tls: store rec_seq directly within cipher_context
TLS_MAX_REC_SEQ_SIZE is 8B, we don't get anything by using kmalloc. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
8f1d532b4a
commit
6d5029e547
@ -194,7 +194,7 @@ enum tls_context_flags {
|
||||
|
||||
struct cipher_context {
|
||||
char *iv;
|
||||
char *rec_seq;
|
||||
char rec_seq[TLS_MAX_REC_SEQ_SIZE];
|
||||
};
|
||||
|
||||
union tls_crypto_context {
|
||||
|
@ -58,7 +58,6 @@ static void tls_device_free_ctx(struct tls_context *ctx)
|
||||
{
|
||||
if (ctx->tx_conf == TLS_HW) {
|
||||
kfree(tls_offload_ctx_tx(ctx));
|
||||
kfree(ctx->tx.rec_seq);
|
||||
kfree(ctx->tx.iv);
|
||||
}
|
||||
|
||||
@ -1098,16 +1097,12 @@ int tls_set_device_offload(struct sock *sk, struct tls_context *ctx)
|
||||
memcpy(ctx->tx.iv + cipher_desc->salt, iv, cipher_desc->iv);
|
||||
|
||||
prot->rec_seq_size = cipher_desc->rec_seq;
|
||||
ctx->tx.rec_seq = kmemdup(rec_seq, cipher_desc->rec_seq, GFP_KERNEL);
|
||||
if (!ctx->tx.rec_seq) {
|
||||
rc = -ENOMEM;
|
||||
goto free_iv;
|
||||
}
|
||||
memcpy(ctx->tx.rec_seq, rec_seq, cipher_desc->rec_seq);
|
||||
|
||||
start_marker_record = kmalloc(sizeof(*start_marker_record), GFP_KERNEL);
|
||||
if (!start_marker_record) {
|
||||
rc = -ENOMEM;
|
||||
goto free_rec_seq;
|
||||
goto free_iv;
|
||||
}
|
||||
|
||||
offload_ctx = kzalloc(TLS_OFFLOAD_CONTEXT_SIZE_TX, GFP_KERNEL);
|
||||
@ -1192,8 +1187,6 @@ free_offload_ctx:
|
||||
ctx->priv_ctx_tx = NULL;
|
||||
free_marker_record:
|
||||
kfree(start_marker_record);
|
||||
free_rec_seq:
|
||||
kfree(ctx->tx.rec_seq);
|
||||
free_iv:
|
||||
kfree(ctx->tx.iv);
|
||||
release_netdev:
|
||||
|
@ -344,7 +344,6 @@ static void tls_sk_proto_cleanup(struct sock *sk,
|
||||
|
||||
/* We need these for tls_sw_fallback handling of other packets */
|
||||
if (ctx->tx_conf == TLS_SW) {
|
||||
kfree(ctx->tx.rec_seq);
|
||||
kfree(ctx->tx.iv);
|
||||
tls_sw_release_resources_tx(sk);
|
||||
TLS_DEC_STATS(sock_net(sk), LINUX_MIB_TLSCURRTXSW);
|
||||
|
@ -2467,7 +2467,6 @@ void tls_sw_release_resources_rx(struct sock *sk)
|
||||
struct tls_context *tls_ctx = tls_get_ctx(sk);
|
||||
struct tls_sw_context_rx *ctx = tls_sw_ctx_rx(tls_ctx);
|
||||
|
||||
kfree(tls_ctx->rx.rec_seq);
|
||||
kfree(tls_ctx->rx.iv);
|
||||
|
||||
if (ctx->aead_recv) {
|
||||
@ -2692,19 +2691,14 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx)
|
||||
prot->rec_seq_size = cipher_desc->rec_seq;
|
||||
memcpy(cctx->iv, salt, cipher_desc->salt);
|
||||
memcpy(cctx->iv + cipher_desc->salt, iv, cipher_desc->iv);
|
||||
|
||||
cctx->rec_seq = kmemdup(rec_seq, cipher_desc->rec_seq, GFP_KERNEL);
|
||||
if (!cctx->rec_seq) {
|
||||
rc = -ENOMEM;
|
||||
goto free_iv;
|
||||
}
|
||||
memcpy(cctx->rec_seq, rec_seq, cipher_desc->rec_seq);
|
||||
|
||||
if (!*aead) {
|
||||
*aead = crypto_alloc_aead(cipher_desc->cipher_name, 0, 0);
|
||||
if (IS_ERR(*aead)) {
|
||||
rc = PTR_ERR(*aead);
|
||||
*aead = NULL;
|
||||
goto free_rec_seq;
|
||||
goto free_iv;
|
||||
}
|
||||
}
|
||||
|
||||
@ -2736,9 +2730,6 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx)
|
||||
free_aead:
|
||||
crypto_free_aead(*aead);
|
||||
*aead = NULL;
|
||||
free_rec_seq:
|
||||
kfree(cctx->rec_seq);
|
||||
cctx->rec_seq = NULL;
|
||||
free_iv:
|
||||
kfree(cctx->iv);
|
||||
cctx->iv = NULL;
|
||||
|
Loading…
Reference in New Issue
Block a user