leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
97e1caa517
linux/net/tls
History
Jakub Kicinski 97e1caa517 net/tls: don't copy negative amounts of data in reencrypt 
There is no guarantee the record starts before the skb frags.
If we don't check for this condition copy amount will get
negative, leading to reads and writes to random memory locations.
Familiar hilarity ensues.

Fixes: 4799ac81e5 ("tls: Add rx inline crypto offload")
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: John Hurley <john.hurley@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-04-27 20:17:19 -04:00
..
Kconfig tls: convert to generic sk_msg interface 2018-10-15 12:23:19 -07:00
Makefile net/tls: Add generic NIC offload infrastructure 2018-05-01 09:42:47 -04:00
tls_device_fallback.c net/tls: fix refcount adjustment in fallback 2019-04-18 16:51:03 -07:00
tls_device.c net/tls: don't copy negative amounts of data in reencrypt 2019-04-27 20:17:19 -04:00
tls_main.c net/tls: don't leak IV and record seq when offload fails 2019-04-20 20:36:51 -07:00
tls_sw.c net/tls: don't leak IV and record seq when offload fails 2019-04-20 20:36:51 -07:00