From: Sabrina Dubroca <sd@queasysnail.net>
Date: Fri, 25 Aug 2023 23:35:16 +0200
Subject: tls: allocate the fallback aead after checking that the cipher is
valid
Patch-mainline: v6.6-rc1
Git-commit: d2322cf5ed59f084ac86d9339f7c3acccd177bfd
References: jsc#PED-6831
No need to allocate the aead if we're going to fail afterwards.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Link: https://lore.kernel.org/r/335e32511ed55a0b30f3f81a78fa8f323b3bdf8f.1692977948.git.sd@queasysnail.net
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Acked-by: Thomas Bogendoerfer <tbogendoerfer@suse.de>
---
net/tls/tls_device_fallback.c | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
--- a/net/tls/tls_device_fallback.c
+++ b/net/tls/tls_device_fallback.c
@@ -475,15 +475,6 @@ int tls_sw_fallback_init(struct sock *sk
const u8 *key;
int rc;
- offload_ctx->aead_send =
- crypto_alloc_aead("gcm(aes)", 0, CRYPTO_ALG_ASYNC);
- if (IS_ERR(offload_ctx->aead_send)) {
- rc = PTR_ERR(offload_ctx->aead_send);
- pr_err_ratelimited("crypto_alloc_aead failed rc=%d\n", rc);
- offload_ctx->aead_send = NULL;
- goto err_out;
- }
-
switch (crypto_info->cipher_type) {
case TLS_CIPHER_AES_GCM_128:
key = ((struct tls12_crypto_info_aes_gcm_128 *)crypto_info)->key;
@@ -493,10 +484,19 @@ int tls_sw_fallback_init(struct sock *sk
break;
default:
rc = -EINVAL;
- goto free_aead;
+ goto err_out;
}
cipher_desc = get_cipher_desc(crypto_info->cipher_type);
+ offload_ctx->aead_send =
+ crypto_alloc_aead("gcm(aes)", 0, CRYPTO_ALG_ASYNC);
+ if (IS_ERR(offload_ctx->aead_send)) {
+ rc = PTR_ERR(offload_ctx->aead_send);
+ pr_err_ratelimited("crypto_alloc_aead failed rc=%d\n", rc);
+ offload_ctx->aead_send = NULL;
+ goto err_out;
+ }
+
rc = crypto_aead_setkey(offload_ctx->aead_send, key, cipher_desc->key);
if (rc)
goto free_aead;