[PATCH AUTOSEL 4.14 19/25] Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process"

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Michal Kubecek <mkubecek@suse.cz>,
	Steffen Klassert <steffen.klassert@secunet.com>,
	Sasha Levin <sashal@kernel.org>,
	davem@davemloft.net, edumazet@google.com, kuba@kernel.org,
	pabeni@redhat.com, netdev@vger.kernel.org
Subject: [PATCH AUTOSEL 4.14 19/25] Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process"
Date: Tue,  7 Jun 2022 14:02:20 -0400	[thread overview]
Message-ID: <20220607180229.482040-19-sashal@kernel.org> (raw)
In-Reply-To: <20220607180229.482040-1-sashal@kernel.org>

From: Michal Kubecek <mkubecek@suse.cz>

[ Upstream commit 9c90c9b3e50e16d03c7f87d63e9db373974781e0 ]

This reverts commit 4dc2a5a8f6754492180741facf2a8787f2c415d7.

A non-zero return value from pfkey_broadcast() does not necessarily mean
an error occurred as this function returns -ESRCH when no registered
listener received the message. In particular, a call with
BROADCAST_PROMISC_ONLY flag and null one_sk argument can never return
zero so that this commit in fact prevents processing any PF_KEY message.
One visible effect is that racoon daemon fails to find encryption
algorithms like aes and refuses to start.

Excluding -ESRCH return value would fix this but it's not obvious that
we really want to bail out here and most other callers of
pfkey_broadcast() also ignore the return value. Also, as pointed out by
Steffen Klassert, PF_KEY is kind of deprecated and newer userspace code
should use netlink instead so that we should only disturb the code for
really important fixes.

v2: add a comment explaining why is the return value ignored

Signed-off-by: Michal Kubecek <mkubecek@suse.cz>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 net/key/af_key.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/net/key/af_key.c b/net/key/af_key.c
index 990de0702b79..035123bf7259 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -2834,10 +2834,12 @@ static int pfkey_process(struct sock *sk, struct sk_buff *skb, const struct sadb
 	void *ext_hdrs[SADB_EXT_MAX];
 	int err;

-	err = pfkey_broadcast(skb_clone(skb, GFP_KERNEL), GFP_KERNEL,
-			      BROADCAST_PROMISC_ONLY, NULL, sock_net(sk));
-	if (err)
-		return err;
+	/* Non-zero return value of pfkey_broadcast() does not always signal
+	 * an error and even on an actual error we may still want to process
+	 * the message so rather ignore the return value.
+	 */
+	pfkey_broadcast(skb_clone(skb, GFP_KERNEL), GFP_KERNEL,
+			BROADCAST_PROMISC_ONLY, NULL, sock_net(sk));

 	memset(ext_hdrs, 0, sizeof(ext_hdrs));
 	err = parse_exthdrs(skb, hdr, ext_hdrs);
-- 
2.35.1

next prev parent reply	other threads:[~2022-06-07 18:53 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-06-07 18:02 [PATCH AUTOSEL 4.14 01/25] iio: dummy: iio_simple_dummy: check the return value of kstrdup() Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 02/25] lkdtm/usercopy: Expand size of "out of frame" object Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 03/25] tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 04/25] tty: Fix a possible resource leak in icom_probe Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 05/25] drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop() Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 06/25] USB: host: isp116x: check return value after calling platform_get_resource() Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 07/25] drivers: tty: serial: Fix deadlock in sa1100_set_termios() Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 08/25] drivers: usb: host: Fix deadlock in oxu_bus_suspend() Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 09/25] USB: hcd-pci: Fully suspend across freeze/thaw cycle Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 10/25] usb: dwc2: gadget: don't reset gadget's driver->bus Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 11/25] misc: rtsx: set NULL intfdata when probe fails Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 12/25] extcon: Modify extcon device to be created after driver data is set Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 13/25] clocksource/drivers/sp804: Avoid error on multiple instances Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 14/25] staging: rtl8712: fix uninit-value in r871xu_drv_init() Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 15/25] serial: msm_serial: disable interrupts in __msm_console_write() Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 16/25] kernfs: Separate kernfs_pr_cont_buf and rename_lock Sasha Levin
2022-06-07 18:02 ` [dm-devel] [PATCH AUTOSEL 4.14 17/25] md: don't unregister sync_thread with reconfig_mutex held Sasha Levin
2022-06-07 18:02   ` Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 18/25] md: protect md_unregister_thread from reentrancy Sasha Levin
2022-06-07 18:02 ` Sasha Levin [this message]
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 20/25] drm/radeon: fix a possible null pointer dereference Sasha Levin
2022-06-07 18:02   ` Sasha Levin
2022-06-07 18:02   ` Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 21/25] modpost: fix undefined behavior of is_arm_mapping_symbol() Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 22/25] nbd: call genl_unregister_family() first in nbd_cleanup() Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 23/25] nbd: fix race between nbd_alloc_config() and module removal Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 24/25] nbd: fix io hung while disconnecting device Sasha Levin
2022-06-07 18:02 ` [PATCH AUTOSEL 4.14 25/25] nodemask: Fix return values to be unsigned Sasha Levin

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:990de0702b7 dfblob:035123bf725 )
 OR (
bs:"[PATCH AUTOSEL 4.14 19/25] Revert "
bs:"net: af_key: add check for pfkey_broadcast in function pfkey_process" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220607180229.482040-19-sashal@kernel.org \
    --to=sashal@kernel.org \
    --cc=davem@davemloft.net \
    --cc=edumazet@google.com \
    --cc=kuba@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mkubecek@suse.cz \
    --cc=netdev@vger.kernel.org \
    --cc=pabeni@redhat.com \
    --cc=stable@vger.kernel.org \
    --cc=steffen.klassert@secunet.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.