On 2025-05-23 21:18:58, Jiayuan Chen wrote:
> When sending plaintext data, we initially calculated the corresponding
> ciphertext length. However, if we later reduced the plaintext data length
> via socket policy, we failed to recalculate the ciphertext length.
>
> This results in transmitting buffers containing uninitialized data during
> ciphertext transmission.
>
> This causes uninitialized bytes to be appended after a complete
> "Application Data" packet, leading to errors on the receiving end when
> parsing TLS record.
>
> Fixes: d3b18ad31f93 ("tls: add bpf support to sk_msg handling")
> Reported-by: Cong Wang <xiyou.wangc...@gmail.com>
> Signed-off-by: Jiayuan Chen <jiayuan.c...@linux.dev>
> ---
LGTM thanks.
Reviewed-by: John Fastabend <john.fastab...@gmail.com>
