aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/net/macsec.c
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2017-04-25 13:08:18 -0400
committerDavid S. Miller <davem@davemloft.net>2017-04-26 14:41:53 -0400
commit5294b83086cc1c35b4efeca03644cf9d12282e5b (patch)
tree52d523a44d35c124513537df45423bea4546d1a2 /drivers/net/macsec.c
parentb43bd72835a5f7adef81fe53fa1fbe7b0e43df8e (diff)
macsec: dynamically allocate space for sglist
We call skb_cow_data, which is good anyway to ensure we can actually modify the skb as such (another error from prior). Now that we have the number of fragments required, we can safely allocate exactly that amount of memory. Fixes: c09440f7dcb3 ("macsec: introduce IEEE 802.1AE driver") Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Acked-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'drivers/net/macsec.c')
-rw-r--r--drivers/net/macsec.c29
1 files changed, 22 insertions, 7 deletions
diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c
index dbab05afcdbe..49ce4e9f4a0f 100644
--- a/drivers/net/macsec.c
+++ b/drivers/net/macsec.c
@@ -617,7 +617,8 @@ static void macsec_encrypt_done(struct crypto_async_request *base, int err)
617 617
618static struct aead_request *macsec_alloc_req(struct crypto_aead *tfm, 618static struct aead_request *macsec_alloc_req(struct crypto_aead *tfm,
619 unsigned char **iv, 619 unsigned char **iv,
620 struct scatterlist **sg) 620 struct scatterlist **sg,
621 int num_frags)
621{ 622{
622 size_t size, iv_offset, sg_offset; 623 size_t size, iv_offset, sg_offset;
623 struct aead_request *req; 624 struct aead_request *req;
@@ -629,7 +630,7 @@ static struct aead_request *macsec_alloc_req(struct crypto_aead *tfm,
629 630
630 size = ALIGN(size, __alignof__(struct scatterlist)); 631 size = ALIGN(size, __alignof__(struct scatterlist));
631 sg_offset = size; 632 sg_offset = size;
632 size += sizeof(struct scatterlist) * (MAX_SKB_FRAGS + 1); 633 size += sizeof(struct scatterlist) * num_frags;
633 634
634 tmp = kmalloc(size, GFP_ATOMIC); 635 tmp = kmalloc(size, GFP_ATOMIC);
635 if (!tmp) 636 if (!tmp)
@@ -649,6 +650,7 @@ static struct sk_buff *macsec_encrypt(struct sk_buff *skb,
649{ 650{
650 int ret; 651 int ret;
651 struct scatterlist *sg; 652 struct scatterlist *sg;
653 struct sk_buff *trailer;
652 unsigned char *iv; 654 unsigned char *iv;
653 struct ethhdr *eth; 655 struct ethhdr *eth;
654 struct macsec_eth_header *hh; 656 struct macsec_eth_header *hh;
@@ -723,7 +725,14 @@ static struct sk_buff *macsec_encrypt(struct sk_buff *skb,
723 return ERR_PTR(-EINVAL); 725 return ERR_PTR(-EINVAL);
724 } 726 }
725 727
726 req = macsec_alloc_req(tx_sa->key.tfm, &iv, &sg); 728 ret = skb_cow_data(skb, 0, &trailer);
729 if (unlikely(ret < 0)) {
730 macsec_txsa_put(tx_sa);
731 kfree_skb(skb);
732 return ERR_PTR(ret);
733 }
734
735 req = macsec_alloc_req(tx_sa->key.tfm, &iv, &sg, ret);
727 if (!req) { 736 if (!req) {
728 macsec_txsa_put(tx_sa); 737 macsec_txsa_put(tx_sa);
729 kfree_skb(skb); 738 kfree_skb(skb);
@@ -732,7 +741,7 @@ static struct sk_buff *macsec_encrypt(struct sk_buff *skb,
732 741
733 macsec_fill_iv(iv, secy->sci, pn); 742 macsec_fill_iv(iv, secy->sci, pn);
734 743
735 sg_init_table(sg, MAX_SKB_FRAGS + 1); 744 sg_init_table(sg, ret);
736 skb_to_sgvec(skb, sg, 0, skb->len); 745 skb_to_sgvec(skb, sg, 0, skb->len);
737 746
738 if (tx_sc->encrypt) { 747 if (tx_sc->encrypt) {
@@ -917,6 +926,7 @@ static struct sk_buff *macsec_decrypt(struct sk_buff *skb,
917{ 926{
918 int ret; 927 int ret;
919 struct scatterlist *sg; 928 struct scatterlist *sg;
929 struct sk_buff *trailer;
920 unsigned char *iv; 930 unsigned char *iv;
921 struct aead_request *req; 931 struct aead_request *req;
922 struct macsec_eth_header *hdr; 932 struct macsec_eth_header *hdr;
@@ -927,7 +937,12 @@ static struct sk_buff *macsec_decrypt(struct sk_buff *skb,
927 if (!skb) 937 if (!skb)
928 return ERR_PTR(-ENOMEM); 938 return ERR_PTR(-ENOMEM);
929 939
930 req = macsec_alloc_req(rx_sa->key.tfm, &iv, &sg); 940 ret = skb_cow_data(skb, 0, &trailer);
941 if (unlikely(ret < 0)) {
942 kfree_skb(skb);
943 return ERR_PTR(ret);
944 }
945 req = macsec_alloc_req(rx_sa->key.tfm, &iv, &sg, ret);
931 if (!req) { 946 if (!req) {
932 kfree_skb(skb); 947 kfree_skb(skb);
933 return ERR_PTR(-ENOMEM); 948 return ERR_PTR(-ENOMEM);
@@ -936,7 +951,7 @@ static struct sk_buff *macsec_decrypt(struct sk_buff *skb,
936 hdr = (struct macsec_eth_header *)skb->data; 951 hdr = (struct macsec_eth_header *)skb->data;
937 macsec_fill_iv(iv, sci, ntohl(hdr->packet_number)); 952 macsec_fill_iv(iv, sci, ntohl(hdr->packet_number));
938 953
939 sg_init_table(sg, MAX_SKB_FRAGS + 1); 954 sg_init_table(sg, ret);
940 skb_to_sgvec(skb, sg, 0, skb->len); 955 skb_to_sgvec(skb, sg, 0, skb->len);
941 956
942 if (hdr->tci_an & MACSEC_TCI_E) { 957 if (hdr->tci_an & MACSEC_TCI_E) {
@@ -2716,7 +2731,7 @@ static netdev_tx_t macsec_start_xmit(struct sk_buff *skb,
2716} 2731}
2717 2732
2718#define MACSEC_FEATURES \ 2733#define MACSEC_FEATURES \
2719 (NETIF_F_SG | NETIF_F_HIGHDMA) 2734 (NETIF_F_SG | NETIF_F_HIGHDMA | NETIF_F_FRAGLIST)
2720static struct lock_class_key macsec_netdev_addr_lock_key; 2735static struct lock_class_key macsec_netdev_addr_lock_key;
2721 2736
2722static int macsec_dev_init(struct net_device *dev) 2737static int macsec_dev_init(struct net_device *dev)
generated by cgit v1.2.2 (git 2.25.0) at 2025-08-16 06:12:32 -0400