rxrpc: Fix re-decryption of RESPONSE packets

If a RESPONSE packet gets a temporary failure during processing, it may end
up in a partially decrypted state - and then get requeued for a retry.

Fix this by just discarding the packet; we will send another CHALLENGE
packet and thereby elicit a further response.  Similarly, discard an
incoming CHALLENGE packet if we get an error whilst generating a RESPONSE;
the server will send another CHALLENGE.

Fixes: 17926a79320a ("[AF_RXRPC]: Provide secure RxRPC sockets for use by userspace and kernel both")
Closes: https://sashiko.dev/#/patchset/20260422161438.2593376-4-dhowells@redhat.com
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Marc Dionne <marc.dionne@auristor.com>
cc: Jeffrey Altman <jaltman@auristor.com>
cc: Simon Horman <horms@kernel.org>
cc: linux-afs@lists.infradead.org
cc: stable@kernel.org
Link: https://patch.msgid.link/20260423200909.3049438-3-dhowells@redhat.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

diff --git a/include/trace/events/rxrpc.h b/include/trace/events/rxrpc.h
index 13b9d017f8e177239c47e2ba425f8dcdafd48a2b..573f2df3a2c998f3f0a21cd3d1dec9d6b09fa919 100644 (file)
--- a/include/trace/events/rxrpc.h
+++ b/include/trace/events/rxrpc.h
@@ -285,7 +285,6 @@
        EM(rxrpc_conn_put_unidle,               "PUT unidle  ") \
        EM(rxrpc_conn_put_work,                 "PUT work    ") \
        EM(rxrpc_conn_queue_challenge,          "QUE chall   ") \
-       EM(rxrpc_conn_queue_retry_work,         "QUE retry-wk") \
        EM(rxrpc_conn_queue_rx_work,            "QUE rx-work ") \
        EM(rxrpc_conn_see_new_service_conn,     "SEE new-svc ") \
        EM(rxrpc_conn_see_reap_service,         "SEE reap-svc") \

diff --git a/net/rxrpc/conn_event.c b/net/rxrpc/conn_event.c
index aee977291d90bd977a22c957f98897ef7c26e789..a2130d25aaa9b73a77f7d6ef28f2b2956189decc 100644 (file)
--- a/net/rxrpc/conn_event.c
+++ b/net/rxrpc/conn_event.c
@@ -389,7 +389,6 @@ again:
 static void rxrpc_do_process_connection(struct rxrpc_connection *conn)
 {
        struct sk_buff *skb;
-       int ret;
 
        if (test_and_clear_bit(RXRPC_CONN_EV_CHALLENGE, &conn->events))
                rxrpc_secure_connection(conn);
@@ -398,17 +397,8 @@ static void rxrpc_do_process_connection(struct rxrpc_connection *conn)
         * connection that each one has when we've finished with it */
        while ((skb = skb_dequeue(&conn->rx_queue))) {
                rxrpc_see_skb(skb, rxrpc_skb_see_conn_work);
-               ret = rxrpc_process_event(conn, skb);
-               switch (ret) {
-               case -ENOMEM:
-               case -EAGAIN:
-                       skb_queue_head(&conn->rx_queue, skb);
-                       rxrpc_queue_conn(conn, rxrpc_conn_queue_retry_work);
-                       break;
-               default:
-                       rxrpc_free_skb(skb, rxrpc_skb_put_conn_work);
-                       break;
-               }
+               rxrpc_process_event(conn, skb);
+               rxrpc_free_skb(skb, rxrpc_skb_put_conn_work);
        }
 }