fs/smb/client/cifsglob.h | 2 -- fs/smb/client/smb2ops.c | 4 ---- fs/smb/client/smb2proto.h | 6 ------ fs/smb/client/smb2transport.c | 18 +++++++++--------- 4 files changed, 9 insertions(+), 21 deletions(-)
As the SMB1 and SMB2/3 calc_signature functions are called from separate
sign and verify paths, just call them directly rather than using a function
pointer. The SMB3 calc_signature then jumps to the SMB2 variant if
necessary.
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Steve French <sfrench@samba.org>
cc: Paulo Alcantara <pc@manguebit.org>
cc: linux-cifs@vger.kernel.org
cc: linux-fsdevel@vger.kernel.org
---
fs/smb/client/cifsglob.h | 2 --
fs/smb/client/smb2ops.c | 4 ----
fs/smb/client/smb2proto.h | 6 ------
fs/smb/client/smb2transport.c | 18 +++++++++---------
4 files changed, 9 insertions(+), 21 deletions(-)
diff --git a/fs/smb/client/cifsglob.h b/fs/smb/client/cifsglob.h
index b91397dbb6aa..7297f0f01cb3 100644
--- a/fs/smb/client/cifsglob.h
+++ b/fs/smb/client/cifsglob.h
@@ -536,8 +536,6 @@ struct smb_version_operations {
void (*new_lease_key)(struct cifs_fid *);
int (*generate_signingkey)(struct cifs_ses *ses,
struct TCP_Server_Info *server);
- int (*calc_signature)(struct smb_rqst *, struct TCP_Server_Info *,
- bool allocate_crypto);
int (*set_integrity)(const unsigned int, struct cifs_tcon *tcon,
struct cifsFileInfo *src_file);
int (*enum_snapshots)(const unsigned int xid, struct cifs_tcon *tcon,
diff --git a/fs/smb/client/smb2ops.c b/fs/smb/client/smb2ops.c
index 7c392cf5940b..66eee3440df6 100644
--- a/fs/smb/client/smb2ops.c
+++ b/fs/smb/client/smb2ops.c
@@ -5446,7 +5446,6 @@ struct smb_version_operations smb20_operations = {
.get_lease_key = smb2_get_lease_key,
.set_lease_key = smb2_set_lease_key,
.new_lease_key = smb2_new_lease_key,
- .calc_signature = smb2_calc_signature,
.is_read_op = smb2_is_read_op,
.set_oplock_level = smb2_set_oplock_level,
.create_lease_buf = smb2_create_lease_buf,
@@ -5550,7 +5549,6 @@ struct smb_version_operations smb21_operations = {
.get_lease_key = smb2_get_lease_key,
.set_lease_key = smb2_set_lease_key,
.new_lease_key = smb2_new_lease_key,
- .calc_signature = smb2_calc_signature,
.is_read_op = smb21_is_read_op,
.set_oplock_level = smb21_set_oplock_level,
.create_lease_buf = smb2_create_lease_buf,
@@ -5660,7 +5658,6 @@ struct smb_version_operations smb30_operations = {
.set_lease_key = smb2_set_lease_key,
.new_lease_key = smb2_new_lease_key,
.generate_signingkey = generate_smb30signingkey,
- .calc_signature = smb3_calc_signature,
.set_integrity = smb3_set_integrity,
.is_read_op = smb21_is_read_op,
.set_oplock_level = smb3_set_oplock_level,
@@ -5777,7 +5774,6 @@ struct smb_version_operations smb311_operations = {
.set_lease_key = smb2_set_lease_key,
.new_lease_key = smb2_new_lease_key,
.generate_signingkey = generate_smb311signingkey,
- .calc_signature = smb3_calc_signature,
.set_integrity = smb3_set_integrity,
.is_read_op = smb21_is_read_op,
.set_oplock_level = smb3_set_oplock_level,
diff --git a/fs/smb/client/smb2proto.h b/fs/smb/client/smb2proto.h
index b3f1398c9f79..7e98fbe7bf33 100644
--- a/fs/smb/client/smb2proto.h
+++ b/fs/smb/client/smb2proto.h
@@ -39,12 +39,6 @@ extern struct mid_q_entry *smb2_setup_async_request(
struct TCP_Server_Info *server, struct smb_rqst *rqst);
extern struct cifs_tcon *smb2_find_smb_tcon(struct TCP_Server_Info *server,
__u64 ses_id, __u32 tid);
-extern int smb2_calc_signature(struct smb_rqst *rqst,
- struct TCP_Server_Info *server,
- bool allocate_crypto);
-extern int smb3_calc_signature(struct smb_rqst *rqst,
- struct TCP_Server_Info *server,
- bool allocate_crypto);
extern void smb2_echo_request(struct work_struct *work);
extern __le32 smb2_get_lease_state(struct cifsInodeInfo *cinode);
extern bool smb2_is_valid_oplock_break(char *buffer,
diff --git a/fs/smb/client/smb2transport.c b/fs/smb/client/smb2transport.c
index 33f33013b392..916c131d763d 100644
--- a/fs/smb/client/smb2transport.c
+++ b/fs/smb/client/smb2transport.c
@@ -247,9 +247,9 @@ smb2_find_smb_tcon(struct TCP_Server_Info *server, __u64 ses_id, __u32 tid)
return tcon;
}
-int
+static int
smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server,
- bool allocate_crypto)
+ bool allocate_crypto)
{
int rc;
unsigned char smb2_signature[SMB2_HMACSHA256_SIZE];
@@ -576,9 +576,9 @@ generate_smb311signingkey(struct cifs_ses *ses,
return generate_smb3signingkey(ses, server, &triplet);
}
-int
+static int
smb3_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server,
- bool allocate_crypto)
+ bool allocate_crypto)
{
int rc;
unsigned char smb3_signature[SMB2_CMACAES_SIZE];
@@ -589,6 +589,9 @@ smb3_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server,
struct smb_rqst drqst;
u8 key[SMB3_SIGN_KEY_SIZE];
+ if ((server->vals->protocol_id & 0xf00) == 0x200)
+ return smb2_calc_signature(rqst, server, allocate_crypto);
+
rc = smb3_get_sign_key(le64_to_cpu(shdr->SessionId), server, key);
if (unlikely(rc)) {
cifs_server_dbg(FYI, "%s: Could not get signing key\n", __func__);
@@ -657,7 +660,6 @@ smb3_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server,
static int
smb2_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server)
{
- int rc = 0;
struct smb2_hdr *shdr;
struct smb2_sess_setup_req *ssr;
bool is_binding;
@@ -684,9 +686,7 @@ smb2_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server)
return 0;
}
- rc = server->ops->calc_signature(rqst, server, false);
-
- return rc;
+ return smb3_calc_signature(rqst, server, false);
}
int
@@ -722,7 +722,7 @@ smb2_verify_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)
memset(shdr->Signature, 0, SMB2_SIGNATURE_SIZE);
- rc = server->ops->calc_signature(rqst, server, true);
+ rc = smb3_calc_signature(rqst, server, true);
if (rc)
return rc;Hi David,
On 10/20, David Howells wrote:
>As the SMB1 and SMB2/3 calc_signature functions are called from separate
>sign and verify paths, just call them directly rather than using a function
>pointer. The SMB3 calc_signature then jumps to the SMB2 variant if
>necessary.
>
>Signed-off-by: David Howells <dhowells@redhat.com>
>cc: Steve French <sfrench@samba.org>
>cc: Paulo Alcantara <pc@manguebit.org>
>cc: linux-cifs@vger.kernel.org
>cc: linux-fsdevel@vger.kernel.org
>---
> fs/smb/client/cifsglob.h | 2 --
> fs/smb/client/smb2ops.c | 4 ----
> fs/smb/client/smb2proto.h | 6 ------
> fs/smb/client/smb2transport.c | 18 +++++++++---------
> 4 files changed, 9 insertions(+), 21 deletions(-)
>
>diff --git a/fs/smb/client/cifsglob.h b/fs/smb/client/cifsglob.h
>index b91397dbb6aa..7297f0f01cb3 100644
>--- a/fs/smb/client/cifsglob.h
>+++ b/fs/smb/client/cifsglob.h
>@@ -536,8 +536,6 @@ struct smb_version_operations {
> void (*new_lease_key)(struct cifs_fid *);
> int (*generate_signingkey)(struct cifs_ses *ses,
> struct TCP_Server_Info *server);
>- int (*calc_signature)(struct smb_rqst *, struct TCP_Server_Info *,
>- bool allocate_crypto);
> int (*set_integrity)(const unsigned int, struct cifs_tcon *tcon,
> struct cifsFileInfo *src_file);
> int (*enum_snapshots)(const unsigned int xid, struct cifs_tcon *tcon,
>diff --git a/fs/smb/client/smb2ops.c b/fs/smb/client/smb2ops.c
>index 7c392cf5940b..66eee3440df6 100644
>--- a/fs/smb/client/smb2ops.c
>+++ b/fs/smb/client/smb2ops.c
>@@ -5446,7 +5446,6 @@ struct smb_version_operations smb20_operations = {
> .get_lease_key = smb2_get_lease_key,
> .set_lease_key = smb2_set_lease_key,
> .new_lease_key = smb2_new_lease_key,
>- .calc_signature = smb2_calc_signature,
> .is_read_op = smb2_is_read_op,
> .set_oplock_level = smb2_set_oplock_level,
> .create_lease_buf = smb2_create_lease_buf,
>@@ -5550,7 +5549,6 @@ struct smb_version_operations smb21_operations = {
> .get_lease_key = smb2_get_lease_key,
> .set_lease_key = smb2_set_lease_key,
> .new_lease_key = smb2_new_lease_key,
>- .calc_signature = smb2_calc_signature,
> .is_read_op = smb21_is_read_op,
> .set_oplock_level = smb21_set_oplock_level,
> .create_lease_buf = smb2_create_lease_buf,
>@@ -5660,7 +5658,6 @@ struct smb_version_operations smb30_operations = {
> .set_lease_key = smb2_set_lease_key,
> .new_lease_key = smb2_new_lease_key,
> .generate_signingkey = generate_smb30signingkey,
>- .calc_signature = smb3_calc_signature,
> .set_integrity = smb3_set_integrity,
> .is_read_op = smb21_is_read_op,
> .set_oplock_level = smb3_set_oplock_level,
>@@ -5777,7 +5774,6 @@ struct smb_version_operations smb311_operations = {
> .set_lease_key = smb2_set_lease_key,
> .new_lease_key = smb2_new_lease_key,
> .generate_signingkey = generate_smb311signingkey,
>- .calc_signature = smb3_calc_signature,
> .set_integrity = smb3_set_integrity,
> .is_read_op = smb21_is_read_op,
> .set_oplock_level = smb3_set_oplock_level,
>diff --git a/fs/smb/client/smb2proto.h b/fs/smb/client/smb2proto.h
>index b3f1398c9f79..7e98fbe7bf33 100644
>--- a/fs/smb/client/smb2proto.h
>+++ b/fs/smb/client/smb2proto.h
>@@ -39,12 +39,6 @@ extern struct mid_q_entry *smb2_setup_async_request(
> struct TCP_Server_Info *server, struct smb_rqst *rqst);
> extern struct cifs_tcon *smb2_find_smb_tcon(struct TCP_Server_Info *server,
> __u64 ses_id, __u32 tid);
>-extern int smb2_calc_signature(struct smb_rqst *rqst,
>- struct TCP_Server_Info *server,
>- bool allocate_crypto);
>-extern int smb3_calc_signature(struct smb_rqst *rqst,
>- struct TCP_Server_Info *server,
>- bool allocate_crypto);
> extern void smb2_echo_request(struct work_struct *work);
> extern __le32 smb2_get_lease_state(struct cifsInodeInfo *cinode);
> extern bool smb2_is_valid_oplock_break(char *buffer,
>diff --git a/fs/smb/client/smb2transport.c b/fs/smb/client/smb2transport.c
>index 33f33013b392..916c131d763d 100644
>--- a/fs/smb/client/smb2transport.c
>+++ b/fs/smb/client/smb2transport.c
>@@ -247,9 +247,9 @@ smb2_find_smb_tcon(struct TCP_Server_Info *server, __u64 ses_id, __u32 tid)
> return tcon;
> }
>
>-int
>+static int
> smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server,
>- bool allocate_crypto)
>+ bool allocate_crypto)
> {
> int rc;
> unsigned char smb2_signature[SMB2_HMACSHA256_SIZE];
>@@ -576,9 +576,9 @@ generate_smb311signingkey(struct cifs_ses *ses,
> return generate_smb3signingkey(ses, server, &triplet);
> }
>
>-int
>+static int
> smb3_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server,
>- bool allocate_crypto)
>+ bool allocate_crypto)
> {
> int rc;
> unsigned char smb3_signature[SMB2_CMACAES_SIZE];
>@@ -589,6 +589,9 @@ smb3_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server,
> struct smb_rqst drqst;
> u8 key[SMB3_SIGN_KEY_SIZE];
>
>+ if ((server->vals->protocol_id & 0xf00) == 0x200)
Please use:
if (server->vals->protocol_id <= SMB21_PROT_ID)
Other than that
Acked-by: Enzo Matsumiya <ematsumiya@suse.de>
>+ return smb2_calc_signature(rqst, server, allocate_crypto);
>+
> rc = smb3_get_sign_key(le64_to_cpu(shdr->SessionId), server, key);
> if (unlikely(rc)) {
> cifs_server_dbg(FYI, "%s: Could not get signing key\n", __func__);
