From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI, SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6E4DCC433DF for ; Wed, 20 May 2020 08:42:21 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 354CE207D3 for ; Wed, 20 May 2020 08:42:21 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=novek.ru header.i=@novek.ru header.b="zO55wsSv" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726754AbgETImU (ORCPT ); Wed, 20 May 2020 04:42:20 -0400 Received: from novek.ru ([213.148.174.62]:52270 "EHLO novek.ru" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726224AbgETImT (ORCPT ); Wed, 20 May 2020 04:42:19 -0400 Received: from nat1.ooonet.ru (gw.zelenaya.net [91.207.137.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by novek.ru (Postfix) with ESMTPSA id CB262502976; Wed, 20 May 2020 11:42:14 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 novek.ru CB262502976 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=novek.ru; s=mail; t=1589964135; bh=OMrVTKV8ndyhJ+06po5LR5h9pOs942Ga5brcCyon0Bk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=zO55wsSveBM6POwwBH2ZMbkiYDYD+JhD0PAmZlRZY/BU06hXYz5HJhceSjRprGCjn 6qXLqG1wGd1XOkPhNxe3oeXb0JxNixsC5Gzh3/VtqgMXxmC8o8+B5PU92VOzQ/iDF9 SOB2AMvDsjnSgm8AVy41mh2f8ykMn7T+uaBscYwE= From: Vadim Fedorenko To: Jakub Kicinski , Boris Pismenny , Aviad Yehezkel , John Fastabend , Daniel Borkmann Cc: "David S. Miller" , netdev@vger.kernel.org, Vadim Fedorenko Subject: [net v3 2/2] net/tls: free record only on encryption error Date: Wed, 20 May 2020 11:41:44 +0300 Message-Id: <1589964104-9941-3-git-send-email-vfedorenko@novek.ru> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1589964104-9941-1-git-send-email-vfedorenko@novek.ru> References: <1589964104-9941-1-git-send-email-vfedorenko@novek.ru> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org We cannot free record on any transient error because it leads to losing previos data. Check socket error to know whether record must be freed or not. Fixes: d10523d0b3d7 ("net/tls: free the record on encryption error") Signed-off-by: Vadim Fedorenko --- net/tls/tls_sw.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index e61c024..cb72abe 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -798,9 +798,10 @@ static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk, psock = sk_psock_get(sk); if (!psock || !policy) { err = tls_push_record(sk, flags, record_type); - if (err && err != -EINPROGRESS) { + if (err && sk->sk_err == EBADMSG) { *copied -= sk_msg_free(sk, msg); tls_free_open_rec(sk); + err = -sk->sk_err; } if (psock) sk_psock_put(sk, psock); @@ -826,9 +827,10 @@ static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk, switch (psock->eval) { case __SK_PASS: err = tls_push_record(sk, flags, record_type); - if (err && err != -EINPROGRESS) { + if (err && sk->sk_err == EBADMSG) { *copied -= sk_msg_free(sk, msg); tls_free_open_rec(sk); + err = -sk->sk_err; goto out_err; } break; -- 1.8.3.1