Commit e20691fa authored by Jakub Kicinski's avatar Jakub Kicinski

tls: rx: fix the false positive warning

I went too far in the accessor conversion, we can't use tls_strp_msg()
after decryption because the message may not be ready. What we care
about on this path is that the output skb is detached, i.e. we didn't
somehow just turn around and used the input skb with its TCP data
still attached. So look at the anchor directly.

Fixes: 84c61fe1 ("tls: rx: do not use the standard strparser")
Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent d11ef9cc
...@@ -2026,7 +2026,7 @@ int tls_sw_recvmsg(struct sock *sk, ...@@ -2026,7 +2026,7 @@ int tls_sw_recvmsg(struct sock *sk,
bool partially_consumed = chunk > len; bool partially_consumed = chunk > len;
struct sk_buff *skb = darg.skb; struct sk_buff *skb = darg.skb;
DEBUG_NET_WARN_ON_ONCE(darg.skb == tls_strp_msg(ctx)); DEBUG_NET_WARN_ON_ONCE(darg.skb == ctx->strp.anchor);
if (async) { if (async) {
/* TLS 1.2-only, to_decrypt must be text len */ /* TLS 1.2-only, to_decrypt must be text len */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment