From 9675d8895abe8f56ffcff69ce5b50e8a32b7c991 Mon Sep 17 00:00:00 2001
From: Andrew Gallatin <gallatin@FreeBSD.org>
Date: Fri, 4 Sep 2020 17:36:15 +0000
Subject: [PATCH] ktls: Check for a NULL send tag in ktls_cleanup()

When using ifnet ktls, and when ktls_reset_send_tag()
fails to allocate a replacement tag, it leaves
the tls session's snd_tag pointer NULL. ktls_cleanup()
tries to release the send tag, and will trip over
this NULL pointer and panic unless NULL is checked for.

Reviewed by:	jhb
Sponsored by:	Netflix
---
 sys/kern/uipc_ktls.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c
index 71bbcc7110f..6749a881200 100644
--- a/sys/kern/uipc_ktls.c
+++ b/sys/kern/uipc_ktls.c
@@ -680,7 +680,8 @@ ktls_cleanup(struct ktls_session *tls)
 			counter_u64_add(ktls_ifnet_gcm, -1);
 			break;
 		}
-		m_snd_tag_rele(tls->snd_tag);
+		if (tls->snd_tag != NULL)
+			m_snd_tag_rele(tls->snd_tag);
 		break;
 #ifdef TCP_OFFLOAD
 	case TCP_TLS_MODE_TOE: