Commit 3fe16edf authored by Vadim Fedorenko's avatar Vadim Fedorenko Committed by Jakub Kicinski

net/tls: fix corrupted data in recvmsg

If tcp socket has more data than Encrypted Handshake Message then
tls_sw_recvmsg will try to decrypt next record instead of returning
full control message to userspace as mentioned in comment. The next
message - usually Application Data - gets corrupted because it uses
zero copy for decryption that's why the data is not stored in skb
for next iteration. Revert check to not decrypt next record if
current is not Application Data.

Fixes: 692d7b5d ("tls: Fix recvmsg() to be able to peek across multiple records")
Signed-off-by: default avatarVadim Fedorenko <vfedorenko@novek.ru>
Link: https://lore.kernel.org/r/1605413760-21153-1-git-send-email-vfedorenko@novek.ruSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent fc70f5bf
......@@ -1913,7 +1913,7 @@ int tls_sw_recvmsg(struct sock *sk,
* another message type
*/
msg->msg_flags |= MSG_EOR;
if (ctx->control != TLS_RECORD_TYPE_DATA)
if (control != TLS_RECORD_TYPE_DATA)
goto recv_end;
} else {
break;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment