tls: Stricter error checking in zerocopy sendmsg path

commit 32da12216e467dea70a09cd7094c30779ce0f9db upstream. In the zerocopy sendmsg() path, there are error checks to revert the zerocopy if we get any error code. syzkaller has discovered that tls_push_record can return -ECONNRESET, which is fatal, and happens after the point at which it is safe to revert the iter, as we've already passed the memory to do_tcp_sendpages. Previously this code could return -ENOMEM and we would want to revert the iter, but AFAIK this no longer returns ENOMEM after a447da7d004 ("tls: fix waitall behavior in tls_sw_recvmsg"), so we fail for all error codes. Reported-by: syzbot+c226690f7b3126c5ee04@syzkaller.appspotmail.com Reported-by: syzbot+709f2810a6a05f11d4d3@syzkaller.appspotmail.com Signed-off-by: Dave Watson <davejwatson@fb.com> Fixes: 3c4d7559159b ("tls: kernel TLS support") Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Dave Watson <davejwatson@fb.com> 2018-07-12 08:03:43 -0700
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2018-07-22 14:28:49 +0200
commit: 30a7a7b04f8b4e38b1af9acda2a4dd533e260ed2 (patch)
tree: 505954b41bc395db366a535b7e57050b9a8270f3 /net/tls
parent: d9bb71d76c07d287f3904c463d1234e6b7b8049d (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 3c86614462f6..8ee4e667a414 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -449,7 +449,7 @@ alloc_encrypted:
 			ret = tls_push_record(sk, msg->msg_flags, record_type);
 			if (!ret)
 				continue;
-			if (ret == -EAGAIN)
+			if (ret < 0)
 				goto send_end;
 
 			copied -= try_to_copy;
author	Dave Watson <davejwatson@fb.com>	2018-07-12 08:03:43 -0700
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2018-07-22 14:28:49 +0200
commit	30a7a7b04f8b4e38b1af9acda2a4dd533e260ed2 (patch)
tree	505954b41bc395db366a535b7e57050b9a8270f3 /net/tls
parent	d9bb71d76c07d287f3904c463d1234e6b7b8049d (diff)