Received: by 2002:ab2:6816:0:b0:1f9:5764:f03e with SMTP id t22csp1500492lqo; Sat, 18 May 2024 06:05:02 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVIdLJNyn8CCM4F0f7dZe/U9t8WP/FzIc14mfIdDWN2pK9ekqPzCOcm8YvRwiSE2NSQR5efo2WMW+Hma38NS9BZVOdW3yPbDaEYt7tJ0A== X-Google-Smtp-Source: AGHT+IFQ08dlonv/JjcQDEN1m17VQyuS+s4YacTbuYn1nDUcuEtCAXzeqF8E0ExcsLSHsWWBUc8h X-Received: by 2002:a05:6214:3c9c:b0:6a0:ceaf:c6cd with SMTP id 6a1803df08f44-6a1681d94edmr259987236d6.33.1716037501763; Sat, 18 May 2024 06:05:01 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1716037501; cv=pass; d=google.com; s=arc-20160816; b=v8ndPMXHja81ju5VMe+lroNENewqjmHXwOBLeNoOqNOb5r72a5CnKX8cNG1rTXOKen vQ5J9qpSo+LilbIo4PDI8q9SvPkpLgSU0ZxBMhgd04DJpEmSfchUsDjYv3Ww5kecoLev jpMnC1K/DZSs0QHApT5op5+ymT1kW/UdIe29SLgdwbu9fShUKFUKdHnzzRbo+soxToxk 7xYOGEWclulCn+NsKPbZZ70M8EC7iblkxEhLRKSsYpuD+wAO6mSWn92V3xyFZK8/LPNy 8dw4YLFWPoRyagxNgHyFlErDll5Di/JxACiuIoUqo4H/u8muy8ipuFhAP36Qi4xQpeo+ CL0g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:date:subject:cc:to :from:dkim-signature; bh=mrZuWAfje+0i8K+OD1/L6Iu+gflYcACm+4AEdS34KKY=; fh=bSSJXhSoRYM22ng7hqOlKMe6VfEn0rAnZq1AS4vv4vs=; b=ZACUrKtHW1hZVr6bcI+FFCATO0BsMcJwLSXLRKJxNbGddclDaWord8+5vndTl+pid9 +xCYqgER3jgzZ3300gqCx6kioF+uJ6T5kCfbhDZH6GVz7z4J6zxADdsvBYg8qr3XQb4F Uz37PUA3q5f/4wI17Z0FSGinmROTjjNL8zRlS0TA9qqw5BT/55jusvW7c0hC9FIKoGzs b7H1ICkL62MAxavEihMqUK8mQqciC89kx7CGzV8QMJwE+ZHo5QpLHRW4CsRNoPDVgMBN OcsO2/4OUVPorQSd8ri4HA8sgWx7Po1DP8XUn72YirCk4YH6Olp9YE+IYCRrUQSV19sH DU/A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b="aA/6Gg9G"; arc=pass (i=1 spf=pass spfdomain=amazon.com dkim=pass dkdomain=amazon.com dmarc=pass fromdomain=amazon.com); spf=pass (google.com: domain of linux-kernel+bounces-182884-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-182884-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id 6a1803df08f44-6a942fb6fa5si1336816d6.490.2024.05.18.06.05.01 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 18 May 2024 06:05:01 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-182884-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b="aA/6Gg9G"; arc=pass (i=1 spf=pass spfdomain=amazon.com dkim=pass dkdomain=amazon.com dmarc=pass fromdomain=amazon.com); spf=pass (google.com: domain of linux-kernel+bounces-182884-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-182884-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 713E61C20D37 for ; Sat, 18 May 2024 13:05:01 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 52ADD3B7A8; Sat, 18 May 2024 13:04:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b="aA/6Gg9G" Received: from smtp-fw-80006.amazon.com (smtp-fw-80006.amazon.com [99.78.197.217]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 33CF81F5FA; Sat, 18 May 2024 13:04:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=99.78.197.217 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716037492; cv=none; b=GLtPH+FyDM/8/Df3gBrShcp5AubgXY0jK34Kwmi4jlTX/l57hYEg12yiT6qiu1VHL5I2/Q1tb4Y5ya5B8L0x0+poCEa7ZpHqLqz/LQ/X2E/Hyo68K2InBJPkvnjxnoa4KN0CJfnqmx6vqVitZhjFJ3U6cbB5OIiOGOBM0bVNcqY= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716037492; c=relaxed/simple; bh=RUjfpWzPBaoGkwn/Pmm4roGPCc8ljs1SzamDFRicGT8=; h=From:To:CC:Subject:Date:Message-ID:MIME-Version:Content-Type; b=kHHpdi39+aUSIZv6JCFuRA1+W4D24iJ3C98oSsvJnxOyWxaAenjGnDIjNO9McnYi8GacwVVmhXpxucoW38B2JUKu32+L4M1RJnpOdam4FB8u/Ksaza7YJqZG5z6m99/eKohaaEWo0dsDy0Hd0e39XBrDt0AsQHob8WuAdo4YWKM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com; spf=pass smtp.mailfrom=amazon.com; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b=aA/6Gg9G; arc=none smtp.client-ip=99.78.197.217 