Skip to content

Commit

Permalink
tls: rx: fix the false positive warning
Browse files Browse the repository at this point in the history
I went too far in the accessor conversion, we can't use tls_strp_msg()
after decryption because the message may not be ready. What we care
about on this path is that the output skb is detached, i.e. we didn't
somehow just turn around and used the input skb with its TCP data
still attached. So look at the anchor directly.

Fixes: 84c61fe ("tls: rx: do not use the standard strparser")
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
  • Loading branch information
Jakub Kicinski committed Jul 29, 2022
1 parent d11ef9c commit e20691f
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion net/tls/tls_sw.c
Original file line number Diff line number Diff line change
Expand Up @@ -2026,7 +2026,7 @@ int tls_sw_recvmsg(struct sock *sk,
bool partially_consumed = chunk > len;
struct sk_buff *skb = darg.skb;

DEBUG_NET_WARN_ON_ONCE(darg.skb == tls_strp_msg(ctx));
DEBUG_NET_WARN_ON_ONCE(darg.skb == ctx->strp.anchor);

if (async) {
/* TLS 1.2-only, to_decrypt must be text len */
Expand Down

0 comments on commit e20691f

Please sign in to comment.