Re: [PATCH v2] af_key: Add check for the return value of pfkey_sadb2xfrm_user_sec_ctx()
From: Paolo Abeni
Date: Thu Jul 10 2025 - 05:29:34 EST
On 7/7/25 6:05 PM, Haoxiang Li wrote:
> Add check for the return value of pfkey_sadb2xfrm_user_sec_ctx()
> in pfkey_compile_policy(), and set proper error flag.
>
> Signed-off-by: Haoxiang Li <haoxiang_li2024@xxxxxxx>
> ---
> Changes in v2:
> - Set error flag '*dir' properly.
> - Hi, Steffen! I know that inside pfkey_sadb2xfrm_user_sec_ctx(), null
> value check has been done. This patch does the null value check after
> pfkey_sadb2xfrm_user_sec_ctx() being called in pfkey_compile_policy().
> Also, set proper error flag if pfkey_sadb2xfrm_user_sec_ctx() returns
> null. This patch code is similar to [1]. Thanks, Steffen!
>
> [1]https://github.com/torvalds/linux/blob/master/net/key/af_key.c#L2404
> ---
> net/key/af_key.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/net/key/af_key.c b/net/key/af_key.c
> index efc2a91f4c48..9cd14a31a427 100644
> --- a/net/key/af_key.c
> +++ b/net/key/af_key.c
> @@ -3335,6 +3335,11 @@ static struct xfrm_policy *pfkey_compile_policy(struct sock *sk, int opt,
> if ((*dir = verify_sec_ctx_len(p)))
> goto out;
> uctx = pfkey_sadb2xfrm_user_sec_ctx(sec_ctx, GFP_ATOMIC);
> + if (!uctx) {
> + *dir = -ENOMEM;
> + goto out;
> + }
> +
> *dir = security_xfrm_policy_alloc(&xp->security, uctx, GFP_ATOMIC);
AFAICS security_xfrm_policy_alloc() handle safely 'uctx' arguments ...
> kfree(uctx);
... and kfree, too.
This patch looks not needed.
/P