Merge: net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict()

MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/3383 JIRA: https://issues.redhat.com/browse/RHEL-16719 CVE: CVE-2023-6176 commit cfaa80c91f6f99b9342b6557f0f0e1143e434066 Author: Liu Jian <liujian56@huawei.com> Date: Sat Sep 9 16:14:34 2023 +0800 net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() Signed-off-by: Sabrina Dubroca <sdubroca@redhat.com> Approved-by: Antoine Tenart <atenart@redhat.com> Approved-by: Xin Long <lxin@redhat.com> Signed-off-by: Scott Weaver <scweaver@redhat.com>
2023-12-12 12:42:09 -05:00 · 2023-12-12 12:42:09 -05:00 · 45a7872f46
parent e3fcf3c6db e8d4a48d0f
commit 45a7872f46
1 changed files with 2 additions and 2 deletions
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@ -802,7 +802,7 @@ static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk,
 	psock = sk_psock_get(sk);
 	if (!psock || !policy) {
 		err = tls_push_record(sk, flags, record_type);
-		if (err && sk->sk_err == EBADMSG) {
+		if (err && err != -EINPROGRESS && sk->sk_err == EBADMSG) {
 			*copied -= sk_msg_free(sk, msg);
 			tls_free_open_rec(sk);
 			err = -sk->sk_err;
@ -831,7 +831,7 @@ more_data:
 	switch (psock->eval) {
 	case __SK_PASS:
 		err = tls_push_record(sk, flags, record_type);
-		if (err && sk->sk_err == EBADMSG) {
+		if (err && err != -EINPROGRESS && sk->sk_err == EBADMSG) {
 			*copied -= sk_msg_free(sk, msg);
 			tls_free_open_rec(sk);
 			err = -sk->sk_err;