Commit c3b64911 authored by Jakub Kicinski's avatar Jakub Kicinski Committed by David S. Miller
Browse files

nfp: tls: don't leave key material in freed FW cmsg skbs 



Make sure the contents of the skb which carried key material
to the FW is cleared.

Signed-off-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: default avatarDirk van der Merwe <dirk.vandermerwe@netronome.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent b5d9a834

drivers/net/ethernet/netronome/nfp/crypto/tls.c

+15 −1
Original line number Diff line number Diff line
@@ -4,6 +4,7 @@ 
#include <linux/bitfield.h>

#include <linux/ipv6.h>

#include <linux/skbuff.h>

#include <linux/string.h>

#include <net/tls.h>



#include "../ccm.h"
@@ -340,8 +341,22 @@ nfp_net_tls_add(struct net_device *netdev, struct sock *sk, 
	memcpy(&back->salt, tls_ci->salt, TLS_CIPHER_AES_GCM_128_SALT_SIZE);

	memcpy(back->rec_no, tls_ci->rec_seq, sizeof(tls_ci->rec_seq));



	/* Get an extra ref on the skb so we can wipe the key after */

	skb_get(skb);



	err = nfp_ccm_mbox_communicate(nn, skb, NFP_CCM_TYPE_CRYPTO_ADD,

				       sizeof(*reply), sizeof(*reply));

	reply = (void *)skb->data;



	/* We depend on CCM MBOX code not reallocating skb we sent

	 * so we can clear the key material out of the memory.

	 */

	if (!WARN_ON_ONCE((u8 *)back < skb->head ||

			  (u8 *)back > skb_end_pointer(skb)) &&

	    !WARN_ON_ONCE((u8 *)&reply[1] > (u8 *)back))

		memzero_explicit(back, sizeof(*back));

	dev_consume_skb_any(skb); /* the extra ref from skb_get() above */



	if (err) {

		nn_dp_warn(&nn->dp, "failed to add TLS: %d (%d)\n",

			   err, direction == TLS_OFFLOAD_CTX_DIR_TX);
@@ -349,7 +364,6 @@ nfp_net_tls_add(struct net_device *netdev, struct sock *sk, 
		goto err_conn_remove;

	}



	reply = (void *)skb->data;

	err = -be32_to_cpu(reply->error);

	if (err) {

		if (err == -ENOSPC) {

CRA Git | Maintained and supported by SUSTech CRA and CCSE