[SRU,M,1/1] net: tls, update curr on splice as well

Message ID	20240129213023.1228125-3-magali.lemes@canonical.com
State	New
Headers	show Return-Path: <kernel-team-bounces@lists.ubuntu.com> From: Magali Lemes <magali.lemes@canonical.com> To: kernel-team@lists.ubuntu.com Subject: [SRU][M][PATCH 1/1] net: tls, update curr on splice as well Date: Mon, 29 Jan 2024 18:30:23 -0300 Message-Id: <20240129213023.1228125-3-magali.lemes@canonical.com> In-Reply-To: <20240129213023.1228125-1-magali.lemes@canonical.com> References: <20240129213023.1228125-1-magali.lemes@canonical.com> MIME-Version: 1.0 Precedence: list Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>
Series	[SRU,M,1/1] net: tls, update curr on splice as well \| expand [SRU,M,1/1] net: tls, update curr on splice as well

Message ID

20240129213023.1228125-3-magali.lemes@canonical.com

State

New

Headers

From: Magali Lemes <magali.lemes@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][M][PATCH 1/1] net: tls, update curr on splice as well
Date: Mon, 29 Jan 2024 18:30:23 -0300
Message-Id: <20240129213023.1228125-3-magali.lemes@canonical.com>
In-Reply-To: <20240129213023.1228125-1-magali.lemes@canonical.com>
References: <20240129213023.1228125-1-magali.lemes@canonical.com>
MIME-Version: 1.0
Precedence: list
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

Series

[SRU,M,1/1] net: tls, update curr on splice as well | expand

Commit Message

Magali Lemes Jan. 29, 2024, 9:30 p.m. UTC

From: John Fastabend <john.fastabend@gmail.com>

The curr pointer must also be updated on the splice similar to how
we do this for other copy types.

Fixes: d829e9c4112b ("tls: convert to generic sk_msg interface")
Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Reported-by: Jann Horn <jannh@google.com>
Link: https://lore.kernel.org/r/20231206232706.374377-2-john.fastabend@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
(cherry picked from commit c5a595000e2677e865a39f249c056bc05d6e55fd)
CVE-2024-0646
Signed-off-by: Magali Lemes <magali.lemes@canonical.com>
---
 net/tls/tls_sw.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index ce925f3a5249..63bce5e43589 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -952,6 +952,8 @@  static int tls_sw_sendmsg_splice(struct sock *sk, struct msghdr *msg,
 		}
 
 		sk_msg_page_add(msg_pl, page, part, off);
+		msg_pl->sg.copybreak = 0;
+		msg_pl->sg.curr = msg_pl->sg.end;
 		sk_mem_charge(sk, part);
 		*copied += part;
 		try_to_copy -= part;

[SRU,M,1/1] net: tls, update curr on splice as well

Commit Message

Patch