4 files changed, 52 insertions, 44 deletions
diff --git a/net/sctp/auth.c b/net/sctp/auth.c
index 1543e39f47c3..912eb1685a5d 100644
--- a/net/sctp/auth.c
+++ b/net/sctp/auth.c
@@ -27,9 +27,9 @@
 *   Vlad Yasevich     <vladislav.yasevich@hp.com>
 */
+#include <crypto/hash.h>
 #include <linux/slab.h>
 #include <linux/types.h>
-#include <linux/crypto.h>
 #include <linux/scatterlist.h>
 #include <net/sctp/sctp.h>
 #include <net/sctp/auth.h>
@@ -448,7 +448,7 @@ struct sctp_shared_key *sctp_auth_get_shkey(
 */
 int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp)
 {
-        struct crypto_hash *tfm = NULL;
+        struct crypto_shash *tfm = NULL;
        __u16   id;
        /* If AUTH extension is disabled, we are done */
@@ -462,9 +462,8 @@ int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp)
                return 0;
        /* Allocated the array of pointers to transorms */
-        ep->auth_hmacs = kzalloc(
+        ep->auth_hmacs = kzalloc(sizeof(struct crypto_shash *) *
-                            sizeof(struct crypto_hash *) * SCTP_AUTH_NUM_HMACS,
+                                 SCTP_AUTH_NUM_HMACS, gfp);
-                            gfp);
        if (!ep->auth_hmacs)
                return -ENOMEM;
@@ -483,8 +482,7 @@ int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp)
                        continue;
                /* Allocate the ID */
-                tfm = crypto_alloc_hash(sctp_hmac_list[id].hmac_name, 0,
+                tfm = crypto_alloc_shash(sctp_hmac_list[id].hmac_name, 0, 0);
-                                        CRYPTO_ALG_ASYNC);
                if (IS_ERR(tfm))
                        goto out_err;
@@ -500,7 +498,7 @@ out_err:
 }
 /* Destroy the hmac tfm array */
-void sctp_auth_destroy_hmacs(struct crypto_hash *auth_hmacs[])
+void sctp_auth_destroy_hmacs(struct crypto_shash *auth_hmacs[])
 {
        int i;
@@ -508,8 +506,7 @@ void sctp_auth_destroy_hmacs(struct crypto_hash *auth_hmacs[])
                return;
        for (i = 0; i < SCTP_AUTH_NUM_HMACS; i++) {
-                if (auth_hmacs[i])
+                crypto_free_shash(auth_hmacs[i]);
-                        crypto_free_hash(auth_hmacs[i]);
        }
        kfree(auth_hmacs);
 }
@@ -709,8 +706,7 @@ void sctp_auth_calculate_hmac(const struct sctp_association *asoc,
                              struct sctp_auth_chunk *auth,
                              gfp_t gfp)
 {
-        struct scatterlist sg;
+        struct crypto_shash *tfm;
-        struct hash_desc desc;
        struct sctp_auth_bytes *asoc_key;
        __u16 key_id, hmac_id;
        __u8 *digest;
@@ -742,16 +738,22 @@ void sctp_auth_calculate_hmac(const struct sctp_association *asoc,
        /* set up scatter list */
        end = skb_tail_pointer(skb);
-        sg_init_one(&sg, auth, end - (unsigned char *)auth);
-        desc.tfm = asoc->ep->auth_hmacs[hmac_id];
+        tfm = asoc->ep->auth_hmacs[hmac_id];
-        desc.flags = 0;
        digest = auth->auth_hdr.hmac;
-        if (crypto_hash_setkey(desc.tfm, &asoc_key->data[0], asoc_key->len))
+        if (crypto_shash_setkey(tfm, &asoc_key->data[0], asoc_key->len))
                goto free;
-        crypto_hash_digest(&desc, &sg, sg.length, digest);
+        {
