diff options
Diffstat (limited to 'net/tls/tls_main.c')
| -rw-r--r-- | net/tls/tls_main.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c index e07ee3ae0023..736719c8314e 100644 --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c | |||
| @@ -367,8 +367,10 @@ static int do_tls_setsockopt_tx(struct sock *sk, char __user *optval, | |||
| 367 | 367 | ||
| 368 | crypto_info = &ctx->crypto_send; | 368 | crypto_info = &ctx->crypto_send; |
| 369 | /* Currently we don't support set crypto info more than one time */ | 369 | /* Currently we don't support set crypto info more than one time */ |
| 370 | if (TLS_CRYPTO_INFO_READY(crypto_info)) | 370 | if (TLS_CRYPTO_INFO_READY(crypto_info)) { |
| 371 | rc = -EBUSY; | ||
| 371 | goto out; | 372 | goto out; |
| 373 | } | ||
| 372 | 374 | ||
| 373 | rc = copy_from_user(crypto_info, optval, sizeof(*crypto_info)); | 375 | rc = copy_from_user(crypto_info, optval, sizeof(*crypto_info)); |
| 374 | if (rc) { | 376 | if (rc) { |
| @@ -386,7 +388,7 @@ static int do_tls_setsockopt_tx(struct sock *sk, char __user *optval, | |||
| 386 | case TLS_CIPHER_AES_GCM_128: { | 388 | case TLS_CIPHER_AES_GCM_128: { |
| 387 | if (optlen != sizeof(struct tls12_crypto_info_aes_gcm_128)) { | 389 | if (optlen != sizeof(struct tls12_crypto_info_aes_gcm_128)) { |
| 388 | rc = -EINVAL; | 390 | rc = -EINVAL; |
| 389 | goto out; | 391 | goto err_crypto_info; |
| 390 | } | 392 | } |
| 391 | rc = copy_from_user(crypto_info + 1, optval + sizeof(*crypto_info), | 393 | rc = copy_from_user(crypto_info + 1, optval + sizeof(*crypto_info), |
| 392 | optlen - sizeof(*crypto_info)); | 394 | optlen - sizeof(*crypto_info)); |
| @@ -398,7 +400,7 @@ static int do_tls_setsockopt_tx(struct sock *sk, char __user *optval, | |||
| 398 | } | 400 | } |
| 399 | default: | 401 | default: |
| 400 | rc = -EINVAL; | 402 | rc = -EINVAL; |
| 401 | goto out; | 403 | goto err_crypto_info; |
| 402 | } | 404 | } |
| 403 | 405 | ||
| 404 | /* currently SW is default, we will have ethtool in future */ | 406 | /* currently SW is default, we will have ethtool in future */ |
| @@ -454,6 +456,15 @@ static int tls_init(struct sock *sk) | |||
| 454 | struct tls_context *ctx; | 456 | struct tls_context *ctx; |
| 455 | int rc = 0; | 457 | int rc = 0; |
| 456 | 458 | ||
| 459 | /* The TLS ulp is currently supported only for TCP sockets | ||
| 460 | * in ESTABLISHED state. | ||
| 461 | * Supporting sockets in LISTEN state will require us | ||
| 462 | * to modify the accept implementation to clone rather then | ||
| 463 | * share the ulp context. | ||
| 464 | */ | ||
| 465 | if (sk->sk_state != TCP_ESTABLISHED) | ||
| 466 | return -ENOTSUPP; | ||
| 467 | |||
| 457 | /* allocate tls context */ | 468 | /* allocate tls context */ |
| 458 | ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); | 469 | ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); |
| 459 | if (!ctx) { | 470 | if (!ctx) { |