mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-22 03:04:34 +01:00
ktls: Mark mbufs containing outbound encrypted TLS records read-only
Reviewed by: gallatin, kp Differential Revision: https://reviews.freebsd.org/D46784
This commit is contained in:
parent
314cb27995
commit
f02d9edfb5
@ -3072,6 +3072,7 @@ ktls_encrypt(struct ktls_wq *wq, struct mbuf *top)
|
||||
|
||||
if ((m->m_epg_flags & EPG_FLAG_ANON) == 0)
|
||||
ktls_finish_nonanon(m, &state);
|
||||
m->m_flags |= M_RDONLY;
|
||||
|
||||
npages += m->m_epg_nrdy;
|
||||
|
||||
@ -3110,6 +3111,7 @@ ktls_encrypt_cb(struct ktls_ocf_encrypt_state *state, int error)
|
||||
|
||||
if ((m->m_epg_flags & EPG_FLAG_ANON) == 0)
|
||||
ktls_finish_nonanon(m, state);
|
||||
m->m_flags |= M_RDONLY;
|
||||
|
||||
so = state->so;
|
||||
free(state, M_KTLS);
|
||||
|
Loading…
Reference in New Issue
Block a user