| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 24 Sep 2020 13:20:25 +0530
From: Rohit Maheshwari <rohitm@...lsio.com>
To: kuba@...nel.org, netdev@...r.kernel.org, davem@...emloft.net
Cc: vakul.garg@....com, secdev@...lsio.com,
Rohit Maheshwari <rohitm@...lsio.com>
Subject: [PATCH net] net/tls: sendfile fails with ktls offload
At first when sendpage gets called, if there is more data, 'more' in
tls_push_data() gets set which later sets pending_open_record_frags, but
when there is no more data in file left, and last time tls_push_data()
gets called, pending_open_record_frags doesn't get reset. And later when
2 bytes of encrypted alert comes as sendmsg, it first checks for
pending_open_record_frags, and since this is set, it creates a record with
0 data bytes to encrypt, meaning record length is prepend_size + tag_size
only, which causes problem.
We should set/reset pending_open_record_frags based on more bit.
Fixes: d829e9c4112b ("tls: convert to generic sk_msg interface")
Signed-off-by: Rohit Maheshwari <rohitm@...lsio.com>
---
net/tls/tls_device.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index b74e2741f74f..a02aadefd86e 100644
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -492,11 +492,11 @@ static int tls_push_data(struct sock *sk,
if (!size) {
last_record:
tls_push_record_flags = flags;
- if (more) {
- tls_ctx->pending_open_record_frags =
- !!record->num_frags;
+ /* set/clear pending_open_record_frags based on more */
+ tls_ctx->pending_open_record_frags = !!more;
+
+ if (more)
break;
- }
done = true;
}
--
2.18.1
Powered by blists - more mailing lists