From owner-dev-commits-src-all@freebsd.org  Fri Sep 17 19:12:33 2021
Return-Path: <owner-dev-commits-src-all@freebsd.org>
Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 41C9366803E;
 Fri, 17 Sep 2021 19:12:33 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4HB3Vn0l3Vz3Plf;
 Fri, 17 Sep 2021 19:12:32 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6AC061B41B;
 Fri, 17 Sep 2021 19:12:32 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 18HJCWdL068221;
 Fri, 17 Sep 2021 19:12:32 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 18HJCWIj068220;
 Fri, 17 Sep 2021 19:12:32 GMT (envelope-from git)
Date: Fri, 17 Sep 2021 19:12:32 GMT
Message-Id: <202109171912.18HJCWIj068220@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-main@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: bf25678226f0 - main - ktls: Fix error/mode confusion in
 TCP_*TLS_MODE getsockopt handlers
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: bf25678226f0d9b52c27610c734c97d76a7cae59
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-all@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commit messages for all branches of the src repository
 <dev-commits-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-all>, 
 <mailto:dev-commits-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-all/>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Help: <mailto:dev-commits-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all>, 
 <mailto:dev-commits-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Sep 2021 19:12:33 -0000

The branch main has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=bf25678226f0d9b52c27610c734c97d76a7cae59

commit bf25678226f0d9b52c27610c734c97d76a7cae59
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2021-09-17 16:14:29 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-09-17 18:19:05 +0000

    ktls: Fix error/mode confusion in TCP_*TLS_MODE getsockopt handlers
    
    ktls_get_(rx|tx)_mode() can return an errno value or a TLS mode, so
    errors are effectively hidden.  Fix this by using a separate output
    parameter.  Convert to the new socket buffer locking macros while here.
    
    Note that the socket buffer lock is not needed to synchronize the
    SOLISTENING check here, we can rely on the PCB lock.
    
    Reviewed by:    jhb
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D31977
---
 sys/kern/uipc_ktls.c     | 26 ++++++++++++--------------
 sys/netinet/tcp_usrreq.c | 12 ++++++++----
 sys/sys/ktls.h           |  4 ++--
 3 files changed, 22 insertions(+), 20 deletions(-)

diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c
index 9e9a6b5b60fb..bc21e6fe2493 100644
--- a/sys/kern/uipc_ktls.c
+++ b/sys/kern/uipc_ktls.c
@@ -1199,45 +1199,43 @@ ktls_enable_tx(struct socket *so, struct tls_enable *en)
 }
 
 int
-ktls_get_rx_mode(struct socket *so)
+ktls_get_rx_mode(struct socket *so, int *modep)
 {
 	struct ktls_session *tls;
 	struct inpcb *inp;
-	int mode;
 
 	if (SOLISTENING(so))
 		return (EINVAL);
 	inp = so->so_pcb;
 	INP_WLOCK_ASSERT(inp);
-	SOCKBUF_LOCK(&so->so_rcv);
+	SOCK_RECVBUF_LOCK(so);
 	tls = so->so_rcv.sb_tls_info;
 	if (tls == NULL)
-		mode = TCP_TLS_MODE_NONE;
+		*modep = TCP_TLS_MODE_NONE;
 	else
-		mode = tls->mode;
-	SOCKBUF_UNLOCK(&so->so_rcv);
-	return (mode);
+		*modep = tls->mode;
+	SOCK_RECVBUF_UNLOCK(so);
+	return (0);
 }
 
 int
-ktls_get_tx_mode(struct socket *so)
+ktls_get_tx_mode(struct socket *so, int *modep)
 {
 	struct ktls_session *tls;
 	struct inpcb *inp;
-	int mode;
 
 	if (SOLISTENING(so))
 		return (EINVAL);
 	inp = so->so_pcb;
 	INP_WLOCK_ASSERT(inp);
-	SOCKBUF_LOCK(&so->so_snd);
+	SOCK_SENDBUF_LOCK(so);
 	tls = so->so_snd.sb_tls_info;
 	if (tls == NULL)
-		mode = TCP_TLS_MODE_NONE;
+		*modep = TCP_TLS_MODE_NONE;
 	else
-		mode = tls->mode;
-	SOCKBUF_UNLOCK(&so->so_snd);
-	return (mode);
+		*modep = tls->mode;
+	SOCK_SENDBUF_UNLOCK(so);
+	return (0);
 }
 
 /*
diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c
index 3a1608cc106a..e9f7fa541461 100644
--- a/sys/netinet/tcp_usrreq.c
+++ b/sys/netinet/tcp_usrreq.c
@@ -2563,14 +2563,18 @@ unhold:
 #endif
 #ifdef KERN_TLS
 		case TCP_TXTLS_MODE:
-			optval = ktls_get_tx_mode(so);
+			error = ktls_get_tx_mode(so, &optval);
 			INP_WUNLOCK(inp);
-			error = sooptcopyout(sopt, &optval, sizeof(optval));
+			if (error == 0)
+				error = sooptcopyout(sopt, &optval,
+				    sizeof(optval));
 			break;
 		case TCP_RXTLS_MODE:
-			optval = ktls_get_rx_mode(so);
+			error = ktls_get_rx_mode(so, &optval);
 			INP_WUNLOCK(inp);
-			error = sooptcopyout(sopt, &optval, sizeof(optval));
+			if (error == 0)
+				error = sooptcopyout(sopt, &optval,
+				    sizeof(optval));
 			break;
 #endif
 		case TCP_LRD:
diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h
index 9729fd6fe8c4..71d55ee1b3d8 100644
--- a/sys/sys/ktls.h
+++ b/sys/sys/ktls.h
@@ -212,9 +212,9 @@ void ktls_frame(struct mbuf *m, struct ktls_session *tls, int *enqueue_cnt,
 void ktls_seq(struct sockbuf *sb, struct mbuf *m);
 void ktls_enqueue(struct mbuf *m, struct socket *so, int page_count);
 void ktls_enqueue_to_free(struct mbuf *m);
-int ktls_get_rx_mode(struct socket *so);
+int ktls_get_rx_mode(struct socket *so, int *modep);
 int ktls_set_tx_mode(struct socket *so, int mode);
-int ktls_get_tx_mode(struct socket *so);
+int ktls_get_tx_mode(struct socket *so, int *modep);
 int ktls_output_eagain(struct inpcb *inp, struct ktls_session *tls);
 #ifdef RATELIMIT
 int ktls_modify_txrtlmt(struct ktls_session *tls, uint64_t max_pacing_rate);