On Fri, Aug 02, 2024 at 04:39:31AM -0700, Harshit Mogalapalli wrote:
From: Jakub Kicinski kuba@kernel.org
commit e01e3934a1b2d122919f73bc6ddbe1cdafc4bbdb upstream.
Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling the work before calling complete(). This seems more logical in the first place, as it's the inverse order of what the submitting thread will do.
Reported-by: valis sec@valis.email Fixes: a42055e8d2c3 ("net/tls: Add support for async encryption of records for performance") Signed-off-by: Jakub Kicinski kuba@kernel.org Reviewed-by: Simon Horman horms@kernel.org Reviewed-by: Sabrina Dubroca sd@queasysnail.net Signed-off-by: David S. Miller davem@davemloft.net [Lee: Fixed merge-conflict in Stable branches linux-6.1.y and older] Signed-off-by: Lee Jones lee@kernel.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org [Harshit: bp to 5.15.y, minor conflict resolutin due to missing commit: 8ae187386420 ("tls: Only use data field in crypto completion function") in 5.15.y] Signed-off-by: Harshit Mogalapalli harshit.m.mogalapalli@oracle.com
This is a fix for CVE-2024-26585, minor conflict resolution involved Ran the tls self tests:
ok 183 tls.13_chacha.shutdown_reuse # PASSED: 183 / 183 tests passed. # Totals: pass:183 fail:0 xfail:0 xpass:0 skip:0 error:0
net/tls/tls_sw.c | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-)
Now queued up, thanks.
greg k-h