net/tls: avoid NULL-deref on resync during device removal
authorJakub Kicinski <jakub.kicinski@netronome.com>
Wed, 22 May 2019 02:02:00 +0000 (19:02 -0700)
committerDavid S. Miller <davem@davemloft.net>
Wed, 22 May 2019 19:21:44 +0000 (12:21 -0700)
commit38030d7cb77963ba84cdbe034806e2b81245339f
tree165e862ba9be48f6b08db072f3dd033b00549c0d
parent0d18c7bd931f86ccc6a1ab1d8b3b7b0a19b2598a
net/tls: avoid NULL-deref on resync during device removal

When netdev with active kTLS sockets in unregistered
notifier callback walks the offloaded sockets and
cleans up offload state.  RX data may still be processed,
however, and if resync was requested prior to device
removal we would hit a NULL pointer dereference on
ctx->netdev use.

Make sure resync is under the device offload lock
and NULL-check the netdev pointer.

This should be safe, because the pointer is set to
NULL either in the netdev notifier (under said lock)
or when socket is completely dead and no resync can
happen.

The other access to ctx->netdev in tls_validate_xmit_skb()
does not dereference the pointer, it just checks it against
other device pointer, so it should be pretty safe (perhaps
we can add a READ_ONCE/WRITE_ONCE there, if paranoid).

Fixes: 4799ac81e52a ("tls: Add rx inline crypto offload")
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/tls/tls_device.c