ktls: Post receive errors on partially closed sockets.

If an error such as an invalid record or one whose decryption fails is detected on a socket that has received a RST then ktls_drop() could ignore the error since INP_DROPPED could already be set. In this case soreceive_generic hangs since it does not return from a KTLS socket with pending encrypted data unless there is an error (so_error) (this behavior is to ensure that soreceive_generic doesn't return a premature EOF when there is pending data still being decrypted). Note that this was a bug prior to 69542f2682 as tcp_usr_abort would also have ignored the error in this case. Reviewed by: gallatin Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D37775
2022-12-27 16:00:17 -08:00 · 2022-12-27 16:00:17 -08:00 · 07be751727
commit 07be751727
parent 7a8d62cd04
1 changed files with 5 additions and 1 deletions
--- a/sys/kern/uipc_ktls.c
+++ b/sys/kern/uipc_ktls.c
@ -2317,8 +2317,12 @@ ktls_drop(struct socket *so, int error)
 		CURVNET_RESTORE();
 		if (tp != NULL)
 			INP_WUNLOCK(inp);
-	} else
+	} else {
+		so->so_error = error;
+		SOCK_RECVBUF_LOCK(so);
+		sorwakeup_locked(so);
 		INP_WUNLOCK(inp);
+	}
 	NET_EPOCH_EXIT(et);
 }