Skip to content

Commit

Permalink
net/tls: fix corrupted data in recvmsg
Browse files Browse the repository at this point in the history 
[ Upstream commit 3fe16ed ]

If tcp socket has more data than Encrypted Handshake Message then
tls_sw_recvmsg will try to decrypt next record instead of returning
full control message to userspace as mentioned in comment. The next
message - usually Application Data - gets corrupted because it uses
zero copy for decryption that's why the data is not stored in skb
for next iteration. Revert check to not decrypt next record if
current is not Application Data.

Fixes: 692d7b5 ("tls: Fix recvmsg() to be able to peek across multiple records")
Signed-off-by: Vadim Fedorenko <vfedorenko@novek.ru>
Link: https://lore.kernel.org/r/1605413760-21153-1-git-send-email-vfedorenko@novek.ru
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  • Loading branch information
@vvfedorenko @gregkh
vvfedorenko authored and gregkh committed Nov 24, 2020
1 parent 108cb4f commit 8b380dd
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion net/tls/tls_sw.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1913,7 +1913,7 @@ int tls_sw_recvmsg(struct sock *sk,
* another message type
*/
msg->msg_flags |= MSG_EOR;
if (ctx->control != TLS_RECORD_TYPE_DATA)
if (control != TLS_RECORD_TYPE_DATA)
goto recv_end;
} else {
break;
Expand Down

0 comments on commit 8b380dd

Please sign in to comment.