summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakub Kicinski <jakub.kicinski@netronome.com>2019-04-10 11:04:30 -0700
committerDavid S. Miller <davem@davemloft.net>2019-04-10 13:07:02 -0700
commit5a03bc73abed6ae196c15e9950afde19d48be12c (patch)
tree110a8cd0a4c14b501405f0f466cb40bfae951db5
parentf4a58857151f5d0a885fcebb47f6fb1b17dfda9a (diff)
downloadlwn-5a03bc73abed6ae196c15e9950afde19d48be12c.tar.gz
lwn-5a03bc73abed6ae196c15e9950afde19d48be12c.zip
net/tls: fix the IV leaks
Commit f66de3ee2c16 ("net/tls: Split conf to rx + tx") made freeing of IV and record sequence number conditional to SW path only, but commit e8f69799810c ("net/tls: Add generic NIC offload infrastructure") also allocates that state for the device offload configuration. Remember to free it. Fixes: e8f69799810c ("net/tls: Add generic NIC offload infrastructure") Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com> Reviewed-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com> Reviewed-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/tls/tls_device.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index 135a7ee9db03..38b3b2a9835a 100644
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -52,8 +52,11 @@ static DEFINE_SPINLOCK(tls_device_lock);
static void tls_device_free_ctx(struct tls_context *ctx)
{
- if (ctx->tx_conf == TLS_HW)
+ if (ctx->tx_conf == TLS_HW) {
kfree(tls_offload_ctx_tx(ctx));
+ kfree(ctx->tx.rec_seq);
+ kfree(ctx->tx.iv);
+ }
if (ctx->rx_conf == TLS_HW)
kfree(tls_offload_ctx_rx(ctx));