• Jakub Kicinski's avatar
    tls: rx: read the input skb from ctx->recv_pkt · 541cc48b
    Jakub Kicinski authored
    Callers always pass ctx->recv_pkt into decrypt_skb_update(),
    and it propagates it to its callees. This may give someone
    the false impression that those functions can accept any valid
    skb containing a TLS record. That's not the case, the record
    sequence number is read from the context, and they can only
    take the next record coming out of the strp.
    
    Let the functions get the skb from the context instead of
    passing it in. This will also make it cleaner to return
    a different skb than ctx->recv_pkt as the decrypted one
    later on.
    
    Since we're touching the definition of decrypt_skb_update()
    use this as an opportunity to rename it.
    Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    541cc48b
tls_device.c 36.8 KB