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1716037492; x=1747573492; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=mrZuWAfje+0i8K+OD1/L6Iu+gflYcACm+4AEdS34KKY=; b=aA/6Gg9G8KBIgeZtUE0F0y9soPDOUDuAwctjZML6fzc+eHMALjKIGs1C hvTRahj+gjGsrv1ILDp+dM1CB7IEUhvaDm7odKaFZEowbnk6vndDaBHWb ppX4M4m9N0sBgCUvSSAu1SMBA1bgNi/SPLSNukXH3giTzDcd1L8kM3QU+ s=; X-IronPort-AV: E=Sophos;i="6.08,170,1712620800"; d="scan'208";a="295903782" Received: from pdx4-co-svc-p1-lb2-vlan3.amazon.com (HELO smtpout.prod.us-east-1.prod.farcaster.email.amazon.dev) ([10.25.36.214]) by smtp-border-fw-80006.pdx80.corp.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 May 2024 13:04:49 +0000 Received: from EX19MTAEUB002.ant.amazon.com [10.0.17.79:3208] by smtpin.naws.eu-west-1.prod.farcaster.email.amazon.dev [10.0.5.77:2525] with esmtp (Farcaster) id 84f5121c-7057-4153-b2f9-027c2ef572aa; Sat, 18 May 2024 13:04:47 +0000 (UTC) X-Farcaster-Flow-ID: 84f5121c-7057-4153-b2f9-027c2ef572aa Received: from EX19D002EUA004.ant.amazon.com (10.252.50.181) by EX19MTAEUB002.ant.amazon.com (10.252.51.59) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Sat, 18 May 2024 13:04:46 +0000 Received: from EX19MTAUWA001.ant.amazon.com (10.250.64.204) by EX19D002EUA004.ant.amazon.com (10.252.50.181) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Sat, 18 May 2024 13:04:45 +0000 Received: from dev-dsk-hagarhem-1b-b868d8d5.eu-west-1.amazon.com (10.253.65.58) by mail-relay.amazon.com (10.250.64.204) with Microsoft SMTP Server id 15.2.1258.28 via Frontend Transport; Sat, 18 May 2024 13:04:44 +0000 Received: by dev-dsk-hagarhem-1b-b868d8d5.eu-west-1.amazon.com (Postfix, from userid 23002382) id 8F75520AC2; Sat, 18 May 2024 13:04:43 +0000 (UTC) From: Hagar Hemdan To: CC: Norbert Manthey , Hagar Hemdan , Steffen Klassert , Herbert Xu , "David S. Miller" , David Ahern , Eric Dumazet , Jakub Kicinski , Paolo Abeni , "Sabrina Dubroca" , , Subject: [PATCH v2] net: esp: cleanup esp_output_tail_tcp() in case of unsupported ESPINTCP Date: Sat, 18 May 2024 13:04:39 +0000 Message-ID: <20240518130439.20374-1-hagarhem@amazon.com> X-Mailer: git-send-email 2.40.1 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain xmit() functions should consume skb or return error codes in error paths. When the configuration "CONFIG_INET_ESPINTCP" is not set, the implementation of the function "esp_output_tail_tcp" violates this rule. The function frees the skb and returns the error code. This change removes the kfree_skb from both functions, for both esp4 and esp6. WARN_ON is added because esp_output_tail_tcp() should never be called if CONFIG_INET_ESPINTCP is not set. This bug was discovered and resolved using Coverity Static Analysis Security Testing (SAST) by Synopsys, Inc. Fixes: e27cca96cd68 ("xfrm: add espintcp (RFC 8229)") Signed-off-by: Hagar Hemdan --- net/ipv4/esp4.c | 3 +-- net/ipv6/esp6.c | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c index d33d12421814..e73de3abe37c 100644 --- a/net/ipv4/esp4.c +++ b/net/ipv4/esp4.c @@ -238,8 +238,7 @@ static int esp_output_tail_tcp(struct xfrm_state *x, struct sk_buff *skb) #else static int esp_output_tail_tcp(struct xfrm_state *x, struct sk_buff *skb) { - kfree_skb(skb); - + WARN_ON(1); return -EOPNOTSUPP; } #endif diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c index 7371886d4f9f..600402e54ccd 100644 --- a/net/ipv6/esp6.c +++ b/net/ipv6/esp6.c @@ -255,8 +255,7 @@ static int esp_output_tail_tcp(struct xfrm_state *x, struct sk_buff *skb) #else static int esp_output_tail_tcp(struct xfrm_state *x, struct sk_buff *skb) { - kfree_skb(skb); - + WARN_ON(1); return -EOPNOTSUPP; } #endif -- 2.40.1