This is a note to let you know that I've just added the patch titled net/tls: Fix inverted error codes to avoid endless loop to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: net-tls-fix-inverted-error-codes-to-avoid-endless-loop.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From foo@baz Sun Jan 28 17:35:08 CET 2018 From: "r.hering@xxxxxx" <r.hering@xxxxxx> Date: Fri, 12 Jan 2018 15:42:06 +0100 Subject: net/tls: Fix inverted error codes to avoid endless loop From: "r.hering@xxxxxx" <r.hering@xxxxxx> [ Upstream commit 30be8f8dba1bd2aff73e8447d59228471233a3d4 ] sendfile() calls can hang endless with using Kernel TLS if a socket error occurs. Socket error codes must be inverted by Kernel TLS before returning because they are stored with positive sign. If returned non-inverted they are interpreted as number of bytes sent, causing endless looping of the splice mechanic behind sendfile(). Signed-off-by: Robert Hering <r.hering@xxxxxx> Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- include/net/tls.h | 2 +- net/tls/tls_sw.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) --- a/include/net/tls.h +++ b/include/net/tls.h @@ -168,7 +168,7 @@ static inline bool tls_is_pending_open_r static inline void tls_err_abort(struct sock *sk) { - sk->sk_err = -EBADMSG; + sk->sk_err = EBADMSG; sk->sk_error_report(sk); } --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -407,7 +407,7 @@ int tls_sw_sendmsg(struct sock *sk, stru while (msg_data_left(msg)) { if (sk->sk_err) { - ret = sk->sk_err; + ret = -sk->sk_err; goto send_end; } @@ -560,7 +560,7 @@ int tls_sw_sendpage(struct sock *sk, str size_t copy, required_size; if (sk->sk_err) { - ret = sk->sk_err; + ret = -sk->sk_err; goto sendpage_end; } Patches currently in stable-queue which might be from r.hering@xxxxxx are queue-4.14/net-tls-fix-inverted-error-codes-to-avoid-endless-loop.patch