Commit 520493f6 authored by Jakub Kicinski's avatar Jakub Kicinski

tls: splice_read: fix record type check

We don't support splicing control records. TLS 1.3 changes moved
the record type check into the decrypt if(). The skb may already
be decrypted and still be an alert.

Note that decrypt_skb_update() is idempotent and updates ctx->decrypted
so the if() is pointless.

Reorder the check for decryption errors with the content type check
while touching them. This part is not really a bug, because if
decryption failed in TLS 1.3 content type will be DATA, and for
TLS 1.2 it will be correct. Nevertheless its strange to touch output
before checking if the function has failed.

Fixes: fedf201e ("net: tls: Refactor control message handling on recv")
Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent ef0fc0b3
...@@ -2018,21 +2018,18 @@ ssize_t tls_sw_splice_read(struct socket *sock, loff_t *ppos, ...@@ -2018,21 +2018,18 @@ ssize_t tls_sw_splice_read(struct socket *sock, loff_t *ppos,
if (!skb) if (!skb)
goto splice_read_end; goto splice_read_end;
if (!ctx->decrypted) { err = decrypt_skb_update(sk, skb, NULL, &chunk, &zc, false);
err = decrypt_skb_update(sk, skb, NULL, &chunk, &zc, false); if (err < 0) {
tls_err_abort(sk, -EBADMSG);
/* splice does not support reading control messages */ goto splice_read_end;
if (ctx->control != TLS_RECORD_TYPE_DATA) { }
err = -EINVAL;
goto splice_read_end;
}
if (err < 0) { /* splice does not support reading control messages */
tls_err_abort(sk, -EBADMSG); if (ctx->control != TLS_RECORD_TYPE_DATA) {
goto splice_read_end; err = -EINVAL;
} goto splice_read_end;
ctx->decrypted = 1;
} }
rxm = strp_msg(skb); rxm = strp_msg(skb);
chunk = min_t(unsigned int, rxm->full_len, len); chunk = min_t(unsigned int, rxm->full_len, len);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment