diff options
| author | Jason A. Donenfeld <Jason@zx2c4.com> | 2017-04-25 13:08:18 -0400 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2017-05-14 08:00:20 -0400 |
| commit | 3b0129d4111e53927c2bc3c6b78a2b12ad71268b (patch) | |
| tree | 94bc9edad6345508238e53b55caa55ac9f295ab7 | |
| parent | 22d6b013ffcf4809b4fe03b240855c6f8eb54599 (diff) | |
macsec: dynamically allocate space for sglist
[ Upstream commit 5294b83086cc1c35b4efeca03644cf9d12282e5b ]
We call skb_cow_data, which is good anyway to ensure we can actually
modify the skb as such (another error from prior). Now that we have the
number of fragments required, we can safely allocate exactly that amount
of memory.
Fixes: c09440f7dcb3 ("macsec: introduce IEEE 802.1AE driver")
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Acked-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| -rw-r--r-- | drivers/net/macsec.c | 29 |
1 files changed, 22 insertions, 7 deletions
diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index f7c6a40aae81..a5d66e205bb2 100644 --- a/drivers/net/macsec.c +++ b/drivers/net/macsec.c | |||
| @@ -617,7 +617,8 @@ static void macsec_encrypt_done(struct crypto_async_request *base, int err) | |||
| 617 | 617 | ||
| 618 | static struct aead_request *macsec_alloc_req(struct crypto_aead *tfm, | 618 | static struct aead_request *macsec_alloc_req(struct crypto_aead *tfm, |
| 619 | unsigned char **iv, | 619 | unsigned char **iv, |
| 620 | struct scatterlist **sg) | 620 | struct scatterlist **sg, |
| 621 | int num_frags) | ||
| 621 | { | 622 | { |
| 622 | size_t size, iv_offset, sg_offset; | 623 | size_t size, iv_offset, sg_offset; |
| 623 | struct aead_request *req; | 624 | struct aead_request *req; |
| @@ -629,7 +630,7 @@ static struct aead_request *macsec_alloc_req(struct crypto_aead *tfm, | |||
| 629 | 630 | ||
| 630 | size = ALIGN(size, __alignof__(struct scatterlist)); | 631 | size = ALIGN(size, __alignof__(struct scatterlist)); |
| 631 | sg_offset = size; | 632 | sg_offset = size; |
| 632 | size += sizeof(struct scatterlist) * (MAX_SKB_FRAGS + 1); | 633 | size += sizeof(struct scatterlist) * num_frags; |
| 633 | 634 | ||
| 634 | tmp = kmalloc(size, GFP_ATOMIC); | 635 | tmp = kmalloc(size, GFP_ATOMIC); |
| 635 | if (!tmp) | 636 | if (!tmp) |
| @@ -649,6 +650,7 @@ static struct sk_buff *macsec_encrypt(struct sk_buff *skb, | |||
| 649 | { | 650 | { |
| 650 | int ret; | 651 | int ret; |
| 651 | struct scatterlist *sg; | 652 | struct scatterlist *sg; |
| 653 | struct sk_buff *trailer; | ||
| 652 | unsigned char *iv; | 654 | unsigned char *iv; |
| 653 | struct ethhdr *eth; | 655 | struct ethhdr *eth; |
| 654 | struct macsec_eth_header *hh; | 656 | struct macsec_eth_header *hh; |
| @@ -723,7 +725,14 @@ static struct sk_buff *macsec_encrypt(struct sk_buff *skb, | |||
| 723 | return ERR_PTR(-EINVAL); | 725 | return ERR_PTR(-EINVAL); |
| 724 | } | 726 | } |
| 725 | 727 | ||
| 726 | req = macsec_alloc_req(tx_sa->key.tfm, &iv, &sg); | 728 | ret = skb_cow_data(skb, 0, &trailer); |
| 729 | if (unlikely(ret < 0)) { | ||
| 730 | macsec_txsa_put(tx_sa); | ||
