summaryrefslogtreecommitdiff
path: root/include/net
diff options
context:
space:
mode:
authorVakul Garg <vakul.garg@nxp.com>2019-02-23 08:42:37 +0000
committerDavid S. Miller <davem@davemloft.net>2019-02-24 21:58:38 -0800
commit2b794c4098b525836e37d16045abee3091fdfe18 (patch)
tree476aca6dc1cebe77ab8f602b3f3427cbc5b6eb28 /include/net
parent2bdeb8e5bd7b63cb6a5e341178840fd92f61c4de (diff)
tls: Return type of non-data records retrieved using MSG_PEEK in recvmsg
The patch enables returning 'type' in msghdr for records that are retrieved with MSG_PEEK in recvmsg. Further it prevents records peeked from socket from getting clubbed with any other record of different type when records are subsequently dequeued from strparser. For each record, we now retain its type in sk_buff's control buffer cb[]. Inside control buffer, record's full length and offset are already stored by strparser in 'struct strp_msg'. We store record type after 'struct strp_msg' inside 'struct tls_msg'. For tls1.2, the type is stored just after record dequeue. For tls1.3, the type is stored after record has been decrypted. Inside process_rx_list(), before processing a non-data record, we check that we must be able to return back the record type to the user application. If not, the decrypted records in tls context's rx_list is left there without consuming any data. Fixes: 692d7b5d1f912 ("tls: Fix recvmsg() to be able to peek across multiple records") Signed-off-by: Vakul Garg <vakul.garg@nxp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/tls.h10
1 files changed, 10 insertions, 0 deletions
diff --git a/include/net/tls.h b/include/net/tls.h
index a8b37226a287..9f4117ae2297 100644
--- a/include/net/tls.h
+++ b/include/net/tls.h
@@ -129,6 +129,11 @@ struct tls_rec {
u8 aead_req_ctx[];
};
+struct tls_msg {
+ struct strp_msg rxm;
+ u8 control;
+};
+
struct tx_work {
struct delayed_work work;
struct sock *sk;
@@ -333,6 +338,11 @@ int tls_push_partial_record(struct sock *sk, struct tls_context *ctx,
int tls_push_pending_closed_record(struct sock *sk, struct tls_context *ctx,
int flags, long *timeo);
+static inline struct tls_msg *tls_msg(struct sk_buff *skb)
+{
+ return (struct tls_msg *)strp_msg(skb);
+}
+
static inline bool tls_is_pending_closed_record(struct tls_context *ctx)
{
return test_bit(TLS_PENDING_CLOSED_RECORD, &ctx->flags);