summaryrefslogtreecommitdiffstats
path: root/net/tls
diff options
context:
space:
mode:
authorJakub Kicinski <jakub.kicinski@netronome.com>2019-03-28 14:54:43 -0700
committerDavid S. Miller <davem@davemloft.net>2019-03-29 13:38:50 -0700
commitc43ac97bac987e56c179598ce3398a95d55067bc (patch)
tree3e320a07187839f783d0359a0736be494607a6de /net/tls
parent1b704c4a1ba95574832e730f23817b651db2aa59 (diff)
downloadlinux-c43ac97bac987e56c179598ce3398a95d55067bc.tar.gz
linux-c43ac97bac987e56c179598ce3398a95d55067bc.tar.bz2
linux-c43ac97bac987e56c179598ce3398a95d55067bc.zip
net: tls: prevent false connection termination with offload
Only decrypt_internal() performs zero copy on rx, all paths which don't hit decrypt_internal() must set zc to false, otherwise tls_sw_recvmsg() may return 0 causing the application to believe that that connection got closed. Currently this happens with device offload when new record is first read from. Fixes: d069b780e367 ("tls: Fix tls_device receive") Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com> Reviewed-by: Simon Horman <simon.horman@netronome.com> Reported-by: David Beckett <david.beckett@netronome.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/tls')
-rw-r--r--net/tls/tls_sw.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 425351ac2a9b..20b191227969 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -1484,6 +1484,8 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb,
return err;
}
+ } else {
+ *zc = false;
}
rxm->full_len -= padding_length(ctx, tls_ctx, skb);