From: Dan Carpenter <dan.carpenter@linaro.org>
To: David Howells <dhowells@redhat.com>
Cc: linux-afs@lists.infradead.org, netdev@vger.kernel.org
Subject: [bug report] rxrpc: rxgk: Implement the yfs-rxgk security class (GSSAPI)
Date: Wed, 16 Apr 2025 14:11:53 +0300 [thread overview]
Message-ID: <Z_-QeaIsAPU0n1eR@stanley.mountain> (raw)
Hello David Howells,
Commit 9d1d2b59341f ("rxrpc: rxgk: Implement the yfs-rxgk security
class (GSSAPI)") from Apr 11, 2025 (linux-next), leads to the
following Smatch static checker warning:
net/rxrpc/rxgk.c:501 rxgk_verify_packet_integrity()
error: uninitialized symbol 'ac'.
net/rxrpc/rxgk.c
467 static int rxgk_verify_packet_integrity(struct rxrpc_call *call,
468 struct rxgk_context *gk,
469 struct sk_buff *skb)
470 {
471 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
472 struct rxgk_header *hdr;
473 struct krb5_buffer metadata;
474 unsigned int offset = sp->offset, len = sp->len;
475 size_t data_offset = 0, data_len = len;
476 u32 ac;
477 int ret = -ENOMEM;
478
479 _enter("");
480
481 crypto_krb5_where_is_the_data(gk->krb5, KRB5_CHECKSUM_MODE,
482 &data_offset, &data_len);
483
484 hdr = kzalloc(sizeof(*hdr), GFP_NOFS);
485 if (!hdr)
486 return -ENOMEM;
487
488 hdr->epoch = htonl(call->conn->proto.epoch);
489 hdr->cid = htonl(call->cid);
490 hdr->call_number = htonl(call->call_id);
491 hdr->seq = htonl(sp->hdr.seq);
492 hdr->sec_index = htonl(call->security_ix);
493 hdr->data_len = htonl(data_len);
494
495 metadata.len = sizeof(*hdr);
496 metadata.data = hdr;
497 ret = rxgk_verify_mic_skb(gk->krb5, gk->rx_Kc, &metadata,
498 skb, &offset, &len, &ac);
499 kfree(hdr);
500 if (ret == -EPROTO) {
--> 501 rxrpc_abort_eproto(call, skb, ac,
This is a false positive in Smatch, but why is only -EPROTO handled and
not other error codes? It could be intentional, but it's hard for me to
be sure because I don't know the code well.
502 rxgk_abort_1_verify_mic_eproto);
503 } else {
504 sp->offset = offset;
505 sp->len = len;
506 }
507
508 rxgk_put(gk);
509 _leave(" = %d", ret);
510 return ret;
511 }
regards,
dan carpenter
next reply other threads:[~2025-04-16 11:11 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-16 11:11 Dan Carpenter [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-04-16 14:12 [bug report] rxrpc: rxgk: Implement the yfs-rxgk security class (GSSAPI) Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z_-QeaIsAPU0n1eR@stanley.mountain \
--to=dan.carpenter@linaro.org \
--cc=dhowells@redhat.com \
--cc=linux-afs@lists.infradead.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.