lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 Apr 2022 11:31:33 -0700 From: Jakub Kicinski <kuba@...nel.org> To: davem@...emloft.net, pabeni@...hat.com Cc: netdev@...r.kernel.org, borisp@...dia.com, john.fastabend@...il.com, daniel@...earbox.net, vfedorenko@...ek.ru, Jakub Kicinski <kuba@...nel.org> Subject: [PATCH net-next 10/11] tls: rx: clear ctx->recv_pkt earlier Whatever we do in the loop the skb should not remain on as ctx->recv_pkt afterwards. We can clear that pointer and restart strparser earlier. This adds overhead of extra linking and unlinking to rx_list but that's not large (upcoming change will switch to unlocked skb list operations). Signed-off-by: Jakub Kicinski <kuba@...nel.org> --- net/tls/tls_sw.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 3aa8fe1c6e77..71d8082647c8 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -1826,6 +1826,10 @@ int tls_sw_recvmsg(struct sock *sk, if (err <= 0) goto recv_end; + ctx->recv_pkt = NULL; + __strp_unpause(&ctx->strp); + skb_queue_tail(&ctx->rx_list, skb); + if (async) { /* TLS 1.2-only, to_decrypt must be text length */ chunk = min_t(int, to_decrypt, len); @@ -1840,10 +1844,9 @@ int tls_sw_recvmsg(struct sock *sk, if (err != __SK_PASS) { rxm->offset = rxm->offset + rxm->full_len; rxm->full_len = 0; + skb_unlink(skb, &ctx->rx_list); if (err == __SK_DROP) consume_skb(skb); - ctx->recv_pkt = NULL; - __strp_unpause(&ctx->strp); continue; } } @@ -1869,14 +1872,9 @@ int tls_sw_recvmsg(struct sock *sk, len -= chunk; /* For async or peek case, queue the current skb */ - if (async || is_peek || retain_skb) { - skb_queue_tail(&ctx->rx_list, skb); - ctx->recv_pkt = NULL; - __strp_unpause(&ctx->strp); - } else { + if (!(async || is_peek || retain_skb)) { + skb_unlink(skb, &ctx->rx_list); consume_skb(skb); - ctx->recv_pkt = NULL; - __strp_unpause(&ctx->strp); /* Return full control message to * userspace before trying to parse -- 2.34.1
Powered by blists - more mailing lists