Backport fix commit ("tls: fix race between async notify and socket close") for CVE-2024-26583 [1].
It's dependent on three tls commits being used to simplify and factor out async waiting.
They also benefit backporting fix commit ("net: tls: handle backlogging of crypto requests")
for CVE-2024-26584 [2]. Therefore, add them for clean backport:
Jakub Kicinski (4):
tls: rx: simplify async wait
net: tls: factor out tls_*crypt_async_wait()
tls: fix race between async notify and socket close
net: tls: handle backlogging of crypto requests
Sabrina Dubroca (1):
tls: extract context alloc/initialization out of tls_set_sw_offload
Please review and consider applying these patches.
[1] https://lore.kernel.org/all/2024022146-traction-unjustly-f451@gregkh/
[2] https://lore.kernel.org/all/2024022148-showpiece-yanking-107c@gregkh/
include/net/tls.h | 6 --
net/tls/tls_sw.c | 199 ++++++++++++++++++++++++----------------------
2 files changed, 106 insertions(+), 99 deletions(-)
--
2.40.1
