git.baikalelectronics.ru Git - kernel.git/commit

author	Jakub Kicinski <kuba@kernel.org>
	Tue, 5 Jul 2022 23:59:23 +0000 (16:59 -0700)
committer	David S. Miller <davem@davemloft.net>
	Wed, 6 Jul 2022 11:56:35 +0000 (12:56 +0100)
commit	1ee43917ccd04266110bfc25aa4b0682ffdabe56
tree	bc988ed5ef9f3a025aa4fa69d3f4cf41e42e1fbd	tree \| snapshot
parent	62862e3ca0975a60b9249a35e6ea9645e332e6de	commit \| diff

tls: rx: support optimistic decrypt to user buffer with TLS 1.3

We currently don't support decrypt to user buffer with TLS 1.3
because we don't know the record type and how much padding
record contains before decryption. In practice data records
are by far most common and padding gets used rarely so
we can assume data record, no padding, and if we find out
that wasn't the case - retry the crypto in place (decrypt
to skb).

To safeguard from user overwriting content type and padding
before we can check it attach a 1B sg entry where last byte
of the record will land.

Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>