Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

Two cases of overlapping changes, nothing fancy. Signed-off-by: David S. Miller <davem@davemloft.net>
author: David S. Miller <davem@davemloft.net> 2019-07-08 19:48:57 -0700
committer: David S. Miller <davem@davemloft.net> 2019-07-08 19:48:57 -0700
commit: af144a983402f7fd324ce556d9f9011a8b3e01fe (patch)
tree: 7a0250b960a36976bc683789d9fe86b9f60a97a5 /net/tls
parent: 6413139dfc641aaaa30580b59696a5f7ea274194 (diff)
parent: e858faf556d4e14c750ba1e8852783c6f9520a0e (diff)
download: linux-af144a983402f7fd324ce556d9f9011a8b3e01fe.tar.gz
3 files changed, 13 insertions, 4 deletions
diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index 40076f423dcb..92fd1352c037 100644
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -61,7 +61,7 @@ static void tls_device_free_ctx(struct tls_context *ctx)
 	if (ctx->rx_conf == TLS_HW)
 		kfree(tls_offload_ctx_rx(ctx));
 
-	kfree(ctx);
+	tls_ctx_free(ctx);
 }
 
 static void tls_device_gc_task(struct work_struct *work)
@@ -853,6 +853,11 @@ int tls_set_device_offload(struct sock *sk, struct tls_context *ctx)
 	}
 
 	crypto_info = &ctx->crypto_send.info;
+	if (crypto_info->version != TLS_1_2_VERSION) {
+		rc = -EOPNOTSUPP;
+		goto free_offload_ctx;
+	}
+
 	switch (crypto_info->cipher_type) {
 	case TLS_CIPHER_AES_GCM_128:
 		nonce_size = TLS_CIPHER_AES_GCM_128_IV_SIZE;
@@ -993,6 +998,9 @@ int tls_set_device_offload_rx(struct sock *sk, struct tls_context *ctx)
 	struct net_device *netdev;
 	int rc = 0;
 
+	if (ctx->crypto_recv.info.version != TLS_1_2_VERSION)
+		return -EOPNOTSUPP;
+
 	/* We support starting offload on multiple sockets
 	 * concurrently, so we only need a read lock here.
 	 * This lock must precede get_netdev_for_sock to prevent races between
diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c
index e2b69e805d46..4674e57e66b0 100644
--- a/net/tls/tls_main.c
+++ b/net/tls/tls_main.c
@@ -251,7 +251,7 @@ static void tls_write_space(struct sock *sk)
 	ctx->sk_write_space(sk);
 }
 
-static void tls_ctx_free(struct tls_context *ctx)
+void tls_ctx_free(struct tls_context *ctx)
 {
 	if (!ctx)
 		return;
@@ -643,7 +643,7 @@ static void tls_hw_sk_destruct(struct sock *sk)
 
 	ctx->sk_destruct(sk);
 	/* Free ctx */
-	kfree(ctx);
+	tls_ctx_free(ctx);
 	icsk->icsk_ulp_data = NULL;
 }
 
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index db585964b52b..53b4ad94e74a 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -1959,7 +1959,8 @@ bool tls_sw_stream_read(const struct sock *sk)
 		ingress_empty = list_empty(&psock->ingress_msg);
 	rcu_read_unlock();
 
-	return !ingress_empty || ctx->recv_pkt;
+	return !ingress_empty || ctx->recv_pkt ||
+		!skb_queue_empty(&ctx->rx_list);
 }
 
 static int tls_read_size(struct strparser *strp, struct sk_buff *skb)
author	David S. Miller <davem@davemloft.net>	2019-07-08 19:48:57 -0700
committer	David S. Miller <davem@davemloft.net>	2019-07-08 19:48:57 -0700
commit	af144a983402f7fd324ce556d9f9011a8b3e01fe (patch)
tree	7a0250b960a36976bc683789d9fe86b9f60a97a5 /net/tls
parent	6413139dfc641aaaa30580b59696a5f7ea274194 (diff)
parent	e858faf556d4e14c750ba1e8852783c6f9520a0e (diff)
download	linux-af144a983402f7fd324ce556d9f9011a8b3e01fe.tar.gz