1. 30 Jul, 2019 4 commits
    • Xin Long's avatar
      sctp: clean up __sctp_connect · dd8378b3
      Xin Long authored
      __sctp_connect is doing quit similar things as sctp_sendmsg_new_asoc.
      To factor out common functions, this patch is to clean up their code
      to make them look more similar:
      
        1. create the asoc and add a peer with the 1st addr.
        2. add peers with the other addrs into this asoc one by one.
      
      while at it, also remove the unused 'addrcnt'.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      dd8378b3
    • Xin Long's avatar
      sctp: check addr_size with sa_family_t size in __sctp_setsockopt_connectx · f40f1177
      Xin Long authored
      Now __sctp_connect() is called by __sctp_setsockopt_connectx() and
      sctp_inet_connect(), the latter has done addr_size check with size
      of sa_family_t.
      
      In the next patch to clean up __sctp_connect(), we will remove
      addr_size check with size of sa_family_t from __sctp_connect()
      for the 1st address.
      
      So before doing that, __sctp_setsockopt_connectx() should do
      this check first, as sctp_inet_connect() does.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f40f1177
    • Xin Long's avatar
      sctp: only copy the available addr data in sctp_transport_init · 4c31bc6b
      Xin Long authored
      'addr' passed to sctp_transport_init is not always a whole size
      of union sctp_addr, like the path:
      
        sctp_sendmsg() ->
        sctp_sendmsg_new_asoc() ->
        sctp_assoc_add_peer() ->
        sctp_transport_new() -> sctp_transport_init()
      
      In the next patches, we will also pass the address length of data
      only to sctp_assoc_add_peer().
      
      So sctp_transport_init() should copy the only available data from
      addr to peer->ipaddr, instead of 'peer->ipaddr = *addr' which may
      cause slab-out-of-bounds.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4c31bc6b
    • David Howells's avatar
      rxrpc: Fix -Wframe-larger-than= warnings from on-stack crypto · 1db88c53
      David Howells authored
      rxkad sometimes triggers a warning about oversized stack frames when
      building with clang for a 32-bit architecture:
      
      net/rxrpc/rxkad.c:243:12: error: stack frame size of 1088 bytes in function 'rxkad_secure_packet' [-Werror,-Wframe-larger-than=]
      net/rxrpc/rxkad.c:501:12: error: stack frame size of 1088 bytes in function 'rxkad_verify_packet' [-Werror,-Wframe-larger-than=]
      
      The problem is the combination of SYNC_SKCIPHER_REQUEST_ON_STACK() in
      rxkad_verify_packet()/rxkad_secure_packet() with the relatively large
      scatterlist in rxkad_verify_packet_1()/rxkad_secure_packet_encrypt().
      
      The warning does not show up when using gcc, which does not inline the
      functions as aggressively, but the problem is still the same.
      
      Allocate the cipher buffers from the slab instead, caching the allocated
      packet crypto request memory used for DATA packet crypto in the rxrpc_call
      struct.
      
      Fixes: 17926a79 ("[AF_RXRPC]: Provide secure RxRPC sockets for use by userspace and kernel both")
      Reported-by: default avatarArnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Acked-by: default avatarArnd Bergmann <arnd@arndb.de>
      cc: Herbert Xu <herbert@gondor.apana.org.au>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1db88c53
  2. 29 Jul, 2019 36 commits