+                SHASH_DESC_ON_STACK(desc, tfm);
+                desc->tfm = tfm;
+                desc->flags = 0;
+                crypto_shash_digest(desc, (u8 *)auth,
+                                    end - (unsigned char *)auth, digest);
+                shash_desc_zero(desc);
+        }
 free:
        if (free_key)
diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c
index 2522a6175291..9d494e35e7f9 100644
--- a/net/sctp/endpointola.c
+++ b/net/sctp/endpointola.c
@@ -42,7 +42,6 @@
 #include <linux/slab.h>
 #include <linux/in.h>
 #include <linux/random.h>       /* get_random_bytes() */
-#include <linux/crypto.h>
 #include <net/sock.h>
 #include <net/ipv6.h>
 #include <net/sctp/sctp.h>
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index 5d6a03fad378..1296e555fe29 100644
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -45,6 +45,7 @@
 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+#include <crypto/hash.h>
 #include <linux/types.h>
 #include <linux/kernel.h>
 #include <linux/ip.h>
@@ -52,7 +53,6 @@
 #include <linux/net.h>
 #include <linux/inet.h>
 #include <linux/scatterlist.h>
-#include <linux/crypto.h>
 #include <linux/slab.h>
 #include <net/sock.h>
@@ -1606,7 +1606,6 @@ static sctp_cookie_param_t *sctp_pack_cookie(const struct sctp_endpoint *ep,
 {
        sctp_cookie_param_t *retval;
        struct sctp_signed_cookie *cookie;
-        struct scatterlist sg;
        int headersize, bodysize;
        /* Header size is static data prior to the actual cookie, including
@@ -1663,16 +1662,19 @@ static sctp_cookie_param_t *sctp_pack_cookie(const struct sctp_endpoint *ep,
               ntohs(init_chunk->chunk_hdr->length), raw_addrs, addrs_len);
        if (sctp_sk(ep->base.sk)->hmac) {
-                struct hash_desc desc;
+                SHASH_DESC_ON_STACK(desc, sctp_sk(ep->base.sk)->hmac);
+                int err;
                /* Sign the message.  */
-                sg_init_one(&sg, &cookie->c, bodysize);
+                desc->tfm = sctp_sk(ep->base.sk)->hmac;
-                desc.tfm = sctp_sk(ep->base.sk)->hmac;
+                desc->flags = 0;
-                desc.flags = 0;
+                err = crypto_shash_setkey(desc->tfm, ep->secret_key,
-                if (crypto_hash_setkey(desc.tfm, ep->secret_key,
+                                          sizeof(ep->secret_key)) ?:
-                                       sizeof(ep->secret_key)) ||
+                      crypto_shash_digest(desc, (u8 *)&cookie->c, bodysize,
-                    crypto_hash_digest(&desc, &sg, bodysize, cookie->signature))
+                                          cookie->signature);
+                shash_desc_zero(desc);
+                if (err)
                        goto free_cookie;
        }
@@ -1697,12 +1699,10 @@ struct sctp_association *sctp_unpack_cookie(
        struct sctp_cookie *bear_cookie;
        int headersize, bodysize, fixed_size;
        __u8 *digest = ep->digest;
-        struct scatterlist sg;
        unsigned int len;
        sctp_scope_t scope;
        struct sk_buff *skb = chunk->skb;
        ktime_t kt;
-        struct hash_desc desc;
        /* Header size is static data prior to the actual cookie, including
         * any padding.
