Re: [PATCH] net/tls: Fix return values for setsockopt
From: Jakub Kicinski
Date: Tue Dec 03 2019 - 17:56:00 EST
On Tue, 3 Dec 2019 23:44:58 +0100, Valentin Vidic wrote:
> ENOTSUPP is not available in userspace:
>
> setsockopt failed, 524, Unknown error 524
>
> Signed-off-by: Valentin Vidic <vvidic@xxxxxxxxxxxxxxxxxxxxxx>
I'm not 100% clear on whether we can change the return codes after they
had been exposed to user space for numerous releases..
But if we can - please fix the tools/testing/selftests/net/tls.c test
as well, because it expects ENOTSUPP.
> diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c
> index bdca31ffe6da..5830b8e02a36 100644
> --- a/net/tls/tls_main.c
> +++ b/net/tls/tls_main.c
> @@ -496,7 +496,7 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval,
> /* check version */
> if (crypto_info->version != TLS_1_2_VERSION &&
> crypto_info->version != TLS_1_3_VERSION) {
> - rc = -ENOTSUPP;
> + rc = -EINVAL;
> goto err_crypto_info;
> }
>
> @@ -723,7 +723,7 @@ static int tls_init(struct sock *sk)
> * share the ulp context.
> */
> if (sk->sk_state != TCP_ESTABLISHED)
> - return -ENOTSUPP;
> + return -ENOTCONN;
>
> /* allocate tls context */
> write_lock_bh(&sk->sk_callback_lock);