summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVakul Garg <vakul.garg@nxp.com>2019-02-09 07:53:28 +0000
committerDavid S. Miller <davem@davemloft.net>2019-02-09 09:27:49 -0800
commit8497ded2d16caabad1d9be7e7ec9b085e48ddfe4 (patch)
tree665a121c5bcb7ef224816e9cc84142e94a49aa84
parent3b5e74e0afe3382f9354b657714ac40673b7c597 (diff)
net/tls: Disable async decrytion for tls1.3
Function tls_sw_recvmsg() dequeues multiple records from stream parser and decrypts them. In case the decryption is done by async accelerator, the records may get submitted for decryption while the previous ones may not have been decryted yet. For tls1.3, the record type is known only after decryption. Therefore, for tls1.3, tls_sw_recvmsg() may submit records for decryption even if it gets 'handshake' records after 'data' records. These intermediate 'handshake' records may do a key updation. By the time new keys are given to ktls by userspace, it is possible that ktls has already submitted some records i(which are encrypted with new keys) for decryption using old keys. This would lead to decrypt failure. Therefore, async decryption of records should be disabled for tls1.3. Fixes: 130b392c6cd6b ("net: tls: Add tls 1.3 support") Signed-off-by: Vakul Garg <vakul.garg@nxp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/tls/tls_sw.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 8051a9164139..fe8c287cbaa1 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -2215,8 +2215,12 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx)
if (sw_ctx_rx) {
tfm = crypto_aead_tfm(sw_ctx_rx->aead_recv);
- sw_ctx_rx->async_capable =
- tfm->__crt_alg->cra_flags & CRYPTO_ALG_ASYNC;
+
+ if (crypto_info->version == TLS_1_3_VERSION)
+ sw_ctx_rx->async_capable = false;
+ else
+ sw_ctx_rx->async_capable =
+ tfm->__crt_alg->cra_flags & CRYPTO_ALG_ASYNC;
/* Set up strparser */
memset(&cb, 0, sizeof(cb));