diff options
| author |   Jakub Kicinski <jakub.kicinski@netronome.com> | 2019-06-03 15:16:59 -0700 |
|---|---|---|
| committer |   David S. Miller <davem@davemloft.net> | 2019-06-04 14:33:50 -0700 |
| commit | aeb11ff0dc46be309ba000af7e608f8d3695fd6e (patch) | |
| tree | f03aae57934103c8e271d89b472ba2351f840853 /net/tls/tls_device.c | |
| parent | net/tls: fully initialize the msg wrapper skb (diff) | |
| download | linux-dev-aeb11ff0dc46be309ba000af7e608f8d3695fd6e.tar.xz linux-dev-aeb11ff0dc46be309ba000af7e608f8d3695fd6e.zip | |
net/tls: check return values from skb_copy_bits() and skb_store_bits()
In light of recent bugs, we should make a better effort of
checking return values. In theory none of the functions should
fail today.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/tls/tls_device.c')
| -rw-r--r-- | net/tls/tls_device.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c index b95c408fd771..dde6513628d2 100644 --- a/net/tls/tls_device.c +++ b/net/tls/tls_device.c @@ -603,8 +603,10 @@ static int tls_device_reencrypt(struct sock *sk, struct sk_buff *skb) sg_set_buf(&sg[0], buf, rxm->full_len + TLS_HEADER_SIZE + TLS_CIPHER_AES_GCM_128_IV_SIZE); - skb_copy_bits(skb, offset, buf, - TLS_HEADER_SIZE + TLS_CIPHER_AES_GCM_128_IV_SIZE); + err = skb_copy_bits(skb, offset, buf, + TLS_HEADER_SIZE + TLS_CIPHER_AES_GCM_128_IV_SIZE); + if (err) + goto free_buf; /* We are interested only in the decrypted data not the auth */ err = decrypt_skb(sk, skb, sg); @@ -618,8 +620,11 @@ static int tls_device_reencrypt(struct sock *sk, struct sk_buff *skb) if (skb_pagelen(skb) > offset) { copy = min_t(int, skb_pagelen(skb) - offset, data_len); - if (skb->decrypted) - skb_store_bits(skb, offset, buf, copy); + if (skb->decrypted) { + err = skb_store_bits(skb, offset, buf, copy); + if (err) + goto free_buf; + } offset += copy; buf += copy; @@ -642,8 +647,11 @@ static int tls_device_reencrypt(struct sock *sk, struct sk_buff *skb) copy = min_t(int, skb_iter->len - frag_pos, data_len + rxm->offset - offset); - if (skb_iter->decrypted) - skb_store_bits(skb_iter, frag_pos, buf, copy); + if (skb_iter->decrypted) { + err = skb_store_bits(skb_iter, frag_pos, buf, copy); + if (err) + goto free_buf; + } offset += copy; buf += copy; |