_get_rrec(&s->rlayer); rbuf = RECORD_LAYER_get_rbuf(&s->rlayer); - is_ktls_left = (rbuf->left > 0); + is_ktls_left = (SSL3_BUFFER_get_left(rbuf) > 0); max_recs = s->max_pipelines; if (max_recs == 0) max_recs = 1; @@ -412,7 +412,11 @@ int ssl3_get_record(SSL *s) len -= SSL3_RT_MAX_COMPRESSED_OVERHEAD; #endif - if (thisrr->length > len && !BIO_get_ktls_recv(s->rbio)) { + /* KTLS may use all of the buffer */ + if (BIO_get_ktls_recv(s->rbio) && !is_ktls_left) + len = SSL3_BUFFER_get_left(rbuf); + + if (thisrr->length > len) { SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_SSL3_GET_RECORD, SSL_R_ENCRYPTED_LENGTH_TOO_LONG); return -1; @@ -775,16 +779,28 @@ int ssl3_get_record(SSL *s) return -1; } - if (thisrr->length > SSL3_RT_MAX_PLAIN_LENGTH && !BIO_get_ktls_recv(s->rbio)) { + /* + * Usually thisrr->length is the length of a single record, but when + * KTLS handles the decryption, thisrr->length may be larger than + * SSL3_RT_MAX_PLAIN_LENGTH because the kernel may have coalesced + * multiple records. + * Therefore we have to rely on KTLS to check the plaintext length + * limit in the kernel. + */ + if (thisrr->length > SSL3_RT_MAX_PLAIN_LENGTH + && (!BIO_get_ktls_recv(s->rbio) || is_ktls_left)) { SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_SSL3_GET_RECORD, SSL_R_DATA_LENGTH_TOO_LONG); return -1; } - /* If received packet overflows current Max Fragment Length setting */ + /* + * Check if the received packet overflows the current + * Max Fragment Length setting. + * Note: USE_MAX_FRAGMENT_LENGTH_EXT and KTLS are mutually exclusive. + */ if (s->session != NULL && USE_MAX_FRAGMENT_LENGTH_EXT(s->session) - && thisrr->length > GET_MAX_FRAGMENT_LENGTH(s->session) - && !BIO_get_ktls_recv(s->rbio)) { + && thisrr->length > GET_MAX_FRAGMENT_LENGTH(s->session)) { SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_SSL3_GET_RECORD, SSL_R_DATA_LENGTH_TOO_LONG); return -1;