summaryrefslogtreecommitdiff
path: root/net/tls
diff options
context:
space:
mode:
authorJakub Kicinski <jakub.kicinski@netronome.com>2019-04-10 11:04:30 -0700
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2019-05-16 19:41:27 +0200
commit85b9e8694f9c03d508398bdb930e7d2109d07855 (patch)
treebca9f3fcf6af2fab08eabd5122c7b568f1b83067 /net/tls
parente38c6748d1ccf4b0651750289389168de722e934 (diff)
downloadlinux-rt-85b9e8694f9c03d508398bdb930e7d2109d07855.tar.gz
net/tls: fix the IV leaks
[ Upstream commit 5a03bc73abed6ae196c15e9950afde19d48be12c ] Commit f66de3ee2c16 ("net/tls: Split conf to rx + tx") made freeing of IV and record sequence number conditional to SW path only, but commit e8f69799810c ("net/tls: Add generic NIC offload infrastructure") also allocates that state for the device offload configuration. Remember to free it. Fixes: e8f69799810c ("net/tls: Add generic NIC offload infrastructure") Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com> Reviewed-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com> Reviewed-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Diffstat (limited to 'net/tls')
-rw-r--r--net/tls/tls_device.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index f4a19eac975d..fdf22cb0b3e6 100644
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -52,8 +52,11 @@ static DEFINE_SPINLOCK(tls_device_lock);
static void tls_device_free_ctx(struct tls_context *ctx)
{
- if (ctx->tx_conf == TLS_HW)
+ if (ctx->tx_conf == TLS_HW) {
kfree(tls_offload_ctx_tx(ctx));
+ kfree(ctx->tx.rec_seq);
+ kfree(ctx->tx.iv);
+ }
if (ctx->rx_conf == TLS_HW)
kfree(tls_offload_ctx_rx(ctx));