github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-02 11:33:28 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph

rxrpc: Fix unhandled errors in rxgk_verify_packet_integrity()

Browse Source 
rxgk_verify_packet_integrity() may get more errors than just -EPROTO from
rxgk_verify_mic_skb().  Pretty much anything other than -ENOMEM constitutes
an unrecoverable error.  In the case of -ENOMEM, we can just drop the
packet and wait for a retransmission.

Similar happens with rxgk_decrypt_skb() and its callers.

Fix rxgk_decrypt_skb() or rxgk_verify_mic_skb() to return a greater variety
of abort codes and fix their callers to abort the connection on any error
apart from -ENOMEM.

Also preclear the variables used to hold the abort code returned from
rxgk_decrypt_skb() or rxgk_verify_mic_skb() to eliminate uninitialised
variable warnings.

Fixes: 9d1d2b5934 ("rxrpc: rxgk: Implement the yfs-rxgk security class (GSSAPI)")
Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
Closes: https://lists.infradead.org/pipermail/linux-afs/2025-April/009739.html
Closes: https://lists.infradead.org/pipermail/linux-afs/2025-April/009740.html
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Marc Dionne <marc.dionne@auristor.com>
cc: linux-afs@lists.infradead.org
Reviewed-by: Simon Horman <horms@kernel.org>
Link: https://patch.msgid.link/2038804.1757631496@warthog.procyon.org.uk
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
This commit is contained in:
David Howells 2025-09-11 23:58:16 +01:00 committed by Jakub Kicinski
parent 70d99623d5
commit 64863f4ca4
3 changed files with 28 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
net/rxrpc/rxgk.c
View File

@ -475,7 +475,7 @@ static int rxgk_verify_packet_integrity(struct rxrpc_call *call,
struct krb5_buffer metadata; struct krb5_buffer metadata;
unsigned int offset = sp->offset, len = sp->len; unsigned int offset = sp->offset, len = sp->len;
size_t data_offset = 0, data_len = len; size_t data_offset = 0, data_len = len;
u32 ac; u32 ac = 0;
int ret = -ENOMEM; int ret = -ENOMEM;
_enter(""); _enter("");
@ -499,9 +499,10 @@ static int rxgk_verify_packet_integrity(struct rxrpc_call *call,
ret = rxgk_verify_mic_skb(gk->krb5, gk->rx_Kc, &metadata, ret = rxgk_verify_mic_skb(gk->krb5, gk->rx_Kc, &metadata,
skb, &offset, &len, &ac); skb, &offset, &len, &ac);
kfree(hdr); kfree(hdr);
if (ret == -EPROTO) { if (ret < 0) {
rxrpc_abort_eproto(call, skb, ac, if (ret != -ENOMEM)
rxgk_abort_1_verify_mic_eproto); rxrpc_abort_eproto(call, skb, ac,
rxgk_abort_1_verify_mic_eproto);
} else { } else {
sp->offset = offset; sp->offset = offset;
sp->len = len; sp->len = len;
@ -524,15 +525,16 @@ static int rxgk_verify_packet_encrypted(struct rxrpc_call *call,
struct rxgk_header hdr; struct rxgk_header hdr;
unsigned int offset = sp->offset, len = sp->len; unsigned int offset = sp->offset, len = sp->len;
int ret; int ret;
u32 ac; u32 ac = 0;
_enter(""); _enter("");
ret = rxgk_decrypt_skb(gk->krb5, gk->rx_enc, skb, &offset, &len, &ac); ret = rxgk_decrypt_skb(gk->krb5, gk->rx_enc, skb, &offset, &len, &ac);
if (ret == -EPROTO) if (ret < 0) {
rxrpc_abort_eproto(call, skb, ac, rxgk_abort_2_decrypt_eproto); if (ret != -ENOMEM)
if (ret < 0) rxrpc_abort_eproto(call, skb, ac, rxgk_abort_2_decrypt_eproto);
goto error; goto error;
}
if (len < sizeof(hdr)) { if (len < sizeof(hdr)) {
ret = rxrpc_abort_eproto(call, skb, RXGK_PACKETSHORT, ret = rxrpc_abort_eproto(call, skb, RXGK_PACKETSHORT,

10
net/rxrpc/rxgk_app.c
View File

@ -187,7 +187,7 @@ int rxgk_extract_token(struct rxrpc_connection *conn, struct sk_buff *skb,
struct key *server_key; struct key *server_key;
unsigned int ticket_offset, ticket_len; unsigned int ticket_offset, ticket_len;
u32 kvno, enctype; u32 kvno, enctype;
int ret, ec; int ret, ec = 0;
struct { struct {
__be32 kvno; __be32 kvno;
@ -236,9 +236,11 @@ int rxgk_extract_token(struct rxrpc_connection *conn, struct sk_buff *skb,
&ticket_offset, &ticket_len, &ec); &ticket_offset, &ticket_len, &ec);
crypto_free_aead(token_enc); crypto_free_aead(token_enc);
token_enc = NULL; token_enc = NULL;
if (ret < 0) if (ret < 0) {
return rxrpc_abort_conn(conn, skb, ec, ret, if (ret != -ENOMEM)
rxgk_abort_resp_tok_dec); return rxrpc_abort_conn(conn, skb, ec, ret,
rxgk_abort_resp_tok_dec);
}
ret = conn->security->default_decode_ticket(conn, skb, ticket_offset, ret = conn->security->default_decode_ticket(conn, skb, ticket_offset,
ticket_len, _key); ticket_len, _key);

14
net/rxrpc/rxgk_common.h
View File

@ -88,11 +88,16 @@ int rxgk_decrypt_skb(const struct krb5_enctype *krb5,
*_offset += offset; *_offset += offset;
*_len = len; *_len = len;
break; break;
case -EBADMSG: /* Checksum mismatch. */
case -EPROTO: case -EPROTO:
case -EBADMSG:
*_error_code = RXGK_SEALEDINCON; *_error_code = RXGK_SEALEDINCON;
break; break;
case -EMSGSIZE:
*_error_code = RXGK_PACKETSHORT;
break;
case -ENOPKG: /* Would prefer RXGK_BADETYPE, but not available for YFS. */
default: default:
*_error_code = RXGK_INCONSISTENCY;
break; break;
} }
@ -127,11 +132,16 @@ int rxgk_verify_mic_skb(const struct krb5_enctype *krb5,
*_offset += offset; *_offset += offset;
*_len = len; *_len = len;
break; break;
case -EBADMSG: /* Checksum mismatch */
case -EPROTO: case -EPROTO:
case -EBADMSG:
*_error_code = RXGK_SEALEDINCON; *_error_code = RXGK_SEALEDINCON;
break; break;
case -EMSGSIZE:
*_error_code = RXGK_PACKETSHORT;
break;
case -ENOPKG: /* Would prefer RXGK_BADETYPE, but not available for YFS. */
default: default:
*_error_code = RXGK_INCONSISTENCY;
break; break;
} }