>@@ -657,7 +660,6 @@ smb3_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server,
> static int
> smb2_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server)
> {
>- int rc = 0;
> struct smb2_hdr *shdr;
> struct smb2_sess_setup_req *ssr;
> bool is_binding;
>@@ -684,9 +686,7 @@ smb2_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server)
> return 0;
> }
>
>- rc = server->ops->calc_signature(rqst, server, false);
>-
>- return rc;
>+ return smb3_calc_signature(rqst, server, false);
> }
>
> int
>@@ -722,7 +722,7 @@ smb2_verify_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)
>
> memset(shdr->Signature, 0, SMB2_SIGNATURE_SIZE);
>
>- rc = server->ops->calc_signature(rqst, server, true);
>+ rc = smb3_calc_signature(rqst, server, true);
>
> if (rc)
> return rc;
>
>
merged updated patch into cifs-2.6.git for-next (and also has Enzo Acked-by now)
On Mon, Oct 20, 2025 at 8:39 AM Enzo Matsumiya <ematsumiya@suse.de> wrote:
>
> Hi David,
>
> On 10/20, David Howells wrote:
> >As the SMB1 and SMB2/3 calc_signature functions are called from separate
> >sign and verify paths, just call them directly rather than using a function
> >pointer. The SMB3 calc_signature then jumps to the SMB2 variant if
> >necessary.
> >
> >Signed-off-by: David Howells <dhowells@redhat.com>
> >cc: Steve French <sfrench@samba.org>
> >cc: Paulo Alcantara <pc@manguebit.org>
> >cc: linux-cifs@vger.kernel.org
> >cc: linux-fsdevel@vger.kernel.org
> >---
> > fs/smb/client/cifsglob.h | 2 --
> > fs/smb/client/smb2ops.c | 4 ----
> > fs/smb/client/smb2proto.h | 6 ------
> > fs/smb/client/smb2transport.c | 18 +++++++++---------
> > 4 files changed, 9 insertions(+), 21 deletions(-)
> >
> >diff --git a/fs/smb/client/cifsglob.h b/fs/smb/client/cifsglob.h
> >index b91397dbb6aa..7297f0f01cb3 100644
> >--- a/fs/smb/client/cifsglob.h
> >+++ b/fs/smb/client/cifsglob.h
> >@@ -536,8 +536,6 @@ struct smb_version_operations {
> > void (*new_lease_key)(struct cifs_fid *);
> > int (*generate_signingkey)(struct cifs_ses *ses,
> > struct TCP_Server_Info *server);
> >- int (*calc_signature)(struct smb_rqst *, struct TCP_Server_Info *,
> >- bool allocate_crypto);
> > int (*set_integrity)(const unsigned int, struct cifs_tcon *tcon,
> > struct cifsFileInfo *src_file);
> > int (*enum_snapshots)(const unsigned int xid, struct cifs_tcon *tcon,
> >diff --git a/fs/smb/client/smb2ops.c b/fs/smb/client/smb2ops.c
> >index 7c392cf5940b..66eee3440df6 100644
> >--- a/fs/smb/client/smb2ops.c
> >+++ b/fs/smb/client/smb2ops.c
> >@@ -5446,7 +5446,6 @@ struct smb_version_operations smb20_operations = {
> > .get_lease_key = smb2_get_lease_key,
> > .set_lease_key = smb2_set_lease_key,
> > .new_lease_key = smb2_new_lease_key,
> >- .calc_signature = smb2_calc_signature,
> > .is_read_op = smb2_is_read_op,
> > .set_oplock_level = smb2_set_oplock_level,
> > .create_lease_buf = smb2_create_lease_buf,
> >@@ -5550,7 +5549,6 @@ struct smb_version_operations smb21_operations = {
> > .get_lease_key = smb2_get_lease_key,
> > .set_lease_key = smb2_set_lease_key,
> > .new_lease_key = smb2_new_lease_key,
> >- .calc_signature = smb2_calc_signature,
> > .is_read_op = smb21_is_read_op,
> > .set_oplock_level = smb21_set_oplock_level,
> > .create_lease_buf = smb2_create_lease_buf,
> >@@ -5660,7 +5658,6 @@ struct smb_version_operations smb30_operations = {
> > .set_lease_key = smb2_set_lease_key,
> > .new_lease_key = smb2_new_lease_key,
> > .generate_signingkey = generate_smb30signingkey,
> >- .calc_signature = smb3_calc_signature,
> > .set_integrity = smb3_set_integrity,
> > .is_read_op = smb21_is_read_op,
> > .set_oplock_level = smb3_set_oplock_level,
