Skip to content

Commit e9c369d

Browse files
dhowellsgregkh
dhowells
authored and
gregkh
committed
rxrpc: Fix missing error checks for rxkad encryption/decryption failure
commit f93af41 upstream. Add error checking for failure of crypto_skcipher_en/decrypt() to various rxkad function as the crypto functions can fail with ENOMEM at least. Fixes: 17926a7 ("[AF_RXRPC]: Provide secure RxRPC sockets for use by userspace and kernel both") Closes: https://sashiko.dev/#/patchset/20260401105614.1696001-10-dhowells@redhat.com Signed-off-by: David Howells <dhowells@redhat.com> cc: Marc Dionne <marc.dionne@auristor.com> cc: Jeffrey Altman <jaltman@auristor.com> cc: Simon Horman <horms@kernel.org> cc: linux-afs@lists.infradead.org cc: stable@kernel.org Link: https://patch.msgid.link/20260408121252.2249051-17-dhowells@redhat.com Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
1 parent 57cf762 commit e9c369d

1 file changed

Lines changed: 38 additions & 19 deletions

File tree

net/rxrpc/rxkad.c

Lines changed: 38 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -189,6 +189,7 @@ static int rxkad_prime_packet_security(struct rxrpc_connection *conn,
189189
struct rxrpc_crypt iv;
190190
__be32 *tmpbuf;
191191
size_t tmpsize = 4 * sizeof(__be32);
192+
int ret;
192193

193194
_enter("");
194195

@@ -217,13 +218,13 @@ static int rxkad_prime_packet_security(struct rxrpc_connection *conn,
217218
skcipher_request_set_sync_tfm(req, ci);
218219
skcipher_request_set_callback(req, 0, NULL, NULL);
219220
skcipher_request_set_crypt(req, &sg, &sg, tmpsize, iv.x);
220-
crypto_skcipher_encrypt(req);
221+
ret = crypto_skcipher_encrypt(req);
221222
skcipher_request_free(req);
222223

223224
memcpy(&conn->rxkad.csum_iv, tmpbuf + 2, sizeof(conn->rxkad.csum_iv));
224225
kfree(tmpbuf);
225-
_leave(" = 0");
226-
return 0;
226+
_leave(" = %d", ret);
227+
return ret;
227228
}
228229

229230
/*
@@ -257,6 +258,7 @@ static int rxkad_secure_packet_auth(const struct rxrpc_call *call,
257258
struct scatterlist sg;
258259
size_t pad;
259260
u16 check;
261+
int ret;
260262

261263
_enter("");
262264

@@ -279,11 +281,11 @@ static int rxkad_secure_packet_auth(const struct rxrpc_call *call,
279281
skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher);
280282
skcipher_request_set_callback(req, 0, NULL, NULL);
281283
skcipher_request_set_crypt(req, &sg, &sg, 8, iv.x);
282-
crypto_skcipher_encrypt(req);
284+
ret = crypto_skcipher_encrypt(req);
283285
skcipher_request_zero(req);
284286

285-
_leave(" = 0");
286-
return 0;
287+
_leave(" = %d", ret);
288+
return ret;
287289
}
288290

289291
/*
@@ -342,7 +344,7 @@ static int rxkad_secure_packet(struct rxrpc_call *call, struct rxrpc_txbuf *txb)
342344
union {
343345
__be32 buf[2];
344346
} crypto __aligned(8);
345-
u32 x, y;
347+
u32 x, y = 0;
346348
int ret;
347349

348350
_enter("{%d{%x}},{#%u},%u,",
@@ -373,8 +375,10 @@ static int rxkad_secure_packet(struct rxrpc_call *call, struct rxrpc_txbuf *txb)
373375
skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher);
374376
skcipher_request_set_callback(req, 0, NULL, NULL);
375377
skcipher_request_set_crypt(req, &sg, &sg, 8, iv.x);
376-
crypto_skcipher_encrypt(req);
378+
ret = crypto_skcipher_encrypt(req);
377379
skcipher_request_zero(req);
380+
if (ret < 0)
381+
goto out;
378382

379383
y = ntohl(crypto.buf[1]);
380384
y = (y >> 16) & 0xffff;
@@ -397,6 +401,7 @@ static int rxkad_secure_packet(struct rxrpc_call *call, struct rxrpc_txbuf *txb)
397401
break;
398402
}
399403

404+
out:
400405
skcipher_request_free(req);
401406
_leave(" = %d [set %x]", ret, y);
402407
return ret;
@@ -437,8 +442,10 @@ static int rxkad_verify_packet_1(struct rxrpc_call *call, struct sk_buff *skb,
437442
skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher);
438443
skcipher_request_set_callback(req, 0, NULL, NULL);
439444
skcipher_request_set_crypt(req, sg, sg, 8, iv.x);
440-
crypto_skcipher_decrypt(req);
445+
ret = crypto_skcipher_decrypt(req);
441446
skcipher_request_zero(req);
447+
if (ret < 0)
448+
return ret;
442449

