tls: trim encrypted message to match the plaintext on short splice

During tls_sw_sendmsg_locked, we pre-allocate the encrypted message
for the size we're expecting to send during the current iteration, but
we may end up sending less, for example when splicing: if we're
getting the data from small fragments of memory, we may fill up all
the slots in the skmsg with less data than expected.

In this case, we need to trim the encrypted message to only the length
we actually need, to avoid pushing uninitialized bytes down the
underlying TCP socket.

Fixes: fe1e81d4f73b ("tls/sw: Support MSG_SPLICE_PAGES")
Reported-by: Jann Horn <jannh@google.com>
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Link: https://patch.msgid.link/66a0ae99c9efc15f88e9e56c1f58f902f442ce86.1760432043.git.sd@queasysnail.net
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index daac9fd4be7eb55b6df32e92d7f74d9704bc1d49..36ca3011ab87657a4193c581c42c75cac6158c94 100644 (file)
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -1112,8 +1112,11 @@ alloc_encrypted:
                                goto send_end;
                        tls_ctx->pending_open_record_frags = true;
 
-                       if (sk_msg_full(msg_pl))
+                       if (sk_msg_full(msg_pl)) {
                                full_record = true;
+                               sk_msg_trim(sk, msg_en,
+                                           msg_pl->sg.size + prot->overhead_size);
+                       }
 
                        if (full_record || eor)
                                goto copied;