git.baikalelectronics.ru Git - kernel.git/commit

author	Rohit Maheshwari <rohitm@chelsio.com>
	Wed, 19 Feb 2020 04:10:22 +0000 (09:40 +0530)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 5 Mar 2020 15:43:32 +0000 (16:43 +0100)
commit	4bdeb94e4b2cc73195b8dd706a9a74e67f932b1e
tree	fbfe96bfeec1e524a6451491591f3754ff07cef4	tree \| snapshot
parent	16d12e94bab7990f04df3a609af20adb8f19378f	commit \| diff

net/tls: Fix to avoid gettig invalid tls record

[ Upstream commit 67e1041ac9e9e2fb259dc37681fdb181e9b87619 ]

Current code doesn't check if tcp sequence number is starting from (/after)
1st record's start sequnce number. It only checks if seq number is before
1st record's end sequnce number. This problem will always be a possibility
in re-transmit case. If a record which belongs to a requested seq number is
already deleted, tls_get_record will start looking into list and as per the
check it will look if seq number is before the end seq of 1st record, which
will always be true and will return 1st record always, it should in fact
return NULL.
As part of the fix, start looking each record only if the sequence number
lies in the list else return NULL.
There is one more check added, driver look for the start marker record to
handle tcp packets which are before the tls offload start sequence number,
hence return 1st record if the record is tls start marker and seq number is
before the 1st record's starting sequence number.

Fixes: e31ec02c9978 ("net/tls: Add generic NIC offload infrastructure")
Signed-off-by: Rohit Maheshwari <rohitm@chelsio.com>
Reviewed-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>