mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-28 13:22:57 +00:00
tls: rx: device: don't try to copy too much on detach
Another device offload bug, we use the length of the output
skb as an indication of how much data to copy. But that skb
is sized to offset + record length, and we start from offset.
So we end up double-counting the offset which leads to
skb_copy_bits() returning -EFAULT.
Reported-by: Tariq Toukan <tariqt@nvidia.com>
Fixes: 84c61fe1a7 ("tls: rx: do not use the standard strparser")
Tested-by: Ran Rozenstein <ranro@nvidia.com>
Link: https://lore.kernel.org/r/20220809175544.354343-2-kuba@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
This commit is contained in:
Jakub Kicinski
parent
86b259f6f8
commit
d800a7b357
1 changed files with 1 additions and 1 deletions
|
|
@ -41,7 +41,7 @@ static struct sk_buff *tls_strp_msg_make_copy(struct tls_strparser *strp)
|
|||
struct sk_buff *skb;
|
||||
int i, err, offset;
|
||||
|
||||
skb = alloc_skb_with_frags(0, strp->anchor->len, TLS_PAGE_ORDER,
|
||||
skb = alloc_skb_with_frags(0, strp->stm.full_len, TLS_PAGE_ORDER,
|
||||
&err, strp->sk->sk_allocation);
|
||||
if (!skb)
|
||||
return NULL;
|
||||
|
|
|
|||
Loading…
Reference in a new issue