upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-05-28 04:12:45 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

tcp: don't use KTLS socket option on listening sockets

Browse source 
KTLS socket options make use of socket buffers, which are not
available for listening sockets.

Reported by:		syzbot+a8829e888a93a4a04619@syzkaller.appspotmail.com
Reviewed by:		jhb@
Sponsored by:		Netflix, Inc.
Differential Revision:	https://reviews.freebsd.org/D27948
This commit is contained in:
Michael Tuexen 2021-01-08 08:51:39 +01:00
parent da77382f55
commit 6685e259e3
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
sys/kern/uipc_ktls.c
View file

@ -1014,6 +1014,8 @@ ktls_enable_rx(struct socket *so, struct tls_enable *en)
if (!ktls_offload_enable)
return (ENOTSUP);
if (SOLISTENING(so))
return (EINVAL);
counter_u64_add(ktls_offload_enable_calls, 1);
@ -1079,6 +1081,8 @@ ktls_enable_tx(struct socket *so, struct tls_enable *en)
if (!ktls_offload_enable)
return (ENOTSUP);
if (SOLISTENING(so))
return (EINVAL);
counter_u64_add(ktls_offload_enable_calls, 1);
@ -1155,6 +1159,8 @@ ktls_get_rx_mode(struct socket *so)
struct inpcb *inp;
int mode;
if (SOLISTENING(so))
return (EINVAL);
inp = so->so_pcb;
INP_WLOCK_ASSERT(inp);
SOCKBUF_LOCK(&so->so_rcv);
@ -1174,6 +1180,8 @@ ktls_get_tx_mode(struct socket *so)
struct inpcb *inp;
int mode;
if (SOLISTENING(so))
return (EINVAL);
inp = so->so_pcb;
INP_WLOCK_ASSERT(inp);
SOCKBUF_LOCK(&so->so_snd);
@ -1196,6 +1204,8 @@ ktls_set_tx_mode(struct socket *so, int mode)
struct inpcb *inp;
int error;
if (SOLISTENING(so))
return (EINVAL);
switch (mode) {
case TCP_TLS_MODE_SW:
case TCP_TLS_MODE_IFNET: