summaryrefslogtreecommitdiff
path: root/net/tls
diff options
context:
space:
mode:
authorJakub Kicinski <kuba@kernel.org>2022-07-20 23:37:00 +0300
committerJakub Kicinski <kuba@kernel.org>2022-07-22 04:58:11 +0300
commitdde06aaa89b76275407b78108b57f94838287dab (patch)
tree5b7d8dc86d710679cd29f44003d5c962939e485c /net/tls
parentb945804d993072e24138741ab67e28f6b09b2502 (diff)
downloadlinux-dde06aaa89b76275407b78108b57f94838287dab.tar.xz
tls: rx: release the sock lock on locking timeout
Eric reports we should release the socket lock if the entire "grab reader lock" operation has failed. The callers assume they don't have to release it or otherwise unwind. Reported-by: Eric Dumazet <edumazet@google.com> Reported-by: syzbot+16e72110feb2b653ef27@syzkaller.appspotmail.com Fixes: 4cbc325ed6b4 ("tls: rx: allow only one reader at a time") Reviewed-by: Eric Dumazet <edumazet@google.com> Link: https://lore.kernel.org/r/20220720203701.2179034-1-kuba@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'net/tls')
-rw-r--r--net/tls/tls_sw.c17
1 files changed, 13 insertions, 4 deletions
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 859ea02022c0..ed5e6f1df9c7 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -1803,6 +1803,7 @@ static long tls_rx_reader_lock(struct sock *sk, struct tls_sw_context_rx *ctx,
bool nonblock)
{
long timeo;
+ int err;
lock_sock(sk);
@@ -1818,15 +1819,23 @@ static long tls_rx_reader_lock(struct sock *sk, struct tls_sw_context_rx *ctx,
!READ_ONCE(ctx->reader_present), &wait);
remove_wait_queue(&ctx->wq, &wait);
- if (!timeo)
- return -EAGAIN;
- if (signal_pending(current))
- return sock_intr_errno(timeo);
+ if (timeo <= 0) {
+ err = -EAGAIN;
+ goto err_unlock;
+ }
+ if (signal_pending(current)) {
+ err = sock_intr_errno(timeo);
+ goto err_unlock;
+ }
}
WRITE_ONCE(ctx->reader_present, 1);
return timeo;
+
+err_unlock:
+ release_sock(sk);
+ return err;
}
static void tls_rx_reader_unlock(struct sock *sk, struct tls_sw_context_rx *ctx)