Skip to content

Commit 635d939

Browse files
vvfedorenkodavem330
authored andcommitted
net/tls: free record only on encryption error
We cannot free record on any transient error because it leads to losing previos data. Check socket error to know whether record must be freed or not. Fixes: d10523d ("net/tls: free the record on encryption error") Signed-off-by: Vadim Fedorenko <[email protected]> Signed-off-by: David S. Miller <[email protected]>
1 parent a7bff11 commit 635d939

File tree

1 file changed

+4
-2
lines changed

1 file changed

+4
-2
lines changed

net/tls/tls_sw.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -796,9 +796,10 @@ static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk,
796796
psock = sk_psock_get(sk);
797797
if (!psock || !policy) {
798798
err = tls_push_record(sk, flags, record_type);
799-
if (err && err != -EINPROGRESS) {
799+
if (err && sk->sk_err == EBADMSG) {
800800
*copied -= sk_msg_free(sk, msg);
801801
tls_free_open_rec(sk);
802+
err = -sk->sk_err;
802803
}
803804
if (psock)
804805
sk_psock_put(sk, psock);
@@ -824,9 +825,10 @@ static int bpf_exec_tx_verdict(struct sk_msg *msg, struct sock *sk,
824825
switch (psock->eval) {
825826
case __SK_PASS:
826827
err = tls_push_record(sk, flags, record_type);
827-
if (err && err != -EINPROGRESS) {
828+
if (err && sk->sk_err == EBADMSG) {
828829
*copied -= sk_msg_free(sk, msg);
829830
tls_free_open_rec(sk);
831+
err = -sk->sk_err;
830832
goto out_err;
831833
}
832834
break;

0 commit comments

Comments
 (0)