release/5.2.42/net-tls-free-record-only-on-encryption-error.patch - pub/scm/linux/kernel/git/paulg/longterm-queue-5.2 - Git at Google

 From 9da82f696ee308a4dc474aefafc4b1b9b3316636 Mon Sep 17 00:00:00 2001
 From: Vadim Fedorenko <vfedorenko@novek.ru>
 Date: Wed, 20 May 2020 11:41:44 +0300
 Subject: [PATCH] net/tls: free record only on encryption error

 commit 635d9398178659d8ddba79dd061f9451cec0b4d1 upstream.

 We cannot free record on any transient error because it leads to
 losing previos data. Check socket error to know whether record must
 be freed or not.

 Fixes: d10523d0b3d7 ("net/tls: free the record on encryption error")
 Signed-off-by: Vadim Fedorenko <vfedorenko@novek.ru>
 Signed-off-by: David S. Miller <davem@davemloft.net>
 Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>

 diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
 index f9001c62ec80..8f624be6cc02 100644
 --- a/net/tls/tls_sw.c
 +++ b/net/tls/tls_sw.c
 @@ -793,9 +793,10 @@ static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk,
  	psock = sk_psock_get(sk);
  	if (!psock || !policy) {
  		err = tls_push_record(sk, flags, record_type);
 -		if (err && err != -EINPROGRESS) {
 +		if (err && sk->sk_err == EBADMSG) {
  			*copied -= sk_msg_free(sk, msg);
  			tls_free_open_rec(sk);
 +			err = -sk->sk_err;
  		}
  		return err;
  	}
 @@ -819,9 +820,10 @@ static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk,
  	switch (psock->eval) {
  	case __SK_PASS:
  		err = tls_push_record(sk, flags, record_type);
 -		if (err && err != -EINPROGRESS) {
 +		if (err && sk->sk_err == EBADMSG) {
  			*copied -= sk_msg_free(sk, msg);
  			tls_free_open_rec(sk);
 +			err = -sk->sk_err;
  			goto out_err;
  		}
  		break;
 --
 2.7.4
	From 9da82f696ee308a4dc474aefafc4b1b9b3316636 Mon Sep 17 00:00:00 2001
	From: Vadim Fedorenko <vfedorenko@novek.ru>
	Date: Wed, 20 May 2020 11:41:44 +0300
	Subject: [PATCH] net/tls: free record only on encryption error

	commit 635d9398178659d8ddba79dd061f9451cec0b4d1 upstream.

	We cannot free record on any transient error because it leads to
	losing previos data. Check socket error to know whether record must
	be freed or not.

	Fixes: d10523d0b3d7 ("net/tls: free the record on encryption error")
	Signed-off-by: Vadim Fedorenko <vfedorenko@novek.ru>
	Signed-off-by: David S. Miller <davem@davemloft.net>
	Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>

	diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
	index f9001c62ec80..8f624be6cc02 100644
	--- a/net/tls/tls_sw.c
	+++ b/net/tls/tls_sw.c
	@@ -793,9 +793,10 @@ static int bpf_exec_tx_verdict(struct sk_msg msg, struct sock sk,
	psock = sk_psock_get(sk);
	if (!psock \|\| !policy) {
	err = tls_push_record(sk, flags, record_type);
	- if (err && err != -EINPROGRESS) {
	+ if (err && sk->sk_err == EBADMSG) {
	*copied -= sk_msg_free(sk, msg);
	tls_free_open_rec(sk);
	+ err = -sk->sk_err;
	}
	return err;
	}
	@@ -819,9 +820,10 @@ static int bpf_exec_tx_verdict(struct sk_msg msg, struct sock sk,
	switch (psock->eval) {
	case __SK_PASS:
	err = tls_push_record(sk, flags, record_type);
	- if (err && err != -EINPROGRESS) {
	+ if (err && sk->sk_err == EBADMSG) {
	*copied -= sk_msg_free(sk, msg);
	tls_free_open_rec(sk);
	+ err = -sk->sk_err;
	goto out_err;
	}
	break;
	--
	2.7.4