]> www.infradead.org Git - users/hch/xfs.git/commitdiff
projects / users / hch / xfs.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3d2f670)
net/tls: make sure tls offload sets salt_size
authorRohit Maheshwari <rohitm@chelsio.com>
Tue, 1 Dec 2020 09:07:52 +0000 (14:37 +0530)
committerJakub Kicinski <kuba@kernel.org>
Wed, 2 Dec 2020 01:51:30 +0000 (17:51 -0800)
Recent changes made to remove AES constants started using protocol
aware salt_size. ctx->prot_info's salt_size is filled in tls sw case,
but not in tls offload mode, and was working so far because of the
hard coded value was used.

Fixes: 6942a284fb3e ("net/tls: make inline helpers protocol-aware")
Signed-off-by: Rohit Maheshwari <rohitm@chelsio.com>
Link: https://lore.kernel.org/r/20201201090752.27355-1-rohitm@chelsio.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
net/tls/tls_device.c patch | blob | history

diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index 6cc9fe77835613e7a070a0b20d6bc1240d2bc1c5..f7fb7d2c1de1f728d07b6f0aa69a8a759bfecb08 100644 (file)
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -998,7 +998,7 @@ static void tls_device_attach(struct tls_context *ctx, struct sock *sk,
 
 int tls_set_device_offload(struct sock *sk, struct tls_context *ctx)
 {
-       u16 nonce_size, tag_size, iv_size, rec_seq_size;
+       u16 nonce_size, tag_size, iv_size, rec_seq_size, salt_size;
        struct tls_context *tls_ctx = tls_get_ctx(sk);
        struct tls_prot_info *prot = &tls_ctx->prot_info;
        struct tls_record_info *start_marker_record;
@@ -1039,6 +1039,7 @@ int tls_set_device_offload(struct sock *sk, struct tls_context *ctx)
                iv_size = TLS_CIPHER_AES_GCM_128_IV_SIZE;
                iv = ((struct tls12_crypto_info_aes_gcm_128 *)crypto_info)->iv;
                rec_seq_size = TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE;
+               salt_size = TLS_CIPHER_AES_GCM_128_SALT_SIZE;
                rec_seq =
                 ((struct tls12_crypto_info_aes_gcm_128 *)crypto_info)->rec_seq;
                break;
@@ -1059,6 +1060,7 @@ int tls_set_device_offload(struct sock *sk, struct tls_context *ctx)
        prot->tag_size = tag_size;
        prot->overhead_size = prot->prepend_size + prot->tag_size;
        prot->iv_size = iv_size;
+       prot->salt_size = salt_size;
        ctx->tx.iv = kmalloc(iv_size + TLS_CIPHER_AES_GCM_128_SALT_SIZE,
                             GFP_KERNEL);
        if (!ctx->tx.iv) {
Unnamed repository; edit this file 'description' to name the repository.