提交 85b9e869 编写于 作者: J Jakub Kicinski 提交者: Greg Kroah-Hartman

net/tls: fix the IV leaks

[ Upstream commit 5a03bc73abed6ae196c15e9950afde19d48be12c ]

Commit f66de3ee ("net/tls: Split conf to rx + tx") made
freeing of IV and record sequence number conditional to SW
path only, but commit e8f69799 ("net/tls: Add generic NIC
offload infrastructure") also allocates that state for the
device offload configuration.  Remember to free it.

Fixes: e8f69799 ("net/tls: Add generic NIC offload infrastructure")
Signed-off-by: NJakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: NDirk van der Merwe <dirk.vandermerwe@netronome.com>
Reviewed-by: NSimon Horman <simon.horman@netronome.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
Signed-off-by: NSasha Levin <alexander.levin@microsoft.com>
上级 e38c6748
...@@ -52,8 +52,11 @@ static DEFINE_SPINLOCK(tls_device_lock); ...@@ -52,8 +52,11 @@ static DEFINE_SPINLOCK(tls_device_lock);
static void tls_device_free_ctx(struct tls_context *ctx) static void tls_device_free_ctx(struct tls_context *ctx)
{ {
if (ctx->tx_conf == TLS_HW) if (ctx->tx_conf == TLS_HW) {
kfree(tls_offload_ctx_tx(ctx)); kfree(tls_offload_ctx_tx(ctx));
kfree(ctx->tx.rec_seq);
kfree(ctx->tx.iv);
}
if (ctx->rx_conf == TLS_HW) if (ctx->rx_conf == TLS_HW)
kfree(tls_offload_ctx_rx(ctx)); kfree(tls_offload_ctx_rx(ctx));
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册