netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Dan Carpenter <dan.carpenter@linaro.org>
To: Eric Biggers <ebiggers@kernel.org>
Cc: netdev@vger.kernel.org
Subject: [bug report] tcp: Convert tcp-md5 to use MD5 library instead of crypto_ahash
Date: Wed, 22 Oct 2025 13:56:47 +0300	[thread overview]
Message-ID: <aPi4b6aWBbBR52P1@stanley.mountain> (raw)

Hello Eric Biggers,

Commit 37a183d3b7cd ("tcp: Convert tcp-md5 to use MD5 library instead
of crypto_ahash") from Oct 14, 2025 (linux-next), leads to the
following Smatch static checker warning:

	net/ipv4/tcp.c:4911 tcp_inbound_md5_hash()
	error: we previously assumed 'key' could be null (see line 4900)

net/ipv4/tcp.c
  4884  tcp_inbound_md5_hash(const struct sock *sk, const struct sk_buff *skb,
  4885                       const void *saddr, const void *daddr,
  4886                       int family, int l3index, const __u8 *hash_location)
  4887  {
  4888          /* This gets called for each TCP segment that has TCP-MD5 option.
  4889           * We have 3 drop cases:
  4890           * o No MD5 hash and one expected.
  4891           * o MD5 hash and we're not expecting one.
  4892           * o MD5 hash and its wrong.
  4893           */
  4894          const struct tcp_sock *tp = tcp_sk(sk);
  4895          struct tcp_md5sig_key *key;
  4896          u8 newhash[16];
  4897  
  4898          key = tcp_md5_do_lookup(sk, l3index, saddr, family);
  4899  
  4900          if (!key && hash_location) {

If key is NULL and hash_location is zero

  4901                  NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
  4902                  trace_tcp_hash_md5_unexpected(sk, skb);
  4903                  return SKB_DROP_REASON_TCP_MD5UNEXPECTED;
  4904          }
  4905  
  4906          /* Check the signature.
  4907           * To support dual stack listeners, we need to handle
  4908           * IPv4-mapped case.
  4909           */
  4910          if (family == AF_INET)
  4911                  tcp_v4_md5_hash_skb(newhash, key, NULL, skb);
  4912          else
  4913                  tp->af_specific->calc_md5_hash(newhash, key, NULL, skb);

then we are toasted one way or the other.

  4914          if (memcmp(hash_location, newhash, 16) != 0) {
  4915                  NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5FAILURE);
  4916                  trace_tcp_hash_md5_mismatch(sk, skb);
  4917                  return SKB_DROP_REASON_TCP_MD5FAILURE;
  4918          }
  4919          return SKB_NOT_DROPPED_YET;
  4920  }

regards,
dan carpenter

             reply	other threads:[~2025-10-22 10:56 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-10-22 10:56 Dan Carpenter [this message]
2025-10-22 16:43 ` [bug report] tcp: Convert tcp-md5 to use MD5 library instead of crypto_ahash Eric Biggers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=aPi4b6aWBbBR52P1@stanley.mountain \
    --to=dan.carpenter@linaro.org \
    --cc=ebiggers@kernel.org \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).