diff options
author | Jakub Kicinski <kuba@kernel.org> | 2022-07-14 22:22:28 -0700 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2022-07-18 11:24:10 +0100 |
commit | 53d57999fe02785040bc53e2f12efc881f13ae17 (patch) | |
tree | 8742ebd402570e9e39927951eca26a6b2274c091 | |
parent | abb47dc95dc6e551ca79f51d296e77878fafa4d8 (diff) |
tls: rx: remove the message decrypted tracking
We no longer allow a decrypted skb to remain linked to ctx->recv_pkt.
Anything on the list is decrypted, anything on ctx->recv_pkt needs
to be decrypted.
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | include/net/strparser.h | 1 | ||||
-rw-r--r-- | net/tls/tls_sw.c | 10 |
2 files changed, 0 insertions, 11 deletions
diff --git a/include/net/strparser.h b/include/net/strparser.h index 88900b05443e..41e2ce9e9e10 100644 --- a/include/net/strparser.h +++ b/include/net/strparser.h @@ -72,7 +72,6 @@ struct sk_skb_cb { /* strp users' data follows */ struct tls_msg { u8 control; - u8 decrypted; } tls; /* temp_reg is a temporary register used for bpf_convert_data_end_access * when dst_reg == src_reg. diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index f5f06d1ba024..49cfaa8119c6 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -1563,21 +1563,13 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb, struct tls_context *tls_ctx = tls_get_ctx(sk); struct tls_prot_info *prot = &tls_ctx->prot_info; struct strp_msg *rxm = strp_msg(skb); - struct tls_msg *tlm = tls_msg(skb); int pad, err; - if (tlm->decrypted) { - darg->zc = false; - darg->async = false; - return 0; - } - if (tls_ctx->rx_conf == TLS_HW) { err = tls_device_decrypted(sk, tls_ctx, skb, rxm); if (err < 0) return err; if (err > 0) { - tlm->decrypted = 1; darg->zc = false; darg->async = false; goto decrypt_done; @@ -1610,7 +1602,6 @@ decrypt_done: rxm->full_len -= pad; rxm->offset += prot->prepend_size; rxm->full_len -= prot->overhead_size; - tlm->decrypted = 1; decrypt_next: tls_advance_record_sn(sk, prot, &tls_ctx->rx); @@ -2130,7 +2121,6 @@ static int tls_read_size(struct strparser *strp, struct sk_buff *skb) if (ret < 0) goto read_failure; - tlm->decrypted = 0; tlm->control = header[0]; data_len = ((header[4] & 0xFF) | (header[3] << 8)); |