tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

tls: Only use data field in crypto completion function

The crypto_async_request passed to the completion is not guaranteed
to be the original request object. Only the data field can be relied
upon.

Fix this by storing the socket pointer with the AEAD request.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Herbert Xu 8d338c76 1dbab131

+31 -11
+2
net/tls/tls.h
··· 70 70 char content_type; 71 71 struct scatterlist sg_content_type; 72 72 73 + struct sock *sk; 74 + 73 75 char aad_space[TLS_AAD_SPACE_SIZE]; 74 76 u8 iv_data[MAX_IV_SIZE]; 75 77 struct aead_request aead_req;
+29 -11
net/tls/tls_sw.c
··· 38 38 #include <linux/bug.h> 39 39 #include <linux/sched/signal.h> 40 40 #include <linux/module.h> 41 + #include <linux/kernel.h> 41 42 #include <linux/splice.h> 42 43 #include <crypto/aead.h> 43 44 ··· 58 57 }; 59 58 60 59 struct tls_decrypt_ctx { 60 + struct sock *sk; 61 61 u8 iv[MAX_IV_SIZE]; 62 62 u8 aad[TLS_MAX_AAD_SIZE]; 63 63 u8 tail; ··· 179 177 return sub; 180 178 } 181 179 182 - static void tls_decrypt_done(struct crypto_async_request *req, int err) 180 + static void tls_decrypt_done(crypto_completion_data_t *data, int err) 183 181 { 184 - struct aead_request *aead_req = (struct aead_request *)req; 182 + struct aead_request *aead_req = crypto_get_completion_data(data); 183 + struct crypto_aead *aead = crypto_aead_reqtfm(aead_req); 185 184 struct scatterlist *sgout = aead_req->dst; 186 185 struct scatterlist *sgin = aead_req->src; 187 186 struct tls_sw_context_rx *ctx; 187 + struct tls_decrypt_ctx *dctx; 188 188 struct tls_context *tls_ctx; 189 189 struct scatterlist *sg; 190 190 unsigned int pages; 191 191 struct sock *sk; 192 + int aead_size; 192 193 193 - sk = (struct sock *)req->data; 194 + aead_size = sizeof(*aead_req) + crypto_aead_reqsize(aead); 195 + aead_size = ALIGN(aead_size, __alignof__(*dctx)); 196 + dctx = (void *)((u8 *)aead_req + aead_size); 197 + 198 + sk = dctx->sk; 194 199 tls_ctx = tls_get_ctx(sk); 195 200 ctx = tls_sw_ctx_rx(tls_ctx); 196 201 ··· 249 240 if (darg->async) { 250 241 aead_request_set_callback(aead_req, 251 242 CRYPTO_TFM_REQ_MAY_BACKLOG, 252 - tls_decrypt_done, sk); 243 + tls_decrypt_done, aead_req); 253 244 atomic_inc(&ctx->decrypt_pending); 254 245 } else { 255 246 aead_request_set_callback(aead_req, ··· 345 336 sg_set_buf(&rec->sg_aead_out[0], rec->aad_space, prot->aad_size); 346 337 sg_unmark_end(&rec->sg_aead_out[1]); 347 338 339 + rec->sk = sk; 340 + 348 341 return rec; 349 342 } 350 343 ··· 428 417 return rc; 429 418 } 430 419 431 - static void tls_encrypt_done(struct crypto_async_request *req, int err) 420 + static void tls_encrypt_done(crypto_completion_data_t *data, int err) 432 421 { 433 - struct aead_request *aead_req = (struct aead_request *)req; 434 - struct sock *sk = req->data; 435 - struct tls_context *tls_ctx = tls_get_ctx(sk); 436 - struct tls_prot_info *prot = &tls_ctx->prot_info; 437 - struct tls_sw_context_tx *ctx = tls_sw_ctx_tx(tls_ctx); 422 + struct aead_request *aead_req = crypto_get_completion_data(data); 423 + struct tls_sw_context_tx *ctx; 424 + struct tls_context *tls_ctx; 425 + struct tls_prot_info *prot; 438 426 struct scatterlist *sge; 439 427 struct sk_msg *msg_en; 440 428 struct tls_rec *rec; 441 429 bool ready = false; 430 + struct sock *sk; 442 431 int pending; 443 432 444 433 rec = container_of(aead_req, struct tls_rec, aead_req); 445 434 msg_en = &rec->msg_encrypted; 435 + 436 + sk = rec->sk; 437 + tls_ctx = tls_get_ctx(sk); 438 + prot = &tls_ctx->prot_info; 439 + ctx = tls_sw_ctx_tx(tls_ctx); 446 440 447 441 sge = sk_msg_elem(msg_en, msg_en->sg.curr); 448 442 sge->offset -= prot->prepend_size; ··· 536 520 data_len, rec->iv_data); 537 521 538 522 aead_request_set_callback(aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG, 539 - tls_encrypt_done, sk); 523 + tls_encrypt_done, aead_req); 540 524 541 525 /* Add the record in tx_list */ 542 526 list_add_tail((struct list_head *)&rec->list, &ctx->tx_list); ··· 1501 1485 * Both structs are variable length. 1502 1486 */ 1503 1487 aead_size = sizeof(*aead_req) + crypto_aead_reqsize(ctx->aead_recv); 1488 + aead_size = ALIGN(aead_size, __alignof__(*dctx)); 1504 1489 mem = kmalloc(aead_size + struct_size(dctx, sg, n_sgin + n_sgout), 1505 1490 sk->sk_allocation); 1506 1491 if (!mem) { ··· 1512 1495 /* Segment the allocated memory */ 1513 1496 aead_req = (struct aead_request *)mem; 1514 1497 dctx = (struct tls_decrypt_ctx *)(mem + aead_size); 1498 + dctx->sk = sk; 1515 1499 sgin = &dctx->sg[0]; 1516 1500 sgout = &dctx->sg[n_sgin]; 1517 1501