rxrpc: Merge prime_packet_security into init_connection_security

Merge the ->prime_packet_security() into the ->init_connection_security()
hook as they're always called together.

Signed-off-by: David Howells <dhowells@redhat.com>

diff --git a/net/rxrpc/ar-internal.h b/net/rxrpc/ar-internal.h
index 0fb2947..6aaa0f4 100644 (file)
--- a/net/rxrpc/ar-internal.h
+++ b/net/rxrpc/ar-internal.h
@@ -234,8 +234,6 @@ struct rxrpc_security {
        int (*init_connection_security)(struct rxrpc_connection *,
                                        struct rxrpc_key_token *);
 
-       /* prime a connection's packet security */
-       int (*prime_packet_security)(struct rxrpc_connection *);
 
        /* impose security on a packet */
        int (*secure_packet)(struct rxrpc_call *,

diff --git a/net/rxrpc/conn_client.c b/net/rxrpc/conn_client.c
index 7e574c7..dbea0bf 100644 (file)
--- a/net/rxrpc/conn_client.c
+++ b/net/rxrpc/conn_client.c
@@ -180,10 +180,6 @@ rxrpc_alloc_client_connection(struct rxrpc_bundle *bundle, gfp_t gfp)
        if (ret < 0)
                goto error_1;
 
-       ret = conn->security->prime_packet_security(conn);
-       if (ret < 0)
-               goto error_2;
-
        atomic_inc(&rxnet->nr_conns);
        write_lock(&rxnet->conn_lock);
        list_add_tail(&conn->proc_link, &rxnet->conn_proc_list);
@@ -203,8 +199,6 @@ rxrpc_alloc_client_connection(struct rxrpc_bundle *bundle, gfp_t gfp)
        _leave(" = %p", conn);
        return conn;
 
-error_2:
-       conn->security->clear(conn);
 error_1:
        rxrpc_put_client_connection_id(conn);
 error_0:

diff --git a/net/rxrpc/conn_event.c b/net/rxrpc/conn_event.c
index 03a482b..aab0697 100644 (file)
--- a/net/rxrpc/conn_event.c
+++ b/net/rxrpc/conn_event.c
@@ -338,10 +338,6 @@ static int rxrpc_process_event(struct rxrpc_connection *conn,
                if (ret < 0)
                        return ret;
 
-               ret = conn->security->prime_packet_security(conn);
-               if (ret < 0)
-                       return ret;
-
                spin_lock(&conn->bundle->channel_lock);
                spin_lock_bh(&conn->state_lock);
 

diff --git a/net/rxrpc/insecure.c b/net/rxrpc/insecure.c
index cf3ecff..914e2f2 100644 (file)
--- a/net/rxrpc/insecure.c
+++ b/net/rxrpc/insecure.c
@@ -14,11 +14,6 @@ static int none_init_connection_security(struct rxrpc_connection *conn,
        return 0;
 }
 
-static int none_prime_packet_security(struct rxrpc_connection *conn)
-{
-       return 0;
-}
-
 static int none_secure_packet(struct rxrpc_call *call,
                              struct sk_buff *skb,
                              size_t data_size,
@@ -87,7 +82,6 @@ const struct rxrpc_security rxrpc_no_security = {
        .init                           = none_init,
        .exit                           = none_exit,
        .init_connection_security       = none_init_connection_security,
-       .prime_packet_security          = none_prime_packet_security,
        .free_call_crypto               = none_free_call_crypto,
        .secure_packet                  = none_secure_packet,
        .verify_packet                  = none_verify_packet,

diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c
index 3057f00..3018948 100644 (file)
--- a/net/rxrpc/rxkad.c
+++ b/net/rxrpc/rxkad.c
@@ -38,6 +38,9 @@ struct rxkad_level2_hdr {
        __be32  checksum;       /* decrypted data checksum */
 };
 
+static int rxkad_prime_packet_security(struct rxrpc_connection *conn,
+                                      struct crypto_sync_skcipher *ci);
+
 /*
  * this holds a pinned cipher so that keventd doesn't get called by the cipher
  * alloc routine, but since we have it to hand, we use it to decrypt RESPONSE
@@ -130,8 +133,15 @@ static int rxkad_init_connection_security(struct rxrpc_connection *conn,
                goto error;
        }
 
+       ret = rxkad_prime_packet_security(conn, ci);
+       if (ret < 0)
+               goto error_ci;
+
        conn->cipher = ci;
-       ret = 0;
+       return 0;
+
+error_ci:
+       crypto_free_sync_skcipher(ci);
 error:
        _leave(" = %d", ret);
        return ret;
@@ -141,7 +151,8 @@ error:
  * prime the encryption state with the invariant parts of a connection's
  * description
  */
-static int rxkad_prime_packet_security(struct rxrpc_connection *conn)
+static int rxkad_prime_packet_security(struct rxrpc_connection *conn,
+                                      struct crypto_sync_skcipher *ci)
 {
        struct skcipher_request *req;
        struct rxrpc_key_token *token;
@@ -159,7 +170,7 @@ static int rxkad_prime_packet_security(struct rxrpc_connection *conn)
        if (!tmpbuf)
                return -ENOMEM;
 
-       req = skcipher_request_alloc(&conn->cipher->base, GFP_NOFS);
+       req = skcipher_request_alloc(&ci->base, GFP_NOFS);
        if (!req) {
                kfree(tmpbuf);
                return -ENOMEM;
@@ -174,7 +185,7 @@ static int rxkad_prime_packet_security(struct rxrpc_connection *conn)
        tmpbuf[3] = htonl(conn->security_ix);
 
        sg_init_one(&sg, tmpbuf, tmpsize);
-       skcipher_request_set_sync_tfm(req, conn->cipher);
+       skcipher_request_set_sync_tfm(req, ci);
        skcipher_request_set_callback(req, 0, NULL, NULL);
        skcipher_request_set_crypt(req, &sg, &sg, tmpsize, iv.x);
        crypto_skcipher_encrypt(req);
@@ -1350,7 +1361,6 @@ const struct rxrpc_security rxkad = {
        .free_preparse_server_key       = rxkad_free_preparse_server_key,
        .destroy_server_key             = rxkad_destroy_server_key,
        .init_connection_security       = rxkad_init_connection_security,
-       .prime_packet_security          = rxkad_prime_packet_security,
        .secure_packet                  = rxkad_secure_packet,
        .verify_packet                  = rxkad_verify_packet,
        .free_call_crypto               = rxkad_free_call_crypto,