release/5.2.37/net-tls-fix-async-operation.patch - pub/scm/linux/kernel/git/paulg/longterm-queue-5.2 - Git at Google

 From 290f3fae31cbe22cac05cef1697477a329f50a86 Mon Sep 17 00:00:00 2001
 From: Jakub Kicinski <jakub.kicinski@netronome.com>
 Date: Fri, 10 Jan 2020 04:38:32 -0800
 Subject: [PATCH] net/tls: fix async operation

 commit db885e66d268884dc72967279b7e84f522556abc upstream.

 Mallesham reports the TLS with async accelerator was broken by
 commit d10523d0b3d7 ("net/tls: free the record on encryption error")
 because encryption can return -EINPROGRESS in such setups, which
 should not be treated as an error.

 The error is also present in the BPF path (likely copied from there).

 Reported-by: Mallesham Jatharakonda <mallesham.jatharakonda@oneconvergence.com>
 Fixes: d3b18ad31f93 ("tls: add bpf support to sk_msg handling")
 Fixes: d10523d0b3d7 ("net/tls: free the record on encryption error")
 Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
 Reviewed-by: Simon Horman <simon.horman@netronome.com>
 Signed-off-by: David S. Miller <davem@davemloft.net>
 Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>

 diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
 index 98483c75f095..506cd1091967 100644
 --- a/net/tls/tls_sw.c
 +++ b/net/tls/tls_sw.c
 @@ -767,7 +767,7 @@ static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk,
  	psock = sk_psock_get(sk);
  	if (!psock || !policy) {
  		err = tls_push_record(sk, flags, record_type);
 -		if (err) {
 +		if (err && err != -EINPROGRESS) {
  			*copied -= sk_msg_free(sk, msg);
  			tls_free_open_rec(sk);
  		}
 @@ -796,7 +796,7 @@ static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk,
  	switch (psock->eval) {
  	case __SK_PASS:
  		err = tls_push_record(sk, flags, record_type);
 -		if (err < 0) {
 +		if (err && err != -EINPROGRESS) {
  			*copied -= sk_msg_free(sk, msg);
  			tls_free_open_rec(sk);
  			goto out_err;
 --
 2.7.4
	From 290f3fae31cbe22cac05cef1697477a329f50a86 Mon Sep 17 00:00:00 2001
	From: Jakub Kicinski <jakub.kicinski@netronome.com>
	Date: Fri, 10 Jan 2020 04:38:32 -0800
	Subject: [PATCH] net/tls: fix async operation

	commit db885e66d268884dc72967279b7e84f522556abc upstream.

	Mallesham reports the TLS with async accelerator was broken by
	commit d10523d0b3d7 ("net/tls: free the record on encryption error")
	because encryption can return -EINPROGRESS in such setups, which
	should not be treated as an error.

	The error is also present in the BPF path (likely copied from there).

	Reported-by: Mallesham Jatharakonda <mallesham.jatharakonda@oneconvergence.com>
	Fixes: d3b18ad31f93 ("tls: add bpf support to sk_msg handling")
	Fixes: d10523d0b3d7 ("net/tls: free the record on encryption error")
	Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
	Reviewed-by: Simon Horman <simon.horman@netronome.com>
	Signed-off-by: David S. Miller <davem@davemloft.net>
	Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>

	diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
	index 98483c75f095..506cd1091967 100644
	--- a/net/tls/tls_sw.c
	+++ b/net/tls/tls_sw.c
	@@ -767,7 +767,7 @@ static int bpf_exec_tx_verdict(struct sk_msg msg, struct sock sk,
	psock = sk_psock_get(sk);
	if (!psock \|\| !policy) {
	err = tls_push_record(sk, flags, record_type);
	- if (err) {
	+ if (err && err != -EINPROGRESS) {
	*copied -= sk_msg_free(sk, msg);
	tls_free_open_rec(sk);
	}
	@@ -796,7 +796,7 @@ static int bpf_exec_tx_verdict(struct sk_msg msg, struct sock sk,
	switch (psock->eval) {
	case __SK_PASS:
	err = tls_push_record(sk, flags, record_type);
	- if (err < 0) {
	+ if (err && err != -EINPROGRESS) {
	*copied -= sk_msg_free(sk, msg);
	tls_free_open_rec(sk);
	goto out_err;
	--
	2.7.4