@@ -1733,16 +1733,23 @@ struct sctp_association *sctp_unpack_cookie(
                goto no_hmac;
        /* Check the signature.  */
-        sg_init_one(&sg, bear_cookie, bodysize);
+        {
-        desc.tfm = sctp_sk(ep->base.sk)->hmac;
+                SHASH_DESC_ON_STACK(desc, sctp_sk(ep->base.sk)->hmac);
-        desc.flags = 0;
+                int err;
-        memset(digest, 0x00, SCTP_SIGNATURE_SIZE);
+                desc->tfm = sctp_sk(ep->base.sk)->hmac;
-        if (crypto_hash_setkey(desc.tfm, ep->secret_key,
+                desc->flags = 0;
-                               sizeof(ep->secret_key)) ||
-            crypto_hash_digest(&desc, &sg, bodysize, digest)) {
+                err = crypto_shash_setkey(desc->tfm, ep->secret_key,
-                *error = -SCTP_IERROR_NOMEM;
+                                          sizeof(ep->secret_key)) ?:
-                goto fail;
+                      crypto_shash_digest(desc, (u8 *)bear_cookie, bodysize,
+                                          digest);
+                shash_desc_zero(desc);
+                if (err) {
+                        *error = -SCTP_IERROR_NOMEM;
+                        goto fail;
+                }
        }
        if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) {
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index 9bb80ec4c08f..4101c5b653d0 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -52,6 +52,7 @@
 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+#include <crypto/hash.h>
 #include <linux/types.h>
 #include <linux/kernel.h>
 #include <linux/wait.h>
@@ -61,7 +62,6 @@
 #include <linux/fcntl.h>
 #include <linux/poll.h>
 #include <linux/init.h>
-#include <linux/crypto.h>
 #include <linux/slab.h>
 #include <linux/file.h>
 #include <linux/compat.h>
@@ -4160,7 +4160,7 @@ static void sctp_destruct_sock(struct sock *sk)
        struct sctp_sock *sp = sctp_sk(sk);
        /* Free up the HMAC transform. */
-        crypto_free_hash(sp->hmac);
+        crypto_free_shash(sp->hmac);
        inet_sock_destruct(sk);
 }
@@ -6299,13 +6299,13 @@ static int sctp_listen_start(struct sock *sk, int backlog)
 {
        struct sctp_sock *sp = sctp_sk(sk);
        struct sctp_endpoint *ep = sp->ep;
-        struct crypto_hash *tfm = NULL;
+        struct crypto_shash *tfm = NULL;
        char alg[32];
        /* Allocate HMAC for generating cookie. */
        if (!sp->hmac && sp->sctp_hmac_alg) {
                sprintf(alg, "hmac(%s)", sp->sctp_hmac_alg);
-                tfm = crypto_alloc_hash(alg, 0, CRYPTO_ALG_ASYNC);
+                tfm = crypto_alloc_shash(alg, 0, 0);
                if (IS_ERR(tfm)) {
                        net_info_ratelimited("failed to load transform for %s: %ld\n",
                                             sp->sctp_hmac_alg, PTR_ERR(tfm));

diff --git a/net/sctp/auth.c b/net/sctp/auth.c index 1543e39f47c3..912eb1685a5d 100644 --- a/net/sctp/auth.c +++ b/net/sctp/auth.c
@@ -27,9 +27,9 @@
27	* Vlad Yasevich <vladislav.yasevich@hp.com>	27	* Vlad Yasevich <vladislav.yasevich@hp.com>
28	*/	28	*/
29		29
		30	#include <crypto/hash.h>
30	#include <linux/slab.h>	31	#include <linux/slab.h>
31	#include <linux/types.h>	32	#include <linux/types.h>
32	#include <linux/crypto.h>
33	#include <linux/scatterlist.h>	33	#include <linux/scatterlist.h>
34	#include <net/sctp/sctp.h>	34	#include <net/sctp/sctp.h>
35	#include <net/sctp/auth.h>	35	#include <net/sctp/auth.h>
@@ -448,7 +448,7 @@ struct sctp_shared_key *sctp_auth_get_shkey(
448	*/	448	*/
449	int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp)	449	int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp)
450	{	450	{
451	struct crypto_hash *tfm = NULL;	451	struct crypto_shash *tfm = NULL;
452	__u16 id;	452	__u16 id;
453		453
454	/* If AUTH extension is disabled, we are done */	454	/* If AUTH extension is disabled, we are done */
@@ -462,9 +462,8 @@ int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp)
462	return 0;	462	return 0;
463		463
464	/* Allocated the array of pointers to transorms */	464	/* Allocated the array of pointers to transorms */
465	ep->auth_hmacs = kzalloc(	465	ep->auth_hmacs = kzalloc(sizeof(struct crypto_shash )
466	sizeof(struct crypto_hash ) SCTP_AUTH_NUM_HMACS,	466	SCTP_AUTH_NUM_HMACS, gfp);
467	gfp);
468	if (!ep->auth_hmacs)	467	if (!ep->auth_hmacs)
469	return -ENOMEM;	468	return -ENOMEM;
470		469
@@ -483,8 +482,7 @@ int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp)
483	continue;	482	continue;
484		483
485	/* Allocate the ID */	484	/* Allocate the ID */
486	tfm = crypto_alloc_hash(sctp_hmac_list[id].hmac_name, 0,	485	tfm = crypto_alloc_shash(sctp_hmac_list[id].hmac_name, 0, 0);
487	CRYPTO_ALG_ASYNC);
488	if (IS_ERR(tfm))	486	if (IS_ERR(tfm))
489	goto out_err;	487	goto out_err;
490		488
@@ -500,7 +498,7 @@ out_err:
500	}	498	}
501		499
502	/* Destroy the hmac tfm array */	500	/* Destroy the hmac tfm array */
503	void sctp_auth_destroy_hmacs(struct crypto_hash *auth_hmacs[])	501	void sctp_auth_destroy_hmacs(struct crypto_shash *auth_hmacs[])
504	{	502	{
505	int i;	503	int i;
506		504
@@ -508,8 +506,7 @@ void sctp_auth_destroy_hmacs(struct crypto_hash *auth_hmacs[])
508	return;	506	return;
509		507
510	for (i = 0; i < SCTP_AUTH_NUM_HMACS; i++) {	508	for (i = 0; i < SCTP_AUTH_NUM_HMACS; i++) {
511	if (auth_hmacs[i])	509	crypto_free_shash(auth_hmacs[i]);
512	crypto_free_hash(auth_hmacs[i]);
513	}	510	}
514	kfree(auth_hmacs);	511	kfree(auth_hmacs);
515	}	512	}
@@ -709,8 +706,7 @@ void sctp_auth_calculate_hmac(const struct sctp_association *asoc,
709	struct sctp_auth_chunk *auth,	706	struct sctp_auth_chunk *auth,
710	gfp_t gfp)	707	gfp_t gfp)
711	{	708	{
712	struct scatterlist sg;	709	struct crypto_shash *tfm;
713	struct hash_desc desc;
714	struct sctp_auth_bytes *asoc_key;	710	struct sctp_auth_bytes *asoc_key;
715	__u16 key_id, hmac_id;	711	__u16 key_id, hmac_id;
716	__u8 *digest;	712	__u8 *digest;
@@ -742,16 +738,22 @@ void sctp_auth_calculate_hmac(const struct sctp_association *asoc,
742		738
743	/* set up scatter list */	739	/* set up scatter list */
744	end = skb_tail_pointer(skb);	740	end = skb_tail_pointer(skb);
745	sg_init_one(&sg, auth, end - (unsigned char *)auth);
746		741
747	desc.tfm = asoc->ep->auth_hmacs[hmac_id];	742	tfm = asoc->ep->auth_hmacs[hmac_id];
748	desc.flags = 0;
749		743
750	digest = auth->auth_hdr.hmac;	744	digest = auth->auth_hdr.hmac;
751	if (crypto_hash_setkey(desc.tfm, &asoc_key->data[0], asoc_key->len))	745	if (crypto_shash_setkey(tfm, &asoc_key->data[0], asoc_key->len))
752	goto free;	746	goto free;
753		747
754	crypto_hash_digest(&desc, &sg, sg.length, digest);	748	{
		749	SHASH_DESC_ON_STACK(desc, tfm);
		750
		751	desc->tfm = tfm;
		752	desc->flags = 0;
		753	crypto_shash_digest(desc, (u8 *)auth,
		754	end - (unsigned char *)auth, digest);
		755	shash_desc_zero(desc);
		756	}
755		757
756	free:	758	free:
757	if (free_key)	759	if (free_key)


diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c index 2522a6175291..9d494e35e7f9 100644 --- a/net/sctp/endpointola.c +++ b/net/sctp/endpointola.c
@@ -42,7 +42,6 @@
42	#include <linux/slab.h>	42	#include <linux/slab.h>
43	#include <linux/in.h>	43	#include <linux/in.h>
44	#include <linux/random.h> /* get_random_bytes() */	44	#include <linux/random.h> /* get_random_bytes() */
45	#include <linux/crypto.h>
46	#include <net/sock.h>	45	#include <net/sock.h>
47	#include <net/ipv6.h>	46	#include <net/ipv6.h>
48	#include <net/sctp/sctp.h>	47	#include <net/sctp/sctp.h>


diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c index 5d6a03fad378..1296e555fe29 100644 --- a/net/sctp/sm_make_chunk.c +++ b/net/sctp/sm_make_chunk.c
@@ -45,6 +45,7 @@
45		45
46	#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt	46	#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
47		47
		48	#include <crypto/hash.h>
48	#include <linux/types.h>	49	#include <linux/types.h>
49	#include <linux/kernel.h>	50	#include <linux/kernel.h>
50	#include <linux/ip.h>	51	#include <linux/ip.h>
@@ -52,7 +53,6 @@
52	#include <linux/net.h>	53	#include <linux/net.h>
53	#include <linux/inet.h>	54	#include <linux/inet.h>
54	#include <linux/scatterlist.h>	55	#include <linux/scatterlist.h>
55	#include <linux/crypto.h>
56	#include <linux/slab.h>	56	#include <linux/slab.h>
57	#include <net/sock.h>	57	#include <net/sock.h>
58		58
@@ -1606,7 +1606,6 @@ static sctp_cookie_param_t sctp_pack_cookie(const struct sctp_endpoint ep,
1606	{	1606	{
1607	sctp_cookie_param_t *retval;	1607	sctp_cookie_param_t *retval;
1608	struct sctp_signed_cookie *cookie;	1608	struct sctp_signed_cookie *cookie;
1609	struct scatterlist sg;
1610	int headersize, bodysize;	1609	int headersize, bodysize;
1611		1610
1612	/* Header size is static data prior to the actual cookie, including	1611	/* Header size is static data prior to the actual cookie, including
@@ -1663,16 +1662,19 @@ static sctp_cookie_param_t sctp_pack_cookie(const struct sctp_endpoint ep,
1663	ntohs(init_chunk->chunk_hdr->length), raw_addrs, addrs_len);	1662	ntohs(init_chunk->chunk_hdr->length), raw_addrs, addrs_len);
1664		1663
1665	if (sctp_sk(ep->base.sk)->hmac) {	1664	if (sctp_sk(ep->base.sk)->hmac) {
1666	struct hash_desc desc;	1665	SHASH_DESC_ON_STACK(desc, sctp_sk(ep->base.sk)->hmac);
		1666	int err;
1667		1667
1668	/* Sign the message. */	1668	/* Sign the message. */
1669	sg_init_one(&sg, &cookie->c, bodysize);	1669	desc->tfm = sctp_sk(ep->base.sk)->hmac;
1670	desc.tfm = sctp_sk(ep->base.sk)->hmac;	1670	desc->flags = 0;
1671	desc.flags = 0;	1671
1672		1672	err = crypto_shash_setkey(desc->tfm, ep->secret_key,
1673	if (crypto_hash_setkey(desc.tfm, ep->secret_key,	1673	sizeof(ep->secret_key)) ?:
1674	sizeof(ep->secret_key)) \|\|	1674	crypto_shash_digest(desc, (u8 *)&cookie->c, bodysize,
1675	crypto_hash_digest(&desc, &sg, bodysize, cookie->signature))	1675	cookie->signature);
		1676	shash_desc_zero(desc);
		1677	if (err)
1676	goto free_cookie;	1678	goto free_cookie;
1677	}	1679	}
1678		1680
@@ -1697,12 +1699,10 @@ struct sctp_association *sctp_unpack_cookie(
1697	struct sctp_cookie *bear_cookie;	1699	struct sctp_cookie *bear_cookie;
1698	int headersize, bodysize, fixed_size;	1700	int headersize, bodysize, fixed_size;
1699	__u8 *digest = ep->digest;	1701	__u8 *digest = ep->digest;
1700	struct scatterlist sg;
1701	unsigned int len;	1702	unsigned int len;
1702	sctp_scope_t scope;	1703	sctp_scope_t scope;
1703	struct sk_buff *skb = chunk->skb;	1704	struct sk_buff *skb = chunk->skb;
1704	ktime_t kt;	1705	ktime_t kt;
1705	struct hash_desc desc;
1706		1706
1707	/* Header size is static data prior to the actual cookie, including	1707	/* Header size is static data prior to the actual cookie, including
1708	* any padding.	1708	* any padding.
@@ -1733,16 +1733,23 @@ struct sctp_association *sctp_unpack_cookie(
1733	goto no_hmac;	1733	goto no_hmac;
1734		1734
1735	/* Check the signature. */	1735	/* Check the signature. */
1736	sg_init_one(&sg, bear_cookie, bodysize);	1736	{
1737	desc.tfm = sctp_sk(ep->base.sk)->hmac;	1737	SHASH_DESC_ON_STACK(desc, sctp_sk(ep->base.sk)->hmac);
1738	desc.flags = 0;	1738	int err;
1739		1739
1740	memset(digest, 0x00, SCTP_SIGNATURE_SIZE);	1740	desc->tfm = sctp_sk(ep->base.sk)->hmac;
1741	if (crypto_hash_setkey(desc.tfm, ep->secret_key,	1741	desc->flags = 0;
1742	sizeof(ep->secret_key)) \|\|	1742
1743	crypto_hash_digest(&desc, &sg, bodysize, digest)) {	1743	err = crypto_shash_setkey(desc->tfm, ep->secret_key,
1744	*error = -SCTP_IERROR_NOMEM;	1744	sizeof(ep->secret_key)) ?:
1745	goto fail;	1745	crypto_shash_digest(desc, (u8 *)bear_cookie, bodysize,
		1746	digest);
		1747	shash_desc_zero(desc);
		1748
		1749	if (err) {
		1750	*error = -SCTP_IERROR_NOMEM;
		1751	goto fail;
		1752	}
1746	}	1753	}
1747		1754
1748	if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) {	1755	if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) {


diff --git a/net/sctp/socket.c b/net/sctp/socket.c index 9bb80ec4c08f..4101c5b653d0 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c
@@ -52,6 +52,7 @@
52		52
53	#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt	53	#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
54		54
		55	#include <crypto/hash.h>
55	#include <linux/types.h>	56	#include <linux/types.h>
56	#include <linux/kernel.h>	57	#include <linux/kernel.h>
57	#include <linux/wait.h>	58	#include <linux/wait.h>
@@ -61,7 +62,6 @@
61	#include <linux/fcntl.h>	62	#include <linux/fcntl.h>
62	#include <linux/poll.h>	63	#include <linux/poll.h>
63	#include <linux/init.h>	64	#include <linux/init.h>
64	#include <linux/crypto.h>
65	#include <linux/slab.h>	65	#include <linux/slab.h>
66	#include <linux/file.h>	66	#include <linux/file.h>
67	#include <linux/compat.h>	67	#include <linux/compat.h>
@@ -4160,7 +4160,7 @@ static void sctp_destruct_sock(struct sock *sk)
4160	struct sctp_sock *sp = sctp_sk(sk);	4160	struct sctp_sock *sp = sctp_sk(sk);
4161		4161
4162	/* Free up the HMAC transform. */	4162	/* Free up the HMAC transform. */
4163	crypto_free_hash(sp->hmac);	4163	crypto_free_shash(sp->hmac);
4164		4164
4165	inet_sock_destruct(sk);	4165	inet_sock_destruct(sk);
4166	}	4166	}
@@ -6299,13 +6299,13 @@ static int sctp_listen_start(struct sock *sk, int backlog)
6299	{	6299	{
6300	struct sctp_sock *sp = sctp_sk(sk);	6300	struct sctp_sock *sp = sctp_sk(sk);
6301	struct sctp_endpoint *ep = sp->ep;	6301	struct sctp_endpoint *ep = sp->ep;
6302	struct crypto_hash *tfm = NULL;	6302	struct crypto_shash *tfm = NULL;
6303	char alg[32];	6303	char alg[32];
6304		6304
6305	/* Allocate HMAC for generating cookie. */	6305	/* Allocate HMAC for generating cookie. */
6306	if (!sp->hmac && sp->sctp_hmac_alg) {	6306	if (!sp->hmac && sp->sctp_hmac_alg) {
6307	sprintf(alg, "hmac(%s)", sp->sctp_hmac_alg);	6307	sprintf(alg, "hmac(%s)", sp->sctp_hmac_alg);
6308	tfm = crypto_alloc_hash(alg, 0, CRYPTO_ALG_ASYNC);	6308	tfm = crypto_alloc_shash(alg, 0, 0);
6309	if (IS_ERR(tfm)) {	6309	if (IS_ERR(tfm)) {
6310	net_info_ratelimited("failed to load transform for %s: %ld\n",	6310	net_info_ratelimited("failed to load transform for %s: %ld\n",
6311	sp->sctp_hmac_alg, PTR_ERR(tfm));	6311	sp->sctp_hmac_alg, PTR_ERR(tfm));