hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2024-11-21 18:50:50 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

ktls: Mark mbufs containing outbound encrypted TLS records read-only

Browse Source 
Reviewed by:	gallatin, kp
Differential Revision:	https://reviews.freebsd.org/D46784
This commit is contained in:
John Baldwin 2024-10-31 16:32:32 -04:00
parent 314cb27995
commit f02d9edfb5
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sys/kern/uipc_ktls.c
View File

@ -3072,6 +3072,7 @@ ktls_encrypt(struct ktls_wq *wq, struct mbuf *top)
if ((m->m_epg_flags & EPG_FLAG_ANON) == 0)
ktls_finish_nonanon(m, &state);
m->m_flags |= M_RDONLY;
npages += m->m_epg_nrdy;
@ -3110,6 +3111,7 @@ ktls_encrypt_cb(struct ktls_ocf_encrypt_state *state, int error)
if ((m->m_epg_flags & EPG_FLAG_ANON) == 0)
ktls_finish_nonanon(m, state);
m->m_flags |= M_RDONLY;
so = state->so;
free(state, M_KTLS);