Date: Tue, 19 Jul 2022 14:09:29 GMT From: Mark Johnston <markj@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: b7806e7bae20 - stable/13 - ktls: Zero out TLS_GET_RECORD control messages Message-ID: <202207191409.26JE9TlI052037@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=b7806e7bae20553d479bc96fdfe7ae735072b9bd commit b7806e7bae20553d479bc96fdfe7ae735072b9bd Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2022-01-20 20:42:46 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2022-07-19 13:53:41 +0000 ktls: Zero out TLS_GET_RECORD control messages Otherwise we end up copying one uninitialized byte into the socket buffer. Reported by: KMSAN Reviewed by: jhb Sponsored by: The FreeBSD Foundation (cherry picked from commit 6be8944d96d2cb5938b69c63b483efa616eafb56) --- sys/dev/cxgbe/tom/t4_tls.c | 1 + sys/kern/uipc_ktls.c | 1 + 2 files changed, 2 insertions(+) diff --git a/sys/dev/cxgbe/tom/t4_tls.c b/sys/dev/cxgbe/tom/t4_tls.c index fdd6d43c796b..97bf3a016fb2 100644 --- a/sys/dev/cxgbe/tom/t4_tls.c +++ b/sys/dev/cxgbe/tom/t4_tls.c @@ -2157,6 +2157,7 @@ do_rx_tls_cmp(struct sge_iq *iq, const struct rss_header *rss, struct mbuf *m) tgr = (struct tls_get_record *) CMSG_DATA(mtod(control, struct cmsghdr *)); + memset(tgr, 0, sizeof(*tgr)); tgr->tls_type = tls_hdr_pkt->type; tgr->tls_vmajor = be16toh(tls_hdr_pkt->version) >> 8; tgr->tls_vminor = be16toh(tls_hdr_pkt->version) & 0xff; diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c index f6190e24a6b2..f60d5e0948d0 100644 --- a/sys/kern/uipc_ktls.c +++ b/sys/kern/uipc_ktls.c @@ -1986,6 +1986,7 @@ ktls_decrypt(struct socket *so) } /* Allocate the control mbuf. */ + memset(&tgr, 0, sizeof(tgr)); tgr.tls_type = record_type; tgr.tls_vmajor = hdr->tls_vmajor; tgr.tls_vminor = hdr->tls_vminor;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202207191409.26JE9TlI052037>