Re: [PATCH RFC net-next] net/tls: Implement getsockopt SOL_TLS TLS_RX

Fri, 28 Aug 2020 09:52:41 -0700 

On Tue, 18 Aug 2020 14:12:24 +0000 Yutaro Hayakawa wrote:

> @@ -352,7 +352,11 @@ static int do_tls_getsockopt_tx(struct sock *sk, char 
> __user *optval,
>       }
>  
>       /* get user crypto info */
> -     crypto_info = &ctx->crypto_send.info;
> +     if (tx) {
> +             crypto_info = &ctx->crypto_send.info;
> +     } else {
> +             crypto_info = &ctx->crypto_recv.info;
> +     }

No need for parenthesis, if both branches have one line.

>  
>       if (!TLS_CRYPTO_INFO_READY(crypto_info)) {
>               rc = -EBUSY;
> @@ -378,11 +382,19 @@ static int do_tls_getsockopt_tx(struct sock *sk, char 
> __user *optval,
>                       goto out;
>               }
>               lock_sock(sk);
> -             memcpy(crypto_info_aes_gcm_128->iv,
> -                    ctx->tx.iv + TLS_CIPHER_AES_GCM_128_SALT_SIZE,
> -                    TLS_CIPHER_AES_GCM_128_IV_SIZE);
> -             memcpy(crypto_info_aes_gcm_128->rec_seq, ctx->tx.rec_seq,
> -                    TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
> +             if (tx) {
> +                     memcpy(crypto_info_aes_gcm_128->iv,
> +                            ctx->tx.iv + TLS_CIPHER_AES_GCM_128_SALT_SIZE,
> +                            TLS_CIPHER_AES_GCM_128_IV_SIZE);
> +                     memcpy(crypto_info_aes_gcm_128->rec_seq, 
> ctx->tx.rec_seq,
> +                            TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
> +             } else {
> +                     memcpy(crypto_info_aes_gcm_128->iv,
> +                            ctx->rx.iv + TLS_CIPHER_AES_GCM_128_SALT_SIZE,
> +                            TLS_CIPHER_AES_GCM_128_IV_SIZE);
> +                     memcpy(crypto_info_aes_gcm_128->rec_seq, 
> ctx->rx.rec_seq,
> +                            TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
> +             }

Instead of all the duplication choose the right struct cipher_context
above, like we do for crypto_info.

>               release_sock(sk);
>               if (copy_to_user(optval,
>                                crypto_info_aes_gcm_128,
> @@ -402,11 +414,19 @@ static int do_tls_getsockopt_tx(struct sock *sk, char 
> __user *optval,
>                       goto out;
>               }
>               lock_sock(sk);
> -             memcpy(crypto_info_aes_gcm_256->iv,
> -                    ctx->tx.iv + TLS_CIPHER_AES_GCM_256_SALT_SIZE,
> -                    TLS_CIPHER_AES_GCM_256_IV_SIZE);
> -             memcpy(crypto_info_aes_gcm_256->rec_seq, ctx->tx.rec_seq,
> -                    TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
> +             if (tx) {
> +                     memcpy(crypto_info_aes_gcm_256->iv,
> +                            ctx->tx.iv + TLS_CIPHER_AES_GCM_256_SALT_SIZE,
> +                            TLS_CIPHER_AES_GCM_256_IV_SIZE);
> +                     memcpy(crypto_info_aes_gcm_256->rec_seq, 
> ctx->tx.rec_seq,
> +                            TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
> +             } else {
> +                     memcpy(crypto_info_aes_gcm_256->iv,
> +                            ctx->rx.iv + TLS_CIPHER_AES_GCM_256_SALT_SIZE,
> +                            TLS_CIPHER_AES_GCM_256_IV_SIZE);
> +                     memcpy(crypto_info_aes_gcm_256->rec_seq, 
> ctx->rx.rec_seq,
> +                            TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
> +             }

ditto.

>               release_sock(sk);
>               if (copy_to_user(optval,
>                                crypto_info_aes_gcm_256,

Reply via email to