From nobody Sun Feb 8 05:07:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8AEBB1D5CD4; Sun, 12 Oct 2025 01:59:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234385; cv=none; b=rkg/cw7MEdnDzc1HMyH0CiAJcL9hPdEjXK0E+H9JIHyTr5A+Qnqjl7cj/C5wyEeX5W93jailX75pmgZPBW+SLMlNYtWKP5j/7ilpWqOZZmbHpkzoJp+TApmLpb/KsAMVO9G7uheUptiVbwdp3MM402HxQvB0aPf8ObeXTS0hZbI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234385; c=relaxed/simple; bh=gce5OUBuQc+Smg+z6s1ygjYENWqF7SJkJMMmMZMOOlE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=F8cNSLpLhuPdDBorZXI3F6QFuvi5uqVp54r6KNcuWBYCg8OZyeNl9Y24tEN5fXRuQGD2lc0JngLoCR7cDKl75LoXUXozRUK5dzYnsGlBjsObY6s7LOwnKcPtDKtC/DvB61ohXPDABxiJL7aGZF7loJg3KGLoeeYgaVFqguxj+b8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=fOFa2Bgf; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="fOFa2Bgf" Received: by smtp.kernel.org (Postfix) with ESMTPSA id D2841C116B1; Sun, 12 Oct 2025 01:59:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1760234385; bh=gce5OUBuQc+Smg+z6s1ygjYENWqF7SJkJMMmMZMOOlE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=fOFa2BgfmrnYt+k/zVIQi5A9Wk/A4ED+EuqcaUmW4vXpAVYR8NzprTQBkGMKK5FXB R6I8IQoKlWRD0gZSEOFcml9VksATsuEGH/VnUWOhljv8HDNUXQRAXGosI9iMjwOmXp G05ABTRcYlnmzRyBVuDx7rJgyfUFaNM7xnfiLXxunkzkNnhzMhmdn2DOBT8YO4/rPX WH5lsxHRKZQEVGA+8ri7GrjU5XjkapQrlQkqWMMiOao7OjL0zLCtmJB/m6htFt06gS S/VkCNm2eIWHMNIuoX2smph16xRf/WhjuBe+LLBqqJ3wXsmQEMsK7017I3TLqSkODm A7F1AA4qzGxig== From: Eric Biggers To: linux-cifs@vger.kernel.org, Steve French Cc: samba-technical@lists.samba.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, Paulo Alcantara , Ronnie Sahlberg , Shyam Prasad N , Tom Talpey , Bharath SM , Eric Biggers Subject: [PATCH 1/8] smb: client: Use SHA-512 library for SMB3.1.1 preauth hash Date: Sat, 11 Oct 2025 18:57:31 -0700 Message-ID: <20251012015738.244315-2-ebiggers@kernel.org> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251012015738.244315-1-ebiggers@kernel.org> References: <20251012015738.244315-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Convert smb311_update_preauth_hash() to use the SHA-512 library instead of a "sha512" crypto_shash. This is simpler and faster. With the library there's no need to allocate memory, no need to handle errors, and the SHA-512 code is accessed directly without inefficient indirect calls and other unnecessary API overhead. Remove the call to smb311_crypto_shash_allocate() from smb311_update_preauth_hash(), since it appears to have been needed only to allocate the "sha512" crypto_shash. (It also had the side effect of allocating the "cmac(aes)" crypto_shash, but that's also done in generate_key() which is where the AES-CMAC key is initialized.) For now the "sha512" crypto_shash is still being allocated elsewhere. It will be removed in a later commit. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- fs/smb/client/Kconfig | 1 + fs/smb/client/smb2misc.c | 53 +++++++++------------------------------ fs/smb/client/smb2proto.h | 6 ++--- 3 files changed, 16 insertions(+), 44 deletions(-) diff --git a/fs/smb/client/Kconfig b/fs/smb/client/Kconfig index a4c02199fef48..4ac79ff5649bf 100644 --- a/fs/smb/client/Kconfig +++ b/fs/smb/client/Kconfig @@ -14,10 +14,11 @@ config CIFS select CRYPTO_CCM select CRYPTO_GCM select CRYPTO_ECB select CRYPTO_AES select CRYPTO_LIB_ARC4 + select CRYPTO_LIB_SHA512 select KEYS select DNS_RESOLVER select ASN1 select OID_REGISTRY select NETFS_SUPPORT diff --git a/fs/smb/client/smb2misc.c b/fs/smb/client/smb2misc.c index 89d933b4a8bc2..96bfe4c63ccf9 100644 --- a/fs/smb/client/smb2misc.c +++ b/fs/smb/client/smb2misc.c @@ -5,10 +5,11 @@ * Etersoft, 2012 * Author(s): Steve French (sfrench@us.ibm.com) * Pavel Shilovsky (pshilovsky@samba.org) 2012 * */ +#include #include #include "cifsglob.h" #include "cifsproto.h" #include "smb2proto.h" #include "cifs_debug.h" @@ -886,17 +887,17 @@ smb2_handle_cancelled_mid(struct mid_q_entry *mid, st= ruct TCP_Server_Info *serve * @ses: server session structure * @server: pointer to server info * @iov: array containing the SMB request we will send to the server * @nvec: number of array entries for the iov */ -int +void smb311_update_preauth_hash(struct cifs_ses *ses, struct TCP_Server_Info *s= erver, struct kvec *iov, int nvec) { - int i, rc; + int i; struct smb2_hdr *hdr; - struct shash_desc *sha512 =3D NULL; + struct sha512_ctx sha_ctx; =20 hdr =3D (struct smb2_hdr *)iov[0].iov_base; /* neg prot are always taken */ if (hdr->Command =3D=3D SMB2_NEGOTIATE) goto ok; @@ -905,54 +906,24 @@ smb311_update_preauth_hash(struct cifs_ses *ses, stru= ct TCP_Server_Info *server, * If we process a command which wasn't a negprot it means the * neg prot was already done, so the server dialect was set * and we can test it. Preauth requires 3.1.1 for now. */ if (server->dialect !=3D SMB311_PROT_ID) - return 0; + return; =20 if (hdr->Command !=3D SMB2_SESSION_SETUP) - return 0; + return; =20 /* skip last sess setup response */ if ((hdr->Flags & SMB2_FLAGS_SERVER_TO_REDIR) && (hdr->Status =3D=3D NT_STATUS_OK || (hdr->Status !=3D cpu_to_le32(NT_STATUS_MORE_PROCESSING_REQUIRED)))) - return 0; + return; =20 ok: - rc =3D smb311_crypto_shash_allocate(server); - if (rc) - return rc; - - sha512 =3D server->secmech.sha512; - rc =3D crypto_shash_init(sha512); - if (rc) { - cifs_dbg(VFS, "%s: Could not init sha512 shash\n", __func__); - return rc; - } - - rc =3D crypto_shash_update(sha512, ses->preauth_sha_hash, - SMB2_PREAUTH_HASH_SIZE); - if (rc) { - cifs_dbg(VFS, "%s: Could not update sha512 shash\n", __func__); - return rc; - } - - for (i =3D 0; i < nvec; i++) { - rc =3D crypto_shash_update(sha512, iov[i].iov_base, iov[i].iov_len); - if (rc) { - cifs_dbg(VFS, "%s: Could not update sha512 shash\n", - __func__); - return rc; - } - } - - rc =3D crypto_shash_final(sha512, ses->preauth_sha_hash); - if (rc) { - cifs_dbg(VFS, "%s: Could not finalize sha512 shash\n", - __func__); - return rc; - } - - return 0; + sha512_init(&sha_ctx); + sha512_update(&sha_ctx, ses->preauth_sha_hash, SMB2_PREAUTH_HASH_SIZE); + for (i =3D 0; i < nvec; i++) + sha512_update(&sha_ctx, iov[i].iov_base, iov[i].iov_len); + sha512_final(&sha_ctx, ses->preauth_sha_hash); } diff --git a/fs/smb/client/smb2proto.h b/fs/smb/client/smb2proto.h index b3f1398c9f790..e7cda885c39f0 100644 --- a/fs/smb/client/smb2proto.h +++ b/fs/smb/client/smb2proto.h @@ -294,13 +294,13 @@ extern int smb2_validate_and_copy_iov(unsigned int of= fset, unsigned int minbufsize, char *data); extern void smb2_copy_fs_info_to_kstatfs( struct smb2_fs_full_size_info *pfs_inf, struct kstatfs *kst); extern int smb311_crypto_shash_allocate(struct TCP_Server_Info *server); -extern int smb311_update_preauth_hash(struct cifs_ses *ses, - struct TCP_Server_Info *server, - struct kvec *iov, int nvec); +extern void smb311_update_preauth_hash(struct cifs_ses *ses, + struct TCP_Server_Info *server, + struct kvec *iov, int nvec); extern int smb2_query_info_compound(const unsigned int xid, struct cifs_tcon *tcon, const char *path, u32 desired_access, u32 class, u32 type, u32 output_len, struct kvec *rsp, int *buftype, --=20 2.51.0 From nobody Sun Feb 8 05:07:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 