443450
/* Extract the decrypted packet length */
444451
if (skb_copy_bits(skb, sp->offset, &sechdr, sizeof(sechdr)) < 0)
@@ -515,10 +522,14 @@ static int rxkad_verify_packet_2(struct rxrpc_call *call, struct sk_buff *skb,
515522
skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher);
516523
skcipher_request_set_callback(req, 0, NULL, NULL);
517524
skcipher_request_set_crypt(req, sg, sg, sp->len, iv.x);
518-
crypto_skcipher_decrypt(req);
525+
ret = crypto_skcipher_decrypt(req);
519526
skcipher_request_zero(req);
520527
if (sg != _sg)
521528
kfree(sg);
529+
if (ret < 0) {
530+
WARN_ON_ONCE(ret != -ENOMEM);
531+
return ret;
532+
}
522533

523534
/* Extract the decrypted packet length */
524535
if (skb_copy_bits(skb, sp->offset, &sechdr, sizeof(sechdr)) < 0)
@@ -586,8 +597,10 @@ static int rxkad_verify_packet(struct rxrpc_call *call, struct sk_buff *skb)
586597
skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher);
587598
skcipher_request_set_callback(req, 0, NULL, NULL);
588599
skcipher_request_set_crypt(req, &sg, &sg, 8, iv.x);
589-
crypto_skcipher_encrypt(req);
600+
ret = crypto_skcipher_encrypt(req);
590601
skcipher_request_zero(req);
602+
if (ret < 0)
603+
goto out;
591604

592605
y = ntohl(crypto.buf[1]);
593606
cksum = (y >> 16) & 0xffff;
@@ -989,21 +1002,23 @@ static int rxkad_decrypt_ticket(struct rxrpc_connection *conn,
9891002
/*
9901003
* decrypt the response packet
9911004
*/
992-
static void rxkad_decrypt_response(struct rxrpc_connection *conn,
993-
struct rxkad_response *resp,
994-
const struct rxrpc_crypt *session_key)
1005+
static int rxkad_decrypt_response(struct rxrpc_connection *conn,
1006+
struct rxkad_response *resp,
1007+
const struct rxrpc_crypt *session_key)
9951008
{
9961009
struct skcipher_request *req = rxkad_ci_req;
9971010
struct scatterlist sg[1];
9981011
struct rxrpc_crypt iv;
1012+
int ret;
9991013

10001014
_enter(",,%08x%08x",
10011015
ntohl(session_key->n[0]), ntohl(session_key->n[1]));
10021016

10031017
mutex_lock(&rxkad_ci_mutex);
1004-
if (crypto_sync_skcipher_setkey(rxkad_ci, session_key->x,
1005-
sizeof(*session_key)) < 0)
1006-
BUG();
1018+
ret = crypto_sync_skcipher_setkey(rxkad_ci, session_key->x,
1019+
sizeof(*session_key));
1020+
if (ret < 0)
1021+
goto unlock;
10071022

10081023
memcpy(&iv, session_key, sizeof(iv));
10091024

@@ -1012,12 +1027,14 @@ static void rxkad_decrypt_response(struct rxrpc_connection *conn,
10121027
skcipher_request_set_sync_tfm(req, rxkad_ci);
10131028
skcipher_request_set_callback(req, 0, NULL, NULL);
10141029
skcipher_request_set_crypt(req, sg, sg, sizeof(resp->encrypted), iv.x);
1015-
crypto_skcipher_decrypt(req);
1030+
ret = crypto_skcipher_decrypt(req);
10161031
skcipher_request_zero(req);
10171032

1033+
unlock:
10181034
mutex_unlock(&rxkad_ci_mutex);
10191035

10201036
_leave("");
1037+
return ret;
10211038
}
10221039

10231040
/*
@@ -1110,7 +1127,9 @@ static int rxkad_verify_response(struct rxrpc_connection *conn,
11101127

11111128
/* use the session key from inside the ticket to decrypt the
11121129
* response */
1113-
rxkad_decrypt_response(conn, response, &session_key);
1130+
ret = rxkad_decrypt_response(conn, response, &session_key);
1131+
if (ret < 0)
1132+
goto temporary_error_free_ticket;
11141133

11151134
if (ntohl(response->encrypted.epoch) != conn->proto.epoch ||
11161135
ntohl(response->encrypted.cid) != conn->proto.cid ||

0 commit comments

Comments
 (0)