Skip to content

Commit 077e05d

Browse files
qsnkuba-moo
qsn
authored and
kuba-moo
committed
tls: use tls_cipher_desc to simplify do_tls_getsockopt_conf
Every cipher uses the same code to update its crypto_info struct based on the values contained in the cctx, with only the struct type and size/offset changing. We can get those from tls_cipher_desc, and use a single pair of memcpy and final copy_to_user. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Link: https://lore.kernel.org/r/c21a904b91e972bdbbf9d1c6d2731ccfa1eedf72.1692977948.git.sd@queasysnail.net Signed-off-by: Jakub Kicinski <kuba@kernel.org>
1 parent 5f309ad commit 077e05d

1 file changed

Lines changed: 11 additions & 163 deletions

File tree

net/tls/tls_main.c

Lines changed: 11 additions & 163 deletions
Original file line numberDiff line numberDiff line change
@@ -435,6 +435,7 @@ static int do_tls_getsockopt_conf(struct sock *sk, char __user *optval,
435435
int __user *optlen, int tx)
436436
{
437437
int rc = 0;
438+
const struct tls_cipher_desc *cipher_desc;
438439
struct tls_context *ctx = tls_get_ctx(sk);
439440
struct tls_crypto_info *crypto_info;
440441
struct cipher_context *cctx;
@@ -473,172 +474,19 @@ static int do_tls_getsockopt_conf(struct sock *sk, char __user *optval,
473474
goto out;
474475
}
475476

476-
switch (crypto_info->cipher_type) {
477-
case TLS_CIPHER_AES_GCM_128: {
478-
struct tls12_crypto_info_aes_gcm_128 *
479-
crypto_info_aes_gcm_128 =
480-
container_of(crypto_info,
481-
struct tls12_crypto_info_aes_gcm_128,
482-
info);
483-
484-
if (len != sizeof(*crypto_info_aes_gcm_128)) {
485-
rc = -EINVAL;
486-
goto out;
487-
}
488-
memcpy(crypto_info_aes_gcm_128->iv,
489-
cctx->iv + TLS_CIPHER_AES_GCM_128_SALT_SIZE,
490-
TLS_CIPHER_AES_GCM_128_IV_SIZE);
491-
memcpy(crypto_info_aes_gcm_128->rec_seq, cctx->rec_seq,
492-
TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
493-
if (copy_to_user(optval,
494-
crypto_info_aes_gcm_128,
495-
sizeof(*crypto_info_aes_gcm_128)))
496-
rc = -EFAULT;
497-
break;
498-
}
499-
case TLS_CIPHER_AES_GCM_256: {
500-
struct tls12_crypto_info_aes_gcm_256 *
501-
crypto_info_aes_gcm_256 =
502-
container_of(crypto_info,
503-
struct tls12_crypto_info_aes_gcm_256,
504-
info);
505-
506-
if (len != sizeof(*crypto_info_aes_gcm_256)) {
507-
rc = -EINVAL;
508-
goto out;
509-
}
510-
memcpy(crypto_info_aes_gcm_256->iv,
511-
cctx->iv + TLS_CIPHER_AES_GCM_256_SALT_SIZE,
512-
TLS_CIPHER_AES_GCM_256_IV_SIZE);
513-
memcpy(crypto_info_aes_gcm_256->rec_seq, cctx->rec_seq,
514-
TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
515-
if (copy_to_user(optval,
516-
crypto_info_aes_gcm_256,
517-
sizeof(*crypto_info_aes_gcm_256)))
518-
rc = -EFAULT;
519-
break;
520-
}
521-
case TLS_CIPHER_AES_CCM_128: {
522-
struct tls12_crypto_info_aes_ccm_128 *aes_ccm_128 =
523-
container_of(crypto_info,
524-
struct tls12_crypto_info_aes_ccm_128, info);
525-
526-
if (len != sizeof(*aes_ccm_128)) {
527-
rc = -EINVAL;
528-
goto out;
529-
}
530-
memcpy(aes_ccm_128->iv,
531-
cctx->iv + TLS_CIPHER_AES_CCM_128_SALT_SIZE,
532-
TLS_CIPHER_AES_CCM_128_IV_SIZE);
533-
memcpy(aes_ccm_128->rec_seq, cctx->rec_seq,
534-
TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
535-
if (copy_to_user(optval, aes_ccm_128, sizeof(*aes_ccm_128)))
536-
rc = -EFAULT;
537-
break;
538-
}
539-
case TLS_CIPHER_CHACHA20_POLY1305: {
540-
struct tls12_crypto_info_chacha20_poly1305 *chacha20_poly1305 =
541-
container_of(crypto_info,
542-
struct tls12_crypto_info_chacha20_poly1305,
543-
info);
544-
545-
if (len != sizeof(*chacha20_poly1305)) {
546-
rc = -EINVAL;
547-
goto out;
548-
}
549-
memcpy(chacha20_poly1305->iv,
550-
cctx->iv + TLS_CIPHER_CHACHA20_POLY1305_SALT_SIZE,
551-
TLS_CIPHER_CHACHA20_POLY1305_IV_SIZE);
552-
memcpy(chacha20_poly1305->rec_seq, cctx->rec_seq,
553-
TLS_CIPHER_CHACHA20_POLY1305_REC_SEQ_SIZE);
554-
if (copy_to_user(optval, chacha20_poly1305,
555-
sizeof(*chacha20_poly1305)))
556-
rc = -EFAULT;
557-
break;
477+
cipher_desc = get_cipher_desc(crypto_info->cipher_type);
478+
if (!cipher_desc || len != cipher_desc->crypto_info) {
479+
rc = -EINVAL;
480+
goto out;
558481
}
559-
case TLS_CIPHER_SM4_GCM: {
560-
struct tls12_crypto_info_sm4_gcm *sm4_gcm_info =
561-
container_of(crypto_info,
562-
struct tls12_crypto_info_sm4_gcm, info);
563482

