** Description changed: [IMPACT] Clearing the sock TX queue in sk_set_socket() might cause unexpected out-of-order transmit when called from sock_orphan(), as outstanding packets can pick a different TX queue and bypass the ones already queued. This is undesired in general. More specifically, it breaks the in-order scheduling property guarantee for device-offloaded TLS sockets. Remove the call to sk_tx_queue_clear() in sk_set_socket(), and add it explicitly only where needed. - [FIXES] e022f0b4a03f "net: Introduce sk_tx_queue_mapping" This cleanly cherry picks into 5.4 from 5.8. It can be checked out in my branch here: https://git.launchpad.net/~bladernr/ubuntu/+source/linux/+git/focal 1889625-mxl-ktls-bugfix [REGRESSION RISK] - + low! [TEST] + reproducing the bug is not trivial. in general terms: + nic: ConnectX6-dx with crypto enabled + send intense encrypted tcp traffic with tls offload between many clients and one server. + * clients may run on the same machine. + * clients continuously opens and closes connection to server + + at some point decryption errores might arise on some of the clients.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1889625 Title: Bug fix for ktls feature To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1889625/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs