[v5,4/5] net/tcp: Do cleanup on tcp_md5_key_copy() failure

Message ID	20221122185534.308643-5-dima@arista.com (mailing list archive)
State	Superseded
Delegated to:	Netdev Maintainers
Headers	show Return-Path: <netdev-owner@kernel.org> From: Dmitry Safonov <dima@arista.com> To: linux-kernel@vger.kernel.org, David Ahern <dsahern@kernel.org>, Eric Dumazet <edumazet@google.com>, Peter Zijlstra <peterz@infradead.org> Cc: Dmitry Safonov <dima@arista.com>, Ard Biesheuvel <ardb@kernel.org>, Bob Gilligan <gilligan@arista.com>, "David S. Miller" <davem@davemloft.net>, Dmitry Safonov <0x7f454c46@gmail.com>, Francesco Ruggeri <fruggeri@arista.com>, Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>, Jakub Kicinski <kuba@kernel.org>, Jason Baron <jbaron@akamai.com>, Josh Poimboeuf <jpoimboe@kernel.org>, Paolo Abeni <pabeni@redhat.com>, Salam Noureddine <noureddine@arista.com>, Steven Rostedt <rostedt@goodmis.org>, netdev@vger.kernel.org Subject: [PATCH v5 4/5] net/tcp: Do cleanup on tcp_md5_key_copy() failure Date: Tue, 22 Nov 2022 18:55:33 +0000 Message-Id: <20221122185534.308643-5-dima@arista.com> In-Reply-To: <20221122185534.308643-1-dima@arista.com> References: <20221122185534.308643-1-dima@arista.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	net/tcp: Dynamically disable TCP-MD5 static key \| expand [v5,0/5] net/tcp: Dynamically disable TCP-MD5 static key [v5,1/5] jump_label: Prevent key->enabled int overflow [v5,2/5] net/tcp: Separate tcp_md5sig_info allocation into tcp_md5sig_info_add() [v5,3/5] net/tcp: Disable TCP-MD5 static key on tcp_md5sig_info destruction [v5,4/5] net/tcp: Do cleanup on tcp_md5_key_copy() failure [v5,5/5] net/tcp: Separate initialization of twsk

Message ID

20221122185534.308643-5-dima@arista.com (mailing list archive)

State

Superseded

Delegated to:

Netdev Maintainers

Headers

From: Dmitry Safonov <dima@arista.com>
To: linux-kernel@vger.kernel.org, David Ahern <dsahern@kernel.org>,
        Eric Dumazet <edumazet@google.com>,
        Peter Zijlstra <peterz@infradead.org>
Cc: Dmitry Safonov <dima@arista.com>, Ard Biesheuvel <ardb@kernel.org>,
        Bob Gilligan <gilligan@arista.com>,
        "David S. Miller" <davem@davemloft.net>,
        Dmitry Safonov <0x7f454c46@gmail.com>,
        Francesco Ruggeri <fruggeri@arista.com>,
        Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
        Jakub Kicinski <kuba@kernel.org>,
        Jason Baron <jbaron@akamai.com>,
        Josh Poimboeuf <jpoimboe@kernel.org>,
        Paolo Abeni <pabeni@redhat.com>,
        Salam Noureddine <noureddine@arista.com>,
        Steven Rostedt <rostedt@goodmis.org>, netdev@vger.kernel.org
Subject: [PATCH v5 4/5] net/tcp: Do cleanup on tcp_md5_key_copy() failure
Date: Tue, 22 Nov 2022 18:55:33 +0000
Message-Id: <20221122185534.308643-5-dima@arista.com>
In-Reply-To: <20221122185534.308643-1-dima@arista.com>
References: <20221122185534.308643-1-dima@arista.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

net/tcp: Dynamically disable TCP-MD5 static key | expand

Context	Check	Description
netdev/tree_selection	success	Guessing tree name failed - patch did not apply, async

Context

Check

Description

netdev/tree_selection

success

Guessing tree name failed - patch did not apply, async

Commit Message

Dmitry Safonov Nov. 22, 2022, 6:55 p.m. UTC

If the kernel was short on (atomic) memory and failed to allocate it -
don't proceed to creation of request socket. Otherwise the socket would
be unsigned and userspace likely doesn't expect that the TCP is not
MD5-signed anymore.

Signed-off-by: Dmitry Safonov <dima@arista.com>
Acked-by: Jakub Kicinski <kuba@kernel.org>
---
 net/ipv4/tcp_ipv4.c |  9 ++-------
 net/ipv6/tcp_ipv6.c | 15 ++++++++-------
 2 files changed, 10 insertions(+), 14 deletions(-)

diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 776fbc2451bc..6ddfa8e45d03 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -1630,13 +1630,8 @@  struct sock *tcp_v4_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
 	addr = (union tcp_md5_addr *)&newinet->inet_daddr;
 	key = tcp_md5_do_lookup(sk, l3index, addr, AF_INET);
 	if (key) {
-		/*
-		 * We're using one, so create a matching key
-		 * on the newsk structure. If we fail to get
-		 * memory, then we end up not copying the key
-		 * across. Shucks.
-		 */
-		tcp_md5_key_copy(newsk, addr, AF_INET, 32, l3index, key);
+		if (tcp_md5_key_copy(newsk, addr, AF_INET, 32, l3index, key))
+			goto put_and_exit;
 		sk_gso_disable(newsk);
 	}
 #endif
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
index 83304d6a6bd0..21486b4a9774 100644
--- a/net/ipv6/tcp_ipv6.c
+++ b/net/ipv6/tcp_ipv6.c
@@ -1376,13 +1376,14 @@  static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *
 	/* Copy over the MD5 key from the original socket */
 	key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr, l3index);
 	if (key) {
-		/* We're using one, so create a matching key
-		 * on the newsk structure. If we fail to get
-		 * memory, then we end up not copying the key
-		 * across. Shucks.
-		 */
-		tcp_md5_key_copy(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
-				 AF_INET6, 128, l3index, key);
+		const union tcp_md5_addr *addr;
+
+		addr = (union tcp_md5_addr *)&newsk->sk_v6_daddr;
+		if (tcp_md5_key_copy(newsk, addr, AF_INET6, 128, l3index, key)) {
+			inet_csk_prepare_forced_close(newsk);
+			tcp_done(newsk);
+			goto out;
+		}
 	}
 #endif

[v5,4/5] net/tcp: Do cleanup on tcp_md5_key_copy() failure

Checks

Commit Message

Patch