> >@@ -5777,7 +5774,6 @@ struct smb_version_operations smb311_operations = {
> > .set_lease_key = smb2_set_lease_key,
> > .new_lease_key = smb2_new_lease_key,
> > .generate_signingkey = generate_smb311signingkey,
> >- .calc_signature = smb3_calc_signature,
> > .set_integrity = smb3_set_integrity,
> > .is_read_op = smb21_is_read_op,
> > .set_oplock_level = smb3_set_oplock_level,
> >diff --git a/fs/smb/client/smb2proto.h b/fs/smb/client/smb2proto.h
> >index b3f1398c9f79..7e98fbe7bf33 100644
> >--- a/fs/smb/client/smb2proto.h
> >+++ b/fs/smb/client/smb2proto.h
> >@@ -39,12 +39,6 @@ extern struct mid_q_entry *smb2_setup_async_request(
> > struct TCP_Server_Info *server, struct smb_rqst *rqst);
> > extern struct cifs_tcon *smb2_find_smb_tcon(struct TCP_Server_Info *server,
> > __u64 ses_id, __u32 tid);
> >-extern int smb2_calc_signature(struct smb_rqst *rqst,
> >- struct TCP_Server_Info *server,
> >- bool allocate_crypto);
> >-extern int smb3_calc_signature(struct smb_rqst *rqst,
> >- struct TCP_Server_Info *server,
> >- bool allocate_crypto);
> > extern void smb2_echo_request(struct work_struct *work);
> > extern __le32 smb2_get_lease_state(struct cifsInodeInfo *cinode);
> > extern bool smb2_is_valid_oplock_break(char *buffer,
> >diff --git a/fs/smb/client/smb2transport.c b/fs/smb/client/smb2transport.c
> >index 33f33013b392..916c131d763d 100644
> >--- a/fs/smb/client/smb2transport.c
> >+++ b/fs/smb/client/smb2transport.c
> >@@ -247,9 +247,9 @@ smb2_find_smb_tcon(struct TCP_Server_Info *server, __u64 ses_id, __u32 tid)
> > return tcon;
> > }
> >
> >-int
> >+static int
> > smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server,
> >- bool allocate_crypto)
> >+ bool allocate_crypto)
> > {
> > int rc;
> > unsigned char smb2_signature[SMB2_HMACSHA256_SIZE];
> >@@ -576,9 +576,9 @@ generate_smb311signingkey(struct cifs_ses *ses,
> > return generate_smb3signingkey(ses, server, &triplet);
> > }
> >
> >-int
> >+static int
> > smb3_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server,
> >- bool allocate_crypto)
> >+ bool allocate_crypto)
> > {
> > int rc;
> > unsigned char smb3_signature[SMB2_CMACAES_SIZE];
> >@@ -589,6 +589,9 @@ smb3_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server,
> > struct smb_rqst drqst;
> > u8 key[SMB3_SIGN_KEY_SIZE];
> >
> >+ if ((server->vals->protocol_id & 0xf00) == 0x200)
>
> Please use:
>
> if (server->vals->protocol_id <= SMB21_PROT_ID)
>
> Other than that
>
> Acked-by: Enzo Matsumiya <ematsumiya@suse.de>
>
> >+ return smb2_calc_signature(rqst, server, allocate_crypto);
> >+
> > rc = smb3_get_sign_key(le64_to_cpu(shdr->SessionId), server, key);
> > if (unlikely(rc)) {
> > cifs_server_dbg(FYI, "%s: Could not get signing key\n", __func__);
> >@@ -657,7 +660,6 @@ smb3_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server,
> > static int
> > smb2_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server)
> > {
> >- int rc = 0;
> > struct smb2_hdr *shdr;
> > struct smb2_sess_setup_req *ssr;
> > bool is_binding;
> >@@ -684,9 +686,7 @@ smb2_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server)
> > return 0;
> > }
> >
> >- rc = server->ops->calc_signature(rqst, server, false);
> >-
> >- return rc;
> >+ return smb3_calc_signature(rqst, server, false);
> > }
> >
> > int
> >@@ -722,7 +722,7 @@ smb2_verify_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)
> >
> > memset(shdr->Signature, 0, SMB2_SIGNATURE_SIZE);
> >
> >- rc = server->ops->calc_signature(rqst, server, true);
> >+ rc = smb3_calc_signature(rqst, server, true);
> >
> > if (rc)
> > return rc;
> >
> >
>
--
Thanks,
Steve
© 2016 - 2026 Red Hat, Inc.