tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

rxrpc: Fix re-decryption of RESPONSE packets

If a RESPONSE packet gets a temporary failure during processing, it may end
up in a partially decrypted state - and then get requeued for a retry.

Fix this by just discarding the packet; we will send another CHALLENGE
packet and thereby elicit a further response. Similarly, discard an
incoming CHALLENGE packet if we get an error whilst generating a RESPONSE;
the server will send another CHALLENGE.

Fixes: 17926a79320a ("[AF_RXRPC]: Provide secure RxRPC sockets for use by userspace and kernel both")
Closes: https://sashiko.dev/#/patchset/20260422161438.2593376-4-dhowells@redhat.com
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Marc Dionne <marc.dionne@auristor.com>
cc: Jeffrey Altman <jaltman@auristor.com>
cc: Simon Horman <horms@kernel.org>
cc: linux-afs@lists.infradead.org
cc: stable@kernel.org
Link: https://patch.msgid.link/20260423200909.3049438-3-dhowells@redhat.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

authored by

David Howells and committed by
Jakub Kicinski 0422e7a4 55b2984c

+2 -13
-1
include/trace/events/rxrpc.h
··· 285 285 EM(rxrpc_conn_put_unidle, "PUT unidle ") \ 286 286 EM(rxrpc_conn_put_work, "PUT work ") \ 287 287 EM(rxrpc_conn_queue_challenge, "QUE chall ") \ 288 - EM(rxrpc_conn_queue_retry_work, "QUE retry-wk") \ 289 288 EM(rxrpc_conn_queue_rx_work, "QUE rx-work ") \ 290 289 EM(rxrpc_conn_see_new_service_conn, "SEE new-svc ") \ 291 290 EM(rxrpc_conn_see_reap_service, "SEE reap-svc") \
+2 -12
net/rxrpc/conn_event.c
··· 389 389 static void rxrpc_do_process_connection(struct rxrpc_connection *conn) 390 390 { 391 391 struct sk_buff *skb; 392 - int ret; 393 392 394 393 if (test_and_clear_bit(RXRPC_CONN_EV_CHALLENGE, &conn->events)) 395 394 rxrpc_secure_connection(conn); ··· 397 398 * connection that each one has when we've finished with it */ 398 399 while ((skb = skb_dequeue(&conn->rx_queue))) { 399 400 rxrpc_see_skb(skb, rxrpc_skb_see_conn_work); 400 - ret = rxrpc_process_event(conn, skb); 401 - switch (ret) { 402 - case -ENOMEM: 403 - case -EAGAIN: 404 - skb_queue_head(&conn->rx_queue, skb); 405 - rxrpc_queue_conn(conn, rxrpc_conn_queue_retry_work); 406 - break; 407 - default: 408 - rxrpc_free_skb(skb, rxrpc_skb_put_conn_work); 409 - break; 410 - } 401 + rxrpc_process_event(conn, skb); 402 + rxrpc_free_skb(skb, rxrpc_skb_put_conn_work); 411 403 } 412 404 } 413 405