On 23/2/2023 19:15, Sabrina Dubroca wrote:
2023-02-23, 17:05:08 +0800, Hangyu Hua wrote:
After tls_set_device_offload() fails, we enter tls_set_sw_offload(). But
tls_set_sw_offload can't set cctx->iv and cctx->rec_seq to NULL if it fails
before kmalloc cctx->iv. This may cause info leak when we call
do_tls_getsockopt_conf().
Is there really an issue here?
If both tls_set_device_offload and tls_set_sw_offload fail,
do_tls_setsockopt_conf will clear crypto_{send,recv} from the context.
Then the TLS_CRYPTO_INFO_READY in do_tls_getsockopt_conf will fail, so
we won't try to access iv or rec_seq.
My bad. I forget memzero_explicit. Then this is harmless. But I still think it is better to set them to NULL like tls_set_sw_offload's error path because we don't know there are another way to do this(I will change the commit log). What do you think?