| Message ID | 30ec3274c323de7c3a9b013b9bfb6c3418465d30.1653336079.git.mkubecek@suse.cz (mailing list archive) |
|---|---|
| State | Awaiting Upstream |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | [ipsec,v2] Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process" | expand |
On Mon, May 23, 2022 at 10:05:24PM +0200, Michal Kubecek wrote: > This reverts commit 4dc2a5a8f6754492180741facf2a8787f2c415d7. > > A non-zero return value from pfkey_broadcast() does not necessarily mean > an error occurred as this function returns -ESRCH when no registered > listener received the message. In particular, a call with > BROADCAST_PROMISC_ONLY flag and null one_sk argument can never return > zero so that this commit in fact prevents processing any PF_KEY message. > One visible effect is that racoon daemon fails to find encryption > algorithms like aes and refuses to start. > > Excluding -ESRCH return value would fix this but it's not obvious that > we really want to bail out here and most other callers of > pfkey_broadcast() also ignore the return value. Also, as pointed out by > Steffen Klassert, PF_KEY is kind of deprecated and newer userspace code > should use netlink instead so that we should only disturb the code for > really important fixes. > > v2: add a comment explaining why is the return value ignored > > Signed-off-by: Michal Kubecek <mkubecek@suse.cz> Applied, thanks Michal!
diff --git a/net/key/af_key.c b/net/key/af_key.c index 339d95df19d3..d93bde657359 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c @@ -2826,10 +2826,12 @@ static int pfkey_process(struct sock *sk, struct sk_buff *skb, const struct sadb void *ext_hdrs[SADB_EXT_MAX]; int err; - err = pfkey_broadcast(skb_clone(skb, GFP_KERNEL), GFP_KERNEL, - BROADCAST_PROMISC_ONLY, NULL, sock_net(sk)); - if (err) - return err; + /* Non-zero return value of pfkey_broadcast() does not always signal + * an error and even on an actual error we may still want to process + * the message so rather ignore the return value. + */ + pfkey_broadcast(skb_clone(skb, GFP_KERNEL), GFP_KERNEL, + BROADCAST_PROMISC_ONLY, NULL, sock_net(sk)); memset(ext_hdrs, 0, sizeof(ext_hdrs)); err = parse_exthdrs(skb, hdr, ext_hdrs);
This reverts commit 4dc2a5a8f6754492180741facf2a8787f2c415d7. A non-zero return value from pfkey_broadcast() does not necessarily mean an error occurred as this function returns -ESRCH when no registered listener received the message. In particular, a call with BROADCAST_PROMISC_ONLY flag and null one_sk argument can never return zero so that this commit in fact prevents processing any PF_KEY message. One visible effect is that racoon daemon fails to find encryption algorithms like aes and refuses to start. Excluding -ESRCH return value would fix this but it's not obvious that we really want to bail out here and most other callers of pfkey_broadcast() also ignore the return value. Also, as pointed out by Steffen Klassert, PF_KEY is kind of deprecated and newer userspace code should use netlink instead so that we should only disturb the code for really important fixes. v2: add a comment explaining why is the return value ignored Signed-off-by: Michal Kubecek <mkubecek@suse.cz> --- net/key/af_key.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-)