Commit d31c0800 authored by Rohit Maheshwari's avatar Rohit Maheshwari Committed by Jakub Kicinski

net/tls: make sure tls offload sets salt_size

Recent changes made to remove AES constants started using protocol
aware salt_size. ctx->prot_info's salt_size is filled in tls sw case,
but not in tls offload mode, and was working so far because of the
hard coded value was used.

Fixes: 6942a284 ("net/tls: make inline helpers protocol-aware")
Signed-off-by: default avatarRohit Maheshwari <rohitm@chelsio.com>
Link: https://lore.kernel.org/r/20201201090752.27355-1-rohitm@chelsio.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent 3d2f670a
...@@ -998,7 +998,7 @@ static void tls_device_attach(struct tls_context *ctx, struct sock *sk, ...@@ -998,7 +998,7 @@ static void tls_device_attach(struct tls_context *ctx, struct sock *sk,
int tls_set_device_offload(struct sock *sk, struct tls_context *ctx) int tls_set_device_offload(struct sock *sk, struct tls_context *ctx)
{ {
u16 nonce_size, tag_size, iv_size, rec_seq_size; u16 nonce_size, tag_size, iv_size, rec_seq_size, salt_size;
struct tls_context *tls_ctx = tls_get_ctx(sk); struct tls_context *tls_ctx = tls_get_ctx(sk);
struct tls_prot_info *prot = &tls_ctx->prot_info; struct tls_prot_info *prot = &tls_ctx->prot_info;
struct tls_record_info *start_marker_record; struct tls_record_info *start_marker_record;
...@@ -1039,6 +1039,7 @@ int tls_set_device_offload(struct sock *sk, struct tls_context *ctx) ...@@ -1039,6 +1039,7 @@ int tls_set_device_offload(struct sock *sk, struct tls_context *ctx)
iv_size = TLS_CIPHER_AES_GCM_128_IV_SIZE; iv_size = TLS_CIPHER_AES_GCM_128_IV_SIZE;
iv = ((struct tls12_crypto_info_aes_gcm_128 *)crypto_info)->iv; iv = ((struct tls12_crypto_info_aes_gcm_128 *)crypto_info)->iv;
rec_seq_size = TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE; rec_seq_size = TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE;
salt_size = TLS_CIPHER_AES_GCM_128_SALT_SIZE;
rec_seq = rec_seq =
((struct tls12_crypto_info_aes_gcm_128 *)crypto_info)->rec_seq; ((struct tls12_crypto_info_aes_gcm_128 *)crypto_info)->rec_seq;
break; break;
...@@ -1059,6 +1060,7 @@ int tls_set_device_offload(struct sock *sk, struct tls_context *ctx) ...@@ -1059,6 +1060,7 @@ int tls_set_device_offload(struct sock *sk, struct tls_context *ctx)
prot->tag_size = tag_size; prot->tag_size = tag_size;
prot->overhead_size = prot->prepend_size + prot->tag_size; prot->overhead_size = prot->prepend_size + prot->tag_size;
prot->iv_size = iv_size; prot->iv_size = iv_size;
prot->salt_size = salt_size;
ctx->tx.iv = kmalloc(iv_size + TLS_CIPHER_AES_GCM_128_SALT_SIZE, ctx->tx.iv = kmalloc(iv_size + TLS_CIPHER_AES_GCM_128_SALT_SIZE,
GFP_KERNEL); GFP_KERNEL);
if (!ctx->tx.iv) { if (!ctx->tx.iv) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment