From f3e444e31f9fa45ad59cc2d0e0c1bcc86eef4780 Mon Sep 17 00:00:00 2001 From: Sabrina Dubroca Date: Fri, 25 Aug 2023 23:35:22 +0200 Subject: [PATCH] tls: get cipher_name from cipher_desc in tls_set_sw_offload tls_cipher_desc also contains the algorithm name needed by crypto_alloc_aead, use it. Finally, use get_cipher_desc to check if the cipher_type coming from userspace is valid, and remove the cipher_type switch. Signed-off-by: Sabrina Dubroca Link: https://lore.kernel.org/r/53d021d80138aa125a9cef4468aa5ce531975a7b.1692977948.git.sd@queasysnail.net Signed-off-by: Jakub Kicinski --- net/tls/tls_sw.c | 29 ++++------------------------- 1 file changed, 4 insertions(+), 25 deletions(-) diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 9c18ddf0d568..1ed4a611631f 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -2591,7 +2591,7 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) struct cipher_context *cctx; struct crypto_aead **aead; struct crypto_tfm *tfm; - char *iv, *rec_seq, *key, *salt, *cipher_name; + char *iv, *rec_seq, *key, *salt; const struct tls_cipher_desc *cipher_desc; u16 nonce_size; int rc = 0; @@ -2647,33 +2647,12 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) aead = &sw_ctx_rx->aead_recv; } - switch (crypto_info->cipher_type) { - case TLS_CIPHER_AES_GCM_128: - case TLS_CIPHER_AES_GCM_256: - cipher_name = "gcm(aes)"; - break; - case TLS_CIPHER_AES_CCM_128: - cipher_name = "ccm(aes)"; - break; - case TLS_CIPHER_CHACHA20_POLY1305: - cipher_name = "rfc7539(chacha20,poly1305)"; - break; - case TLS_CIPHER_SM4_GCM: - cipher_name = "gcm(sm4)"; - break; - case TLS_CIPHER_SM4_CCM: - cipher_name = "ccm(sm4)"; - break; - case TLS_CIPHER_ARIA_GCM_128: - case TLS_CIPHER_ARIA_GCM_256: - cipher_name = "gcm(aria)"; - break; - default: + cipher_desc = get_cipher_desc(crypto_info->cipher_type); + if (!cipher_desc) { rc = -EINVAL; goto free_priv; } - cipher_desc = get_cipher_desc(crypto_info->cipher_type); nonce_size = cipher_desc->nonce; iv = crypto_info_iv(crypto_info, cipher_desc); @@ -2721,7 +2700,7 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) } if (!*aead) { - *aead = crypto_alloc_aead(cipher_name, 0, 0); + *aead = crypto_alloc_aead(cipher_desc->cipher_name, 0, 0); if (IS_ERR(*aead)) { rc = PTR_ERR(*aead); *aead = NULL;