Commit 7a8c4dd9 authored Jan 19, 2018 by Dave Watson Committed by David S. Miller Jan 22, 2018

tls: Correct length of scatterlist in tls_sw_sendpage



The scatterlist is reused by both sendmsg and sendfile.
If a sendmsg of smaller number of pages is followed by a sendfile
of larger number of pages, the scatterlist may be too short, resulting
in a crash in gcm_encrypt.

Add sg_unmark_end to make the list the correct length.

tls_sw_sendmsg already calls sg_unmark_end correctly when it allocates
memory in alloc_sg, or in zerocopy_from_iter.

Signed-off-by: Dave Watson <davejwatson@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent 52acf064

net/tls/tls_sw.c

+2 −0

Original line number	Original line	Diff line number	Diff line
	@@ -577,6 +577,8 @@ int tls_sw_sendpage(struct sock sk, struct page page,
	get_page(page);		get_page(page);
	sg = ctx->sg_plaintext_data + ctx->sg_plaintext_num_elem;		sg = ctx->sg_plaintext_data + ctx->sg_plaintext_num_elem;
	sg_set_page(sg, page, copy, offset);		sg_set_page(sg, page, copy, offset);
			sg_unmark_end(sg);

	ctx->sg_plaintext_num_elem++;		ctx->sg_plaintext_num_elem++;

	sk_mem_charge(sk, copy);		sk_mem_charge(sk, copy);