diff options
| author |   Sabrina Dubroca <sd@queasysnail.net> | 2025-10-14 11:16:58 +0200 |
|---|---|---|
| committer |   Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2025-10-23 16:24:31 +0200 |
| commit | d9234cae029282494eafef74743b3a4b74b6c996 (patch) | |
| tree | 275a64d99db2faa27bbc58d86ac08a5b94871b35 /tools/perf/scripts/python/bin/ssh:/git@git.zx2c4.com | |
| parent | tls: wait for async encrypt in case of error during latter iterations of sendmsg (diff) | |
tls: always set record_type in tls_process_cmsg
[ Upstream commit b6fe4c29bb51cf239ecf48eacf72b924565cb619 ]
When userspace wants to send a non-DATA record (via the
TLS_SET_RECORD_TYPE cmsg), we need to send any pending data from a
previous MSG_MORE send() as a separate DATA record. If that DATA record
is encrypted asynchronously, tls_handle_open_record will return
-EINPROGRESS. This is currently treated as an error by
tls_process_cmsg, and it will skip setting record_type to the correct
value, but the caller (tls_sw_sendmsg_locked) handles that return
value correctly and proceeds with sending the new message with an
incorrect record_type (DATA instead of whatever was requested in the
cmsg).
Always set record_type before handling the open record. If
tls_handle_open_record returns an error, record_type will be
ignored. If it succeeds, whether with synchronous crypto (returning 0)
or asynchronous (returning -EINPROGRESS), the caller will proceed
correctly.
Fixes: a42055e8d2c3 ("net/tls: Add support for async encryption of records for performance")
Reported-by: Jann Horn <jannh@google.com>
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Link: https://patch.msgid.link/0457252e578a10a94e40c72ba6288b3a64f31662.1760432043.git.sd@queasysnail.net
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'tools/perf/scripts/python/bin/ssh:/git@git.zx2c4.com')
0 files changed, 0 insertions, 0 deletions