This is a note to let you know that I've just added the patch titled
tls: rx: move counting TlsDecryptErrors for sync
to the 5.15-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
tls-rx-move-counting-tlsdecrypterrors-for-sync.patch
and it can be found in the queue-5.15 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
commit c2fb73ea5bd49d8a9c033c57ad6b98af0a162093
Author: Jakub Kicinski <kuba@xxxxxxxxxx>
Date: Mon Apr 11 12:19:10 2022 -0700
tls: rx: move counting TlsDecryptErrors for sync
[ Upstream commit 284b4d93daee56dff3e10029ddf2e03227f50dbf ]
Move counting TlsDecryptErrors to tls_do_decryption()
where differences between sync and async crypto are
reconciled.
No functional changes, this code just always gave
me a pause.
Signed-off-by: Jakub Kicinski <kuba@xxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Stable-dep-of: f7fa16d49837 ("tls: decrement decrypt_pending if no async completion will be called")
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index d3bbae9af9f41..85fa49170b4e5 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -274,6 +274,8 @@ static int tls_do_decryption(struct sock *sk,
ret = crypto_wait_req(ret, &ctx->async_wait);
}
+ if (ret == -EBADMSG)
+ TLS_INC_STATS(sock_net(sk), LINUX_MIB_TLSDECRYPTERROR);
if (async)
atomic_dec(&ctx->decrypt_pending);
@@ -1583,8 +1585,6 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb,
if (err < 0) {
if (err == -EINPROGRESS)
tls_advance_record_sn(sk, prot, &tls_ctx->rx);
- else if (err == -EBADMSG)
- TLS_INC_STATS(sock_net(sk), LINUX_MIB_TLSDECRYPTERROR);
return err;
}