| 731 | kfree_skb(skb); | ||
| 732 | return ERR_PTR(ret); | ||
| 733 | } | ||
| 734 | |||
| 735 | req = macsec_alloc_req(tx_sa->key.tfm, &iv, &sg, ret); | ||
| 727 | if (!req) { | 736 | if (!req) { |
| 728 | macsec_txsa_put(tx_sa); | 737 | macsec_txsa_put(tx_sa); |
| 729 | kfree_skb(skb); | 738 | kfree_skb(skb); |
| @@ -732,7 +741,7 @@ static struct sk_buff *macsec_encrypt(struct sk_buff *skb, | |||
| 732 | 741 | ||
| 733 | macsec_fill_iv(iv, secy->sci, pn); | 742 | macsec_fill_iv(iv, secy->sci, pn); |
| 734 | 743 | ||
| 735 | sg_init_table(sg, MAX_SKB_FRAGS + 1); | 744 | sg_init_table(sg, ret); |
| 736 | skb_to_sgvec(skb, sg, 0, skb->len); | 745 | skb_to_sgvec(skb, sg, 0, skb->len); |
| 737 | 746 | ||
| 738 | if (tx_sc->encrypt) { | 747 | if (tx_sc->encrypt) { |
| @@ -914,6 +923,7 @@ static struct sk_buff *macsec_decrypt(struct sk_buff *skb, | |||
| 914 | { | 923 | { |
| 915 | int ret; | 924 | int ret; |
| 916 | struct scatterlist *sg; | 925 | struct scatterlist *sg; |
| 926 | struct sk_buff *trailer; | ||
| 917 | unsigned char *iv; | 927 | unsigned char *iv; |
| 918 | struct aead_request *req; | 928 | struct aead_request *req; |
| 919 | struct macsec_eth_header *hdr; | 929 | struct macsec_eth_header *hdr; |
| @@ -924,7 +934,12 @@ static struct sk_buff *macsec_decrypt(struct sk_buff *skb, | |||
| 924 | if (!skb) | 934 | if (!skb) |
| 925 | return ERR_PTR(-ENOMEM); | 935 | return ERR_PTR(-ENOMEM); |
| 926 | 936 | ||
| 927 | req = macsec_alloc_req(rx_sa->key.tfm, &iv, &sg); | 937 | ret = skb_cow_data(skb, 0, &trailer); |
| 938 | if (unlikely(ret < 0)) { | ||
| 939 | kfree_skb(skb); | ||
| 940 | return ERR_PTR(ret); | ||
| 941 | } | ||
| 942 | req = macsec_alloc_req(rx_sa->key.tfm, &iv, &sg, ret); | ||
| 928 | if (!req) { | 943 | if (!req) { |
| 929 | kfree_skb(skb); | 944 | kfree_skb(skb); |
| 930 | return ERR_PTR(-ENOMEM); | 945 | return ERR_PTR(-ENOMEM); |
| @@ -933,7 +948,7 @@ static struct sk_buff *macsec_decrypt(struct sk_buff *skb, | |||
| 933 | hdr = (struct macsec_eth_header *)skb->data; | 948 | hdr = (struct macsec_eth_header *)skb->data; |
| 934 | macsec_fill_iv(iv, sci, ntohl(hdr->packet_number)); | 949 | macsec_fill_iv(iv, sci, ntohl(hdr->packet_number)); |
| 935 | 950 | ||
| 936 | sg_init_table(sg, MAX_SKB_FRAGS + 1); | 951 | sg_init_table(sg, ret); |
| 937 | skb_to_sgvec(skb, sg, 0, skb->len); | 952 | skb_to_sgvec(skb, sg, 0, skb->len); |
| 938 | 953 | ||
| 939 | if (hdr->tci_an & MACSEC_TCI_E) { | 954 | if (hdr->tci_an & MACSEC_TCI_E) { |
| @@ -2709,7 +2724,7 @@ static netdev_tx_t macsec_start_xmit(struct sk_buff *skb, | |||
| 2709 | } | 2724 | } |
| 2710 | 2725 | ||
| 2711 | #define MACSEC_FEATURES \ | 2726 | #define MACSEC_FEATURES \ |
| 2712 | (NETIF_F_SG | NETIF_F_HIGHDMA) | 2727 | (NETIF_F_SG | NETIF_F_HIGHDMA | NETIF_F_FRAGLIST) |
| 2713 | static struct lock_class_key macsec_netdev_addr_lock_key; | 2728 | static struct lock_class_key macsec_netdev_addr_lock_key; |
| 2714 | 2729 | ||
| 2715 | static int macsec_dev_init(struct net_device *dev) | 2730 | static int macsec_dev_init(struct net_device *dev) |