net/tls: don't leak IV and record seq when offload fails - linux/linux-stable.git

diff options

author	Jakub Kicinski <jakub.kicinski@netronome.com>	2019-04-19 16:52:19 -0700
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2019-05-02 09:59:01 +0200
commit	53db652324283624970355fab09c3bc4190c57e6 (patch)
tree	e4a6190c051e75c1d83057d256ac05acabcf3d6a /scripts/selinux/genheaders/genheaders.c
parent	d3bdd359fa53c1d577bc96677474c43bfb9090bd (diff)

net/tls: don't leak IV and record seq when offload fails

[ Upstream commit 12c7686111326148b4b5db189130522a4ad1be4a ] When device refuses the offload in tls_set_device_offload_rx() it calls tls_sw_free_resources_rx() to clean up software context state. Unfortunately, tls_sw_free_resources_rx() does not free all the state tls_set_sw_offload() allocated - it leaks IV and sequence number buffers. All other code paths which lead to tls_sw_release_resources_rx() (which tls_sw_free_resources_rx() calls) free those right before the call. Avoid the leak by moving freeing of iv and rec_seq into tls_sw_release_resources_rx(). Fixes: 4799ac81e52a ("tls: Add rx inline crypto offload") Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com> Reviewed-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'scripts/selinux/genheaders/genheaders.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: