diff options
author | John Baldwin <jhb@FreeBSD.org> | 2022-12-28 00:00:17 +0000 |
---|---|---|
committer | John Baldwin <jhb@FreeBSD.org> | 2023-01-24 05:24:42 +0000 |
commit | 28327968c2cbac4e4edf3bc55504bedcbd3d8c30 (patch) | |
tree | ac51cbae9a6c133804a3fda9594796d1a0d3955d | |
parent | cc17f41e07925875ce5d004c287c4ef1f4f543be (diff) | |
download | src-28327968c2cbac4e4edf3bc55504bedcbd3d8c30.tar.gz src-28327968c2cbac4e4edf3bc55504bedcbd3d8c30.zip |
ktls: Post receive errors on partially closed sockets.
If an error such as an invalid record or one whose decryption fails is
detected on a socket that has received a RST then ktls_drop() could
ignore the error since INP_DROPPED could already be set. In this case
soreceive_generic hangs since it does not return from a KTLS socket
with pending encrypted data unless there is an error (so_error) (this
behavior is to ensure that soreceive_generic doesn't return a
premature EOF when there is pending data still being decrypted).
Note that this was a bug prior to
69542f26820b7edb8351398b36edda5299c1db56 as tcp_usr_abort would also
have ignored the error in this case.
Reviewed by: gallatin
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D37775
(cherry picked from commit 07be7517270e7cc8f51612efce9e6375ad1fc12e)
-rw-r--r-- | sys/kern/uipc_ktls.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c index 711b38ec7f99..901a2df0bd74 100644 --- a/sys/kern/uipc_ktls.c +++ b/sys/kern/uipc_ktls.c @@ -1881,8 +1881,12 @@ ktls_drop(struct socket *so, int error) CURVNET_RESTORE(); if (tp != NULL) INP_WUNLOCK(inp); - } else + } else { + so->so_error = error; + SOCKBUF_LOCK(&so->so_rcv); + sorwakeup_locked(so); INP_WUNLOCK(inp); + } NET_EPOCH_EXIT(et); } |