Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp1029134ybe; Wed, 4 Sep 2019 11:23:25 -0700 (PDT) X-Google-Smtp-Source: APXvYqz3p/N8KkVBgvCR5+xf2xJRmFox0RAte+wrxrJKM+by0nT+8ZVPbr2G/XUXs7NpDtjUJGai X-Received: by 2002:a62:8344:: with SMTP id h65mr47784980pfe.85.1567621405720; Wed, 04 Sep 2019 11:23:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1567621405; cv=none; d=google.com; s=arc-20160816; b=RLcQBlrCA5PQo3wsqS5KOoTT4czePMI1/xr1dzmImVTIxGUbWXJ5m452pReJLcS7eM 0KZu8uo9J9FRGzaZdYTwW0BZL1H9WsQRGf66iPLt9Q21XRIwukiUJIfSPeDbwkZvAGiU G6AU8weGnvYrjnfRZiWHbMXj1yApgYKjavDdMMc1oXkcoAf0lDAOtc/vjxIifzeEOk4C PvHT0F9+jTQyOAgQ20FBQsa9gccmXLnQBfynRVuyyj8E44Gq0SLs2QZ1ewjU75Bn8Ivy 23m+/sF/4YSP0z8VwnEnMMUdoQ9DDpyE5IOelhCwpoA5w0d2p/ddMHcHoB9A9tltcOKE GBXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=IF3gfj/T8hlfMb/3WceiWwsR2U4ZjQKO5okKtpy5pqs=; b=QA3MPbEfd6XnnZq0BRec9Zh/dyQcjgiYuALxiyP7mWtsm633YcJ3xLio5A53nhj8PE z0GTVHfD90Tb1jzkYjNpFD9dBVt2tv4kagoSILsEsiTJT16rcu4ncSXDw57bz1g38yGv Gx4UEKyyUK9No/D8+xGqEltC8XwuXRR2JucAmI57li66VtQkZ/Dm0fT1NcAv9hYXlqlv GhffoutVk152QHeOwwv1ssPtauJ8M8U4RVcuNWw+/pDnAbpP6qjK/WzQIsP3Jh38qa+Z uqUb/Dj/0aKX/nOFSMc+aiBo5WziqrKvcVkJWXO6gdsUj7pjMnff9sfFNHm6DUfUEC6K ELjg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=XFV9wuQW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g8si2747281pjp.57.2019.09.04.11.23.10; Wed, 04 Sep 2019 11:23:25 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=XFV9wuQW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389401AbfIDSGT (ORCPT + 99 others); Wed, 4 Sep 2019 14:06:19 -0400 Received: from mail.kernel.org ([198.145.29.99]:48156 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389408AbfIDSGP (ORCPT ); Wed, 4 Sep 2019 14:06:15 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id E81A523400; Wed, 4 Sep 2019 18:06:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1567620374; bh=/W9B7Sno1Cvi2aD3B8vReKUaPG7Au4vT5P3cEEHE2l4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=XFV9wuQWWSsmckZBB9Cy47dyxw9sDoIkEihgUVVSmzbV/00GX7sxDUo4Jn42zd9oe XUJZWLQE5wmSO8uqMRBQFBaNY7CcoePGZ46uagnZTjJXJiAI96pOPfTI4WdY/M04nu WqPA2BkFW6r6C7SceIgifAX2bU1wjD9imWGmWWno= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Hillf Danton , Ying Xue , Andrey Konovalov , John Fastabend , Jakub Kicinski , "David S. Miller" Subject: [PATCH 4.19 33/93] net: tls, fix sk_write_space NULL write when tx disabled Date: Wed, 4 Sep 2019 19:53:35 +0200 Message-Id: <20190904175306.180232159@linuxfoundation.org> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20190904175302.845828956@linuxfoundation.org> References: <20190904175302.845828956@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: John Fastabend [ Upstream commit d85f01775850a35eae47a0090839baf510c1ef12 ] The ctx->sk_write_space pointer is only set when TLS tx mode is enabled. When running without TX mode its a null pointer but we still set the sk sk_write_space pointer on close(). Fix the close path to only overwrite sk->sk_write_space when the current pointer is to the tls_write_space function indicating the tls module should clean it up properly as well. Reported-by: Hillf Danton Cc: Ying Xue Cc: Andrey Konovalov Fixes: 57c722e932cfb ("net/tls: swap sk_write_space on close") Signed-off-by: John Fastabend Reviewed-by: Jakub Kicinski Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/tls/tls_main.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c @@ -301,7 +301,8 @@ static void tls_sk_proto_close(struct so #else { #endif - sk->sk_write_space = ctx->sk_write_space; + if (sk->sk_write_space == tls_write_space) + sk->sk_write_space = ctx->sk_write_space; tls_ctx_free(ctx); ctx = NULL; }