tls: allocate the fallback aead after checking that the cipher is valid

No need to allocate the aead if we're going to fail afterwards.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Link: https://lore.kernel.org/r/335e32511ed55a0b30f3f81a78fa8f323b3bdf8f.1692977948.git.sd@queasysnail.net
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

diff --git a/net/tls/tls_device_fallback.c b/net/tls/tls_device_fallback.c
index cb224fb..4de9061 100644 (file)
--- a/net/tls/tls_device_fallback.c
+++ b/net/tls/tls_device_fallback.c
@@ -475,15 +475,6 @@ int tls_sw_fallback_init(struct sock *sk,
        const u8 *key;
        int rc;
 
-       offload_ctx->aead_send =
-           crypto_alloc_aead("gcm(aes)", 0, CRYPTO_ALG_ASYNC);
-       if (IS_ERR(offload_ctx->aead_send)) {
-               rc = PTR_ERR(offload_ctx->aead_send);
-               pr_err_ratelimited("crypto_alloc_aead failed rc=%d\n", rc);
-               offload_ctx->aead_send = NULL;
-               goto err_out;
-       }
-
        switch (crypto_info->cipher_type) {
        case TLS_CIPHER_AES_GCM_128:
                key = ((struct tls12_crypto_info_aes_gcm_128 *)crypto_info)->key;
@@ -493,10 +484,19 @@ int tls_sw_fallback_init(struct sock *sk,
                break;
        default:
                rc = -EINVAL;
-               goto free_aead;
+               goto err_out;
        }
        cipher_desc = get_cipher_desc(crypto_info->cipher_type);
 
+       offload_ctx->aead_send =
+           crypto_alloc_aead("gcm(aes)", 0, CRYPTO_ALG_ASYNC);
+       if (IS_ERR(offload_ctx->aead_send)) {
+               rc = PTR_ERR(offload_ctx->aead_send);
+               pr_err_ratelimited("crypto_alloc_aead failed rc=%d\n", rc);
+               offload_ctx->aead_send = NULL;
+               goto err_out;
+       }
+
        rc = crypto_aead_setkey(offload_ctx->aead_send, key, cipher_desc->key);
        if (rc)
                goto free_aead;