diff options
author | Jakub Kicinski <jakub.kicinski@netronome.com> | 2019-04-10 11:04:30 -0700 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2019-04-10 13:07:02 -0700 |
commit | 5a03bc73abed6ae196c15e9950afde19d48be12c (patch) | |
tree | 110a8cd0a4c14b501405f0f466cb40bfae951db5 | |
parent | f4a58857151f5d0a885fcebb47f6fb1b17dfda9a (diff) | |
download | lwn-5a03bc73abed6ae196c15e9950afde19d48be12c.tar.gz lwn-5a03bc73abed6ae196c15e9950afde19d48be12c.zip |
net/tls: fix the IV leaks
Commit f66de3ee2c16 ("net/tls: Split conf to rx + tx") made
freeing of IV and record sequence number conditional to SW
path only, but commit e8f69799810c ("net/tls: Add generic NIC
offload infrastructure") also allocates that state for the
device offload configuration. Remember to free it.
Fixes: e8f69799810c ("net/tls: Add generic NIC offload infrastructure")
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com>
Reviewed-by: Simon Horman <simon.horman@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/tls/tls_device.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c index 135a7ee9db03..38b3b2a9835a 100644 --- a/net/tls/tls_device.c +++ b/net/tls/tls_device.c @@ -52,8 +52,11 @@ static DEFINE_SPINLOCK(tls_device_lock); static void tls_device_free_ctx(struct tls_context *ctx) { - if (ctx->tx_conf == TLS_HW) + if (ctx->tx_conf == TLS_HW) { kfree(tls_offload_ctx_tx(ctx)); + kfree(ctx->tx.rec_seq); + kfree(ctx->tx.iv); + } if (ctx->rx_conf == TLS_HW) kfree(tls_offload_ctx_rx(ctx)); |