From: Jakub Kicinski kuba@kernel.org
commit 37943f047bfb88ba4dfc7a522563f57c86d088a0 upstream.
Since we are protected from async completions by decrypt_compl_lock we can drop the async_notify and reinit the completion before we start waiting.
Signed-off-by: Jakub Kicinski kuba@kernel.org Signed-off-by: David S. Miller davem@davemloft.net Stable-dep-of: aec7961916f3 ("tls: fix race between async notify and socket close") Cc: stable@vger.kernel.org # 5.15 Signed-off-by: Shaoying Xu shaoyi@amazon.com --- include/net/tls.h | 1 - net/tls/tls_sw.c | 14 ++------------ 2 files changed, 2 insertions(+), 13 deletions(-)
diff --git a/include/net/tls.h b/include/net/tls.h index ea0aeae26cf7..dcd6aa08c067 100644 --- a/include/net/tls.h +++ b/include/net/tls.h @@ -150,7 +150,6 @@ struct tls_sw_context_rx { atomic_t decrypt_pending; /* protect crypto_wait with decrypt_pending*/ spinlock_t decrypt_compl_lock; - bool async_notify; };
struct tls_record_info { diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index fc55b65695e5..9c443646417e 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -174,7 +174,6 @@ static void tls_decrypt_done(struct crypto_async_request *req, int err) struct scatterlist *sg; struct sk_buff *skb; unsigned int pages; - int pending;
skb = (struct sk_buff *)req->data; tls_ctx = tls_get_ctx(skb->sk); @@ -222,9 +221,7 @@ static void tls_decrypt_done(struct crypto_async_request *req, int err) kfree(aead_req);
spin_lock_bh(&ctx->decrypt_compl_lock); - pending = atomic_dec_return(&ctx->decrypt_pending); - - if (!pending && ctx->async_notify) + if (!atomic_dec_return(&ctx->decrypt_pending)) complete(&ctx->async_wait.completion); spin_unlock_bh(&ctx->decrypt_compl_lock); } @@ -1917,7 +1914,7 @@ int tls_sw_recvmsg(struct sock *sk,
/* Wait for all previously submitted records to be decrypted */ spin_lock_bh(&ctx->decrypt_compl_lock); - ctx->async_notify = true; + reinit_completion(&ctx->async_wait.completion); pending = atomic_read(&ctx->decrypt_pending); spin_unlock_bh(&ctx->decrypt_compl_lock); if (pending) { @@ -1929,15 +1926,8 @@ int tls_sw_recvmsg(struct sock *sk, decrypted = 0; goto end; } - } else { - reinit_completion(&ctx->async_wait.completion); }
- /* There can be no concurrent accesses, since we have no - * pending decrypt operations - */ - WRITE_ONCE(ctx->async_notify, false); - /* Drain records from the rx_list & copy if required */ if (is_peek || is_kvec) err = process_rx_list(ctx, msg, &control, copied,