From: Dan Carpenter <dan.carpenter@linaro.org>
To: David Howells <dhowells@redhat.com>
Cc: linux-afs@lists.infradead.org, netdev@vger.kernel.org
Subject: [bug report] rxrpc: rxgk: Implement the yfs-rxgk security class (GSSAPI)
Date: Wed, 16 Apr 2025 14:11:53 +0300 [thread overview]
Message-ID: <Z_-QeaIsAPU0n1eR@stanley.mountain> (raw)
Hello David Howells,
Commit 9d1d2b59341f ("rxrpc: rxgk: Implement the yfs-rxgk security
class (GSSAPI)") from Apr 11, 2025 (linux-next), leads to the
following Smatch static checker warning:
net/rxrpc/rxgk.c:501 rxgk_verify_packet_integrity()
error: uninitialized symbol 'ac'.
net/rxrpc/rxgk.c
467 static int rxgk_verify_packet_integrity(struct rxrpc_call *call,
468 struct rxgk_context *gk,
469 struct sk_buff *skb)
470 {
471 struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
472 struct rxgk_header *hdr;
473 struct krb5_buffer metadata;
474 unsigned int offset = sp->offset, len = sp->len;
475 size_t data_offset = 0, data_len = len;
476 u32 ac;
477 int ret = -ENOMEM;
478
479 _enter("");
480
481 crypto_krb5_where_is_the_data(gk->krb5, KRB5_CHECKSUM_MODE,
482 &data_offset, &data_len);
483
484 hdr = kzalloc(sizeof(*hdr), GFP_NOFS);
485 if (!hdr)
486 return -ENOMEM;
487
488 hdr->epoch = htonl(call->conn->proto.epoch);
489 hdr->cid = htonl(call->cid);
490 hdr->call_number = htonl(call->call_id);
491 hdr->seq = htonl(sp->hdr.seq);
492 hdr->sec_index = htonl(call->security_ix);
493 hdr->data_len = htonl(data_len);
494
495 metadata.len = sizeof(*hdr);
496 metadata.data = hdr;
497 ret = rxgk_verify_mic_skb(gk->krb5, gk->rx_Kc, &metadata,
498 skb, &offset, &len, &ac);
499 kfree(hdr);
500 if (ret == -EPROTO) {
--> 501 rxrpc_abort_eproto(call, skb, ac,
This is a false positive in Smatch, but why is only -EPROTO handled and
not other error codes? It could be intentional, but it's hard for me to
be sure because I don't know the code well.
502 rxgk_abort_1_verify_mic_eproto);
503 } else {
504 sp->offset = offset;
505 sp->len = len;
506 }
507
508 rxgk_put(gk);
509 _leave(" = %d", ret);
510 return ret;
511 }
regards,
dan carpenter
next reply other threads:[~2025-04-16 11:11 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-16 11:11 Dan Carpenter [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-04-16 14:12 [bug report] rxrpc: rxgk: Implement the yfs-rxgk security class (GSSAPI) Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z_-QeaIsAPU0n1eR@stanley.mountain \
--to=dan.carpenter@linaro.org \
--cc=dhowells@redhat.com \
--cc=linux-afs@lists.infradead.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).