564-
if (len != sizeof(*sm4_gcm_info)) {
565-
rc = -EINVAL;
566-
goto out;
567-
}
568-
memcpy(sm4_gcm_info->iv,
569-
cctx->iv + TLS_CIPHER_SM4_GCM_SALT_SIZE,
570-
TLS_CIPHER_SM4_GCM_IV_SIZE);
571-
memcpy(sm4_gcm_info->rec_seq, cctx->rec_seq,
572-
TLS_CIPHER_SM4_GCM_REC_SEQ_SIZE);
573-
if (copy_to_user(optval, sm4_gcm_info, sizeof(*sm4_gcm_info)))
574-
rc = -EFAULT;
575-
break;
576-
}
577-
case TLS_CIPHER_SM4_CCM: {
578-
struct tls12_crypto_info_sm4_ccm *sm4_ccm_info =
579-
container_of(crypto_info,
580-
struct tls12_crypto_info_sm4_ccm, info);
483+
memcpy(crypto_info_iv(crypto_info, cipher_desc),
484+
cctx->iv + cipher_desc->salt, cipher_desc->iv);
485+
memcpy(crypto_info_rec_seq(crypto_info, cipher_desc),
486+
cctx->rec_seq, cipher_desc->rec_seq);
581487

582-
if (len != sizeof(*sm4_ccm_info)) {
583-
rc = -EINVAL;
584-
goto out;
585-
}
586-
memcpy(sm4_ccm_info->iv,
587-
cctx->iv + TLS_CIPHER_SM4_CCM_SALT_SIZE,
588-
TLS_CIPHER_SM4_CCM_IV_SIZE);
589-
memcpy(sm4_ccm_info->rec_seq, cctx->rec_seq,
590-
TLS_CIPHER_SM4_CCM_REC_SEQ_SIZE);
591-
if (copy_to_user(optval, sm4_ccm_info, sizeof(*sm4_ccm_info)))
592-
rc = -EFAULT;
593-
break;
594-
}
595-
case TLS_CIPHER_ARIA_GCM_128: {
596-
struct tls12_crypto_info_aria_gcm_128 *
597-
crypto_info_aria_gcm_128 =
598-
container_of(crypto_info,
599-
struct tls12_crypto_info_aria_gcm_128,
600-
info);
601-
602-
if (len != sizeof(*crypto_info_aria_gcm_128)) {
603-
rc = -EINVAL;
604-
goto out;
605-
}
606-
memcpy(crypto_info_aria_gcm_128->iv,
607-
cctx->iv + TLS_CIPHER_ARIA_GCM_128_SALT_SIZE,
608-
TLS_CIPHER_ARIA_GCM_128_IV_SIZE);
609-
memcpy(crypto_info_aria_gcm_128->rec_seq, cctx->rec_seq,
610-
TLS_CIPHER_ARIA_GCM_128_REC_SEQ_SIZE);
611-
if (copy_to_user(optval,
612-
crypto_info_aria_gcm_128,
613-
sizeof(*crypto_info_aria_gcm_128)))
614-
rc = -EFAULT;
615-
break;
616-
}
617-
case TLS_CIPHER_ARIA_GCM_256: {
618-
struct tls12_crypto_info_aria_gcm_256 *
619-
crypto_info_aria_gcm_256 =
620-
container_of(crypto_info,
621-
struct tls12_crypto_info_aria_gcm_256,
622-
info);
623-
624-
if (len != sizeof(*crypto_info_aria_gcm_256)) {
625-
rc = -EINVAL;
626-
goto out;
627-
}
628-
memcpy(crypto_info_aria_gcm_256->iv,
629-
cctx->iv + TLS_CIPHER_ARIA_GCM_256_SALT_SIZE,
630-
TLS_CIPHER_ARIA_GCM_256_IV_SIZE);
631-
memcpy(crypto_info_aria_gcm_256->rec_seq, cctx->rec_seq,
632-
TLS_CIPHER_ARIA_GCM_256_REC_SEQ_SIZE);
633-
if (copy_to_user(optval,
634-
crypto_info_aria_gcm_256,
635-
sizeof(*crypto_info_aria_gcm_256)))
636-
rc = -EFAULT;
637-
break;
638-
}
639-
default:
640-
rc = -EINVAL;
641-
}
488+
if (copy_to_user(optval, crypto_info, cipher_desc->crypto_info))
489+
rc = -EFAULT;
642490

643491
out:
644492
return rc;

0 commit comments

Comments
 (0)