2026-07-06, 13:34:04 +0200, Ralf Lici wrote:
> Key slots are released through a kref and the existing release path frees
> the AEAD transforms from an RCU callback. That is not safe for all crypto
> implementations: crypto_free_aead can sleep, for example when an async or
> hardware implementation has teardown work to complete.
> 
> The AEAD transforms are only used while a key-slot reference is held, so
> the final kref put is enough to prove that no transform user remains.
> Queue the final crypto teardown on the ovpn workqueue, where sleeping is
> allowed, and keep the slot memory itself RCU-freed after the transforms
> have been released.
> 
> ovpn_crypto_config_get was the remaining lockless reader of transform

nit: encrypt/decrypt is also lockless, the difference is only the
refcount, no?

> state through ovpn_aead_crypto_alg. Make it take a key-slot reference
> before reading that state, so the transform lifetime is consistently tied
> to key-slot references. The previous patch drains ovpn_wq during module

Using rcu_work/queue_rcu_work (see commit 6624bba469a3 ("macsec: use
rcu_work to defer RX SA crypto cleanup out of softirq")) would avoid
some of the refactoring of the destroy helpers, and the (kind of weird
and ugly IMO) refcount dance in ovpn_crypto_config_get (with a fairly
big risk of "well it's dumb to take a refcount here, we could just do
everything under RCU").

-- 
Sabrina


_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to