This is a note to let you know that I've just added the patch titled
net: tls: fix async vs NIC crypto offload
to the 5.15-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
net-tls-fix-async-vs-nic-crypto-offload.patch
and it can be found in the queue-5.15 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From c706b2b5ed74d30436b85cbd8e63e969f6b5873a Mon Sep 17 00:00:00 2001
From: Jakub Kicinski <kuba@xxxxxxxxxx>
Date: Mon, 25 Apr 2022 16:33:09 -0700
Subject: net: tls: fix async vs NIC crypto offload
From: Jakub Kicinski <kuba@xxxxxxxxxx>
commit c706b2b5ed74d30436b85cbd8e63e969f6b5873a upstream.
When NIC takes care of crypto (or the record has already
been decrypted) we forget to update darg->async. ->async
is supposed to mean whether record is async capable on
input and whether record has been queued for async crypto
on output.
Reported-by: Gal Pressman <gal@xxxxxxxxxx>
Fixes: 3547a1f9d988 ("tls: rx: use async as an in-out argument")
Tested-by: Gal Pressman <gal@xxxxxxxxxx>
Link: https://lore.kernel.org/r/20220425233309.344858-1-kuba@xxxxxxxxxx
Signed-off-by: Jakub Kicinski <kuba@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/tls/tls_sw.c | 2 ++
1 file changed, 2 insertions(+)
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -1568,6 +1568,7 @@ static int decrypt_skb_update(struct soc
if (tlm->decrypted) {
darg->zc = false;
+ darg->async = false;
return 0;
}
@@ -1578,6 +1579,7 @@ static int decrypt_skb_update(struct soc
if (err > 0) {
tlm->decrypted = 1;
darg->zc = false;
+ darg->async = false;
goto decrypt_done;
}
}
Patches currently in stable-queue which might be from kuba@xxxxxxxxxx are
queue-5.15/mptcp-push-at-dss-boundaries.patch
queue-5.15/igb-extend-ptp-timestamp-adjustments-to-i211.patch
queue-5.15/net-veth-clear-gro-when-clearing-xdp-even-when-down.patch
queue-5.15/netlink-fix-kernel-infoleak-after-free-in-__skb_data.patch
queue-5.15/tls-hw-rx-use-return-value-of-tls_device_decrypted-t.patch
queue-5.15/tls-rx-don-t-store-the-record-type-in-socket-context.patch
queue-5.15/selftests-mptcp-add-missing-kconfig-for-nf-filter.patch
queue-5.15/tls-rx-drop-unnecessary-arguments-from-tls_setup_fro.patch
queue-5.15/tls-rx-use-async-as-an-in-out-argument.patch
queue-5.15/rtnetlink-fix-error-logic-of-ifla_bridge_flags-writi.patch
queue-5.15/tls-rx-factor-out-writing-contenttype-to-cmsg.patch
queue-5.15/uapi-in6-replace-temporary-label-with-rfc9486.patch
queue-5.15/tls-rx-wrap-decryption-arguments-in-a-structure.patch
queue-5.15/selftests-mptcp-add-missing-kconfig-for-nf-filter-in-v6.patch
queue-5.15/net-usb-dm9601-fix-wrong-return-value-in-dm9601_mdio.patch
queue-5.15/tls-rx-refactor-decrypt_skb_update.patch
queue-5.15/tls-rx-don-t-store-the-decryption-status-in-socket-c.patch
queue-5.15/tun-fix-xdp_rxq_info-s-queue_index-when-detaching.patch
queue-5.15/tls-rx-don-t-issue-wake-ups-when-data-is-decrypted.patch
queue-5.15/tls-rx-don-t-report-text-length-from-the-bowels-of-d.patch
queue-5.15/net-ip_tunnel-prevent-perpetual-headroom-growth.patch
queue-5.15/net-tls-fix-async-vs-nic-crypto-offload.patch
queue-5.15/mptcp-fix-possible-deadlock-in-subflow-diag.patch
queue-5.15/veth-try-harder-when-allocating-queue-memory.patch
queue-5.15/mptcp-clean-up-harmless-false-expressions.patch
queue-5.15/tls-rx-don-t-track-the-async-count.patch
queue-5.15/revert-tls-rx-move-counting-tlsdecrypterrors-for-sync.patch
queue-5.15/tls-rx-assume-crypto-always-calls-our-callback.patch
queue-5.15/tls-rx-move-counting-tlsdecrypterrors-for-sync.patch
queue-5.15/lan78xx-enable-auto-speed-configuration-for-lan7850-.patch
queue-5.15/tls-decrement-decrypt_pending-if-no-async-completion.patch
