Commit 64863f4c authored by David Howells's avatar David Howells Committed by Jakub Kicinski
Browse files

rxrpc: Fix unhandled errors in rxgk_verify_packet_integrity() 



rxgk_verify_packet_integrity() may get more errors than just -EPROTO from
rxgk_verify_mic_skb().  Pretty much anything other than -ENOMEM constitutes
an unrecoverable error.  In the case of -ENOMEM, we can just drop the
packet and wait for a retransmission.

Similar happens with rxgk_decrypt_skb() and its callers.

Fix rxgk_decrypt_skb() or rxgk_verify_mic_skb() to return a greater variety
of abort codes and fix their callers to abort the connection on any error
apart from -ENOMEM.

Also preclear the variables used to hold the abort code returned from
rxgk_decrypt_skb() or rxgk_verify_mic_skb() to eliminate uninitialised
variable warnings.

Fixes: 9d1d2b59 ("rxrpc: rxgk: Implement the yfs-rxgk security class (GSSAPI)")
Reported-by: default avatarDan Carpenter <dan.carpenter@linaro.org>
Closes: https://lists.infradead.org/pipermail/linux-afs/2025-April/009739.html
Closes: https://lists.infradead.org/pipermail/linux-afs/2025-April/009740.html


Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
cc: Marc Dionne <marc.dionne@auristor.com>
cc: linux-afs@lists.infradead.org
Reviewed-by: default avatarSimon Horman <horms@kernel.org>
Link: https://patch.msgid.link/2038804.1757631496@warthog.procyon.org.uk


Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent 70d99623

net/rxrpc/rxgk.c

+10 −8
Original line number Diff line number Diff line
@@ -475,7 +475,7 @@ static int rxgk_verify_packet_integrity(struct rxrpc_call *call, 
	struct krb5_buffer metadata;

	unsigned int offset = sp->offset, len = sp->len;

	size_t data_offset = 0, data_len = len;

	u32 ac;

	u32 ac = 0;

	int ret = -ENOMEM;



	_enter("");
@@ -499,7 +499,8 @@ static int rxgk_verify_packet_integrity(struct rxrpc_call *call, 
	ret = rxgk_verify_mic_skb(gk->krb5, gk->rx_Kc, &metadata,

				  skb, &offset, &len, &ac);

	kfree(hdr);

	if (ret == -EPROTO) {

	if (ret < 0) {

		if (ret != -ENOMEM)

			rxrpc_abort_eproto(call, skb, ac,

					   rxgk_abort_1_verify_mic_eproto);

	} else {
@@ -524,15 +525,16 @@ static int rxgk_verify_packet_encrypted(struct rxrpc_call *call, 
	struct rxgk_header hdr;

	unsigned int offset = sp->offset, len = sp->len;

	int ret;

	u32 ac;

	u32 ac = 0;



	_enter("");



	ret = rxgk_decrypt_skb(gk->krb5, gk->rx_enc, skb, &offset, &len, &ac);

	if (ret == -EPROTO)

	if (ret < 0) {

		if (ret != -ENOMEM)

			rxrpc_abort_eproto(call, skb, ac, rxgk_abort_2_decrypt_eproto);

	if (ret < 0)

		goto error;

	}



	if (len < sizeof(hdr)) {

		ret = rxrpc_abort_eproto(call, skb, RXGK_PACKETSHORT,

net/rxrpc/rxgk_app.c

+6 −4
Original line number Diff line number Diff line
@@ -187,7 +187,7 @@ int rxgk_extract_token(struct rxrpc_connection *conn, struct sk_buff *skb, 
	struct key *server_key;

	unsigned int ticket_offset, ticket_len;

	u32 kvno, enctype;

	int ret, ec;

	int ret, ec = 0;



	struct {

		__be32 kvno;
@@ -236,9 +236,11 @@ int rxgk_extract_token(struct rxrpc_connection *conn, struct sk_buff *skb, 
			       &ticket_offset, &ticket_len, &ec);

	crypto_free_aead(token_enc);

	token_enc = NULL;

	if (ret < 0)

	if (ret < 0) {

		if (ret != -ENOMEM)

			return rxrpc_abort_conn(conn, skb, ec, ret,

						rxgk_abort_resp_tok_dec);

	}



	ret = conn->security->default_decode_ticket(conn, skb, ticket_offset,

						    ticket_len, _key);

net/rxrpc/rxgk_common.h

+12 −2
Original line number Diff line number Diff line
@@ -88,11 +88,16 @@ int rxgk_decrypt_skb(const struct krb5_enctype *krb5, 
		*_offset += offset;

		*_len = len;

		break;

	case -EBADMSG: /* Checksum mismatch. */

	case -EPROTO:

	case -EBADMSG:

		*_error_code = RXGK_SEALEDINCON;

		break;

	case -EMSGSIZE:

		*_error_code = RXGK_PACKETSHORT;

		break;

	case -ENOPKG: /* Would prefer RXGK_BADETYPE, but not available for YFS. */

	default:

		*_error_code = RXGK_INCONSISTENCY;

		break;

	}
@@ -127,11 +132,16 @@ int rxgk_verify_mic_skb(const struct krb5_enctype *krb5, 
		*_offset += offset;

		*_len = len;

		break;

	case -EBADMSG: /* Checksum mismatch */

	case -EPROTO:

	case -EBADMSG:

		*_error_code = RXGK_SEALEDINCON;

		break;

	case -EMSGSIZE:

		*_error_code = RXGK_PACKETSHORT;

		break;

	case -ENOPKG: /* Would prefer RXGK_BADETYPE, but not available for YFS. */

	default:

		*_error_code = RXGK_INCONSISTENCY;

		break;

	}