net/tls: Fix memory leak in tls_enc_skb() and tls_sw_fallback_init()

'aead_req' and 'aead_send' is allocated but not freed in default switch
case. This commit fixes the potential memory leak by freeing them under
the situation.

Note that the default cases here should never be reached as they'd
mean we allowed offloading an unsupported algorithm.

Fixes: ea7a9d88ba21 ("net/tls: Use cipher sizes structs")
Signed-off-by: Yu Liao <liaoyu15@huawei.com>
Reviewed-by: Gal Pressman <gal@nvidia.com>
Link: https://lore.kernel.org/r/20221110090329.2036382-1-liaoyu15@huawei.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

diff --git a/net/tls/tls_device_fallback.c b/net/tls/tls_device_fallback.c
index cdb391a8754b5b65d1ef1b7e6716bc7180f793db..7fbb1d0b69b34f0a3881d37ae0ea984a182062ea 100644 (file)
--- a/net/tls/tls_device_fallback.c
+++ b/net/tls/tls_device_fallback.c
@@ -346,7 +346,7 @@ static struct sk_buff *tls_enc_skb(struct tls_context *tls_ctx,
                salt = tls_ctx->crypto_send.aes_gcm_256.salt;
                break;
        default:
-               return NULL;
+               goto free_req;
        }
        cipher_sz = &tls_cipher_size_desc[tls_ctx->crypto_send.info.cipher_type];
        buf_len = cipher_sz->salt + cipher_sz->iv + TLS_AAD_SPACE_SIZE +
@@ -492,7 +492,8 @@ int tls_sw_fallback_init(struct sock *sk,
                key = ((struct tls12_crypto_info_aes_gcm_256 *)crypto_info)->key;
                break;
        default:
-               return -EINVAL;
+               rc = -EINVAL;
+               goto free_aead;
        }
        cipher_sz = &tls_cipher_size_desc[crypto_info->cipher_type];