From nobody Fri Apr 10 17:53:31 2026 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 574DA3C5540 for ; Wed, 8 Apr 2026 12:14:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775650494; cv=none; b=QzfQcbqQeTCnsYr18f32h2i7k6CWF16ejmwTyruMej8Bt3b/Tz0QlDmyFGorCpF5fIPk2bu71cCyp0BBO5GcIWoejX+i1TmdtW/TElTMHGaXaEXGvwIl1pmi6i645lWdqAJeAmBHS9+l+rpU+4mvnTtR6wFbnUigCOukh4O2flY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775650494; c=relaxed/simple; bh=4bGG+WKlmZnQE5+xJAZsK8+RDV2RYPOrI4xFceiOOTI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=uoNf4DFGtADKXSCwQ051wEgycMwMJPBhPt7AnKOORioKB3Kj/oXr9iBObilwJ3A5ro4vLDMK18WHOxyGsbpq+zT0LJOU+0GFeW615rhOKBapYi6INrJUDbAgF8a1bzdKTmtXQnPS/RcF+u0TccEmEfozBQztEbEnAKSwiSLKk9E= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=ekIS9CJX; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="ekIS9CJX" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1775650489; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lzGK/ehoWIQ6RR+Dx+R5NC8SLfFD5hvf0fr4eyBqMw0=; b=ekIS9CJXaa1iilslR70CL7DGG734qaOZkplWqKQaOffLpYckhxZo8GXvkPhMxsB6EoT1zq hgPJ39+ZIjKkt/K7mmh7RDZ2zRmtyZEilVBa+9yiW1b4sJ1lkGjVyix+hY2VYNPFQvXozS Ie8ai/wvzseW7nfu1J7pzMz3SL0WnGU= Received: from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-314-M_wJmC8KOPWoZ_pQHs-ILA-1; Wed, 08 Apr 2026 08:14:44 -0400 X-MC-Unique: M_wJmC8KOPWoZ_pQHs-ILA-1 X-Mimecast-MFC-AGG-ID: M_wJmC8KOPWoZ_pQHs-ILA_1775650482 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 64FD81800464; Wed, 8 Apr 2026 12:14:42 +0000 (UTC) Received: from warthog.procyon.org.com (unknown [10.44.32.94]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id C1A1C300019F; Wed, 8 Apr 2026 12:14:38 +0000 (UTC) From: David Howells To: netdev@vger.kernel.org Cc: David Howells , Marc Dionne , Jakub Kicinski , "David S. Miller" , Eric Dumazet , Paolo Abeni , linux-afs@lists.infradead.org, linux-kernel@vger.kernel.org, Jeffrey Altman , Simon Horman , stable@kernel.org Subject: [PATCH net v5 16/21] rxrpc: Fix missing error checks for rxkad encryption/decryption failure Date: Wed, 8 Apr 2026 13:12:44 +0100 Message-ID: <20260408121252.2249051-17-dhowells@redhat.com> In-Reply-To: <20260408121252.2249051-1-dhowells@redhat.com> References: <20260408121252.2249051-1-dhowells@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 Content-Type: text/plain; charset="utf-8" Add error checking for failure of crypto_skcipher_en/decrypt() to various rxkad function as the crypto functions can fail with ENOMEM at least. Fixes: 17926a79320a ("[AF_RXRPC]: Provide secure RxRPC sockets for use by u= serspace and kernel both") Closes: https://sashiko.dev/#/patchset/20260401105614.1696001-10-dhowells@r= edhat.com Signed-off-by: David Howells cc: Marc Dionne cc: Jeffrey Altman cc: Eric Dumazet cc: "David S. Miller" cc: Jakub Kicinski cc: Paolo Abeni cc: Simon Horman cc: linux-afs@lists.infradead.org cc: netdev@vger.kernel.org cc: stable@kernel.org --- net/rxrpc/rxkad.c | 57 +++++++++++++++++++++++++++++++---------------- 1 file changed, 38 insertions(+), 19 deletions(-) diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 0f79d694cb08..eb7f2769d2b1 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c @@ -197,6 +197,7 @@ static int rxkad_prime_packet_security(struct rxrpc_con= nection *conn, struct rxrpc_crypt iv; __be32 *tmpbuf; size_t tmpsize =3D 4 * sizeof(__be32); + int ret; =20 _enter(""); =20 @@ -225,13 +226,13 @@ static int rxkad_prime_packet_security(struct rxrpc_c= onnection *conn, skcipher_request_set_sync_tfm(req, ci); skcipher_request_set_callback(req, 0, NULL, NULL); skcipher_request_set_crypt(req, &sg, &sg, tmpsize, iv.x); - crypto_skcipher_encrypt(req); + ret =3D crypto_skcipher_encrypt(req); skcipher_request_free(req); =20 memcpy(&conn->rxkad.csum_iv, tmpbuf + 2, sizeof(conn->rxkad.csum_iv)); kfree(tmpbuf); - _leave(" =3D 0"); - return 0; + _leave(" =3D %d", ret); + return ret; } =20 /* @@ -264,6 +265,7 @@ static int rxkad_secure_packet_auth(const struct rxrpc_= call *call, struct scatterlist sg; size_t pad; u16 check; + int ret; =20 _enter(""); =20 @@ -286,11 +288,11 @@ static int rxkad_secure_packet_auth(const struct rxrp= c_call *call, skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher); skcipher_request_set_callback(req, 0, NULL, NULL); skcipher_request_set_crypt(req, &sg, &sg, 8, iv.x); - crypto_skcipher_encrypt(req); + ret =3D crypto_skcipher_encrypt(req); skcipher_request_zero(req); =20 - _leave(" =3D 0"); - return 0; + _leave(" =3D %d", ret); + return ret; } =20 /* @@ -345,7 +347,7 @@ static int rxkad_secure_packet(struct rxrpc_call *call,= struct rxrpc_txbuf *txb) union { __be32 buf[2]; } crypto __aligned(8); - u32 x, y; + u32 x, y =3D 0; int ret; =20 _enter("{%d{%x}},{#%u},%u,", @@ -376,8 +378,10 @@ static int rxkad_secure_packet(struct rxrpc_call *call= , struct rxrpc_txbuf *txb) skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher); skcipher_request_set_callback(req, 0, NULL, NULL); skcipher_request_set_crypt(req, &sg, &sg, 8, iv.x); - crypto_skcipher_encrypt(req); + ret =3D crypto_skcipher_encrypt(req); skcipher_request_zero(req); + if (ret < 0) + goto out; =20 y =3D ntohl(crypto.buf[1]); y =3D (y >> 16) & 0xffff; @@ -413,6 +417,7 @@ static int rxkad_secure_packet(struct rxrpc_call *call,= struct rxrpc_txbuf *txb) memset(p + txb->pkt_len, 0, gap); } =20 +out: skcipher_request_free(req); _leave(" =3D %d [set %x]", ret, y); return ret; @@ -453,8 +458,10 @@ static int rxkad_verify_packet_1(struct rxrpc_call *ca= ll, struct sk_buff *skb, skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher); skcipher_request_set_callback(req, 0, NULL, NULL); skcipher_request_set_crypt(req, sg, sg, 8, iv.x); - crypto_skcipher_decrypt(req); + ret =3D crypto_skcipher_decrypt(req); skcipher_request_zero(req); + if (ret < 0) + return ret; =20 /* Extract the decrypted packet length */ if (skb_copy_bits(skb, sp->offset, &sechdr, sizeof(sechdr)) < 0) @@ -531,10 +538,14 @@ static int rxkad_verify_packet_2(struct rxrpc_call *c= all, struct sk_buff *skb, skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher); skcipher_request_set_callback(req, 0, NULL, NULL); skcipher_request_set_crypt(req, sg, sg, sp->len, iv.x); - crypto_skcipher_decrypt(req); + ret =3D crypto_skcipher_decrypt(req); skcipher_request_zero(req); if (sg !=3D _sg) kfree(sg); + if (ret < 0) { + WARN_ON_ONCE(ret !=3D -ENOMEM); + return ret; + } =20 /* Extract the decrypted packet length */ if (skb_copy_bits(skb, sp->offset, &sechdr, sizeof(sechdr)) < 0) @@ -602,8 +613,10 @@ static int rxkad_verify_packet(struct rxrpc_call *call= , struct sk_buff *skb) skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher); skcipher_request_set_callback(req, 0, NULL, NULL); skcipher_request_set_crypt(req, &sg, &sg, 8, iv.x); - crypto_skcipher_encrypt(req); + ret =3D crypto_skcipher_encrypt(req); skcipher_request_zero(req); + if (ret < 0) + goto out; =20 y =3D ntohl(crypto.buf[1]); cksum =3D (y >> 16) & 0xffff; @@ -1077,21 +1090,23 @@ static int rxkad_decrypt_ticket(struct rxrpc_connec= tion *conn, /* * decrypt the response packet */ -static void rxkad_decrypt_response(struct rxrpc_connection *conn, - struct rxkad_response *resp, - const struct rxrpc_crypt *session_key) +static int rxkad_decrypt_response(struct rxrpc_connection *conn, + struct rxkad_response *resp, + const struct rxrpc_crypt *session_key) { struct skcipher_request *req =3D rxkad_ci_req; struct scatterlist sg[1]; struct rxrpc_crypt iv; + int ret; =20 _enter(",,%08x%08x", ntohl(session_key->n[0]), ntohl(session_key->n[1])); =20 mutex_lock(&rxkad_ci_mutex); - if (crypto_sync_skcipher_setkey(rxkad_ci, session_key->x, - sizeof(*session_key)) < 0) - BUG(); + ret =3D crypto_sync_skcipher_setkey(rxkad_ci, session_key->x, + sizeof(*session_key)); + if (ret < 0) + goto unlock; =20 memcpy(&iv, session_key, sizeof(iv)); =20 @@ -1100,12 +1115,14 @@ static void rxkad_decrypt_response(struct rxrpc_con= nection *conn, skcipher_request_set_sync_tfm(req, rxkad_ci); skcipher_request_set_callback(req, 0, NULL, NULL); skcipher_request_set_crypt(req, sg, sg, sizeof(resp->encrypted), iv.x); - crypto_skcipher_decrypt(req); + ret =3D crypto_skcipher_decrypt(req); skcipher_request_zero(req); =20 +unlock: mutex_unlock(&rxkad_ci_mutex); =20 _leave(""); + return ret; } =20 /* @@ -1198,7 +1215,9 @@ static int rxkad_verify_response(struct rxrpc_connect= ion *conn, =20 /* use the session key from inside the ticket to decrypt the * response */ - rxkad_decrypt_response(conn, response, &session_key); + ret =3D rxkad_decrypt_response(conn, response, &session_key); + if (ret < 0) + goto temporary_error_free_ticket; =20 if (ntohl(response->encrypted.epoch) !=3D conn->proto.epoch || ntohl(response->encrypted.cid) !=3D conn->proto.cid ||