Commit c43ac97b authored by Jakub Kicinski's avatar Jakub Kicinski Committed by David S. Miller
Browse files

net: tls: prevent false connection termination with offload 



Only decrypt_internal() performs zero copy on rx, all paths
which don't hit decrypt_internal() must set zc to false,
otherwise tls_sw_recvmsg() may return 0 causing the application
to believe that that connection got closed.

Currently this happens with device offload when new record
is first read from.

Fixes: d069b780 ("tls: Fix tls_device receive")
Signed-off-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: default avatarSimon Horman <simon.horman@netronome.com>
Reported-by: default avatarDavid Beckett <david.beckett@netronome.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 1b704c4a

net/tls/tls_sw.c

+2 −0
Original line number Diff line number Diff line
@@ -1484,6 +1484,8 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb, 


				return err;

			}

		} else {

			*zc = false;

		}



		rxm->full_len -= padding_length(ctx, tls_ctx, skb);

CRA Git | Maintained and supported by SUSTech CRA and CCSE