[PATCH 4.18 187/235] tls: Fix zerocopy_from_iter iov handling

From: Greg Kroah-Hartman
Date: Mon Sep 24 2018 - 08:42:18 EST


4.18-stable review patch. If anyone has any objections, please let me know.

------------------

From: Boris Pismenny <borisp@xxxxxxxxxxxx>

[ Upstream commit 4718799817c5a30ae723eda21f3a6c7d8701b1a4 ]

zerocopy_from_iter iterates over the message, but it doesn't revert the
updates made by the iov iteration. This patch fixes it. Now, the iov can
be used after calling zerocopy_from_iter.

Fixes: 3c4d75591 ("tls: kernel TLS support")
Signed-off-by: Boris Pismenny <borisp@xxxxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Sasha Levin <alexander.levin@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/tls/tls_sw.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)

--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -286,7 +286,7 @@ static int zerocopy_from_iter(struct soc
int length, int *pages_used,
unsigned int *size_used,
struct scatterlist *to, int to_max_pages,
- bool charge)
+ bool charge, bool revert)
{
struct page *pages[MAX_SKB_FRAGS];

@@ -337,6 +337,8 @@ static int zerocopy_from_iter(struct soc
out:
*size_used = size;
*pages_used = num_elem;
+ if (revert)
+ iov_iter_revert(from, size);

return rc;
}
@@ -438,7 +440,7 @@ alloc_encrypted:
&ctx->sg_plaintext_size,
ctx->sg_plaintext_data,
ARRAY_SIZE(ctx->sg_plaintext_data),
- true);
+ true, false);
if (ret)
goto fallback_to_reg_send;

@@ -826,7 +828,7 @@ int tls_sw_recvmsg(struct sock *sk,
err = zerocopy_from_iter(sk, &msg->msg_iter,
to_copy, &pages,
&chunk, &sgin[1],
- MAX_SKB_FRAGS, false);
+ MAX_SKB_FRAGS, false, true);
if (err < 0)
goto fallback_to_reg_recv;