020B51DC198; Sun, 12 Oct 2025 01:59:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234386; cv=none; b=Q1jtoL9HIBolQ3IB0N2JEIKXSuRDikoFdRXRq5CmpQI9iRVIJvqJ0vHjBBGkn0Vq3u4OqvYzpuRHUM6USZphvTngz/gnvz3jy0787LYeGTtng3w45RaOBuyqMRgS0HNN8+NYZ0PX9ahl/huQagHX6HvuRAL9f4dCtLca+KE2WSo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234386; c=relaxed/simple; bh=CFwwvsQDJoXU8kuloHYUxNSwdl7+OvrAbXEAKBrRTe8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=oCojj8RytR7aVz5B7VwfcbsGNbrsMssAaOw88wZkA5YRG5Uf+XCgUvk9csq3X4FedRRO9us4jcOhv/JB5fBPNkRPXygcg3CSFgH900VMLeZ1mkFcfTs2/Uy0TclHzgfuyP/6rcvnJtk8fRyen7ft++/Ve3HQnIj3uugAeutpRQ4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=jmS8iJ5w; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="jmS8iJ5w" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5404AC4CEF9; Sun, 12 Oct 2025 01:59:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1760234385; bh=CFwwvsQDJoXU8kuloHYUxNSwdl7+OvrAbXEAKBrRTe8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=jmS8iJ5wZo2v/APcs9jWMtqsxbTgtSEjmDdCu3oDUiknoCMzKkmOgdUHCWJrTbS4b Hzdb53bi94VrmBLcx4CTAuh9o7ywWsWBwefpoism2V1G2DirNqoov69rz9yPowI1do MpiGiKdO27bAp2jPhYah4+CFjj7HOmkZ77JJXyM7uz2Q5Tou6/TZ/wJ0i2X2xDG2AQ j55ePl7Sokh6zCyzTEz+JU83ofSsWCNBIr1YgJSk7+VKi2+5ZddUDp9QzHjgwlpCTe E/zotRg8dClJx0KKFWz5Kv/yfR3JgYJfwCoYCkSrkO3pEqXVecMen/zRkCR3iQoj8K lX2n9F70kELcw== From: Eric Biggers To: linux-cifs@vger.kernel.org, Steve French Cc: samba-technical@lists.samba.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, Paulo Alcantara , Ronnie Sahlberg , Shyam Prasad N , Tom Talpey , Bharath SM , Eric Biggers Subject: [PATCH 2/8] smb: client: Use HMAC-SHA256 library for key generation Date: Sat, 11 Oct 2025 18:57:32 -0700 Message-ID: <20251012015738.244315-3-ebiggers@kernel.org> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251012015738.244315-1-ebiggers@kernel.org> References: <20251012015738.244315-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Convert generate_key() to use the HMAC-SHA256 library instead of a "hmac(sha256)" crypto_shash. This is simpler and faster. With the library there's no need to allocate memory, no need to handle errors, and the HMAC-SHA256 code is accessed directly without inefficient indirect calls and other unnecessary API overhead. Also remove the unnecessary 'hashptr' variable. For now smb3_crypto_shash_allocate() still allocates a "hmac(sha256)" crypto_shash. It will be removed in a later commit. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- fs/smb/client/Kconfig | 1 + fs/smb/client/smb2transport.c | 68 ++++++++--------------------------- 2 files changed, 15 insertions(+), 54 deletions(-) diff --git a/fs/smb/client/Kconfig b/fs/smb/client/Kconfig index 4ac79ff5649bf..f0c1ff8544f67 100644 --- a/fs/smb/client/Kconfig +++ b/fs/smb/client/Kconfig @@ -14,10 +14,11 @@ config CIFS select CRYPTO_CCM select CRYPTO_GCM select CRYPTO_ECB select CRYPTO_AES select CRYPTO_LIB_ARC4 + select CRYPTO_LIB_SHA256 select CRYPTO_LIB_SHA512 select KEYS select DNS_RESOLVER select ASN1 select OID_REGISTRY diff --git a/fs/smb/client/smb2transport.c b/fs/smb/client/smb2transport.c index 33f33013b3927..bde96eace8c94 100644 --- a/fs/smb/client/smb2transport.c +++ b/fs/smb/client/smb2transport.c @@ -17,10 +17,11 @@ #include #include #include #include #include +#include #include "cifsglob.h" #include "cifsproto.h" #include "smb2proto.h" #include "cifs_debug.h" #include "../common/smb2status.h" @@ -334,80 +335,39 @@ static int generate_key(struct cifs_ses *ses, struct = kvec label, __u8 i[4] =3D {0, 0, 0, 1}; __u8 L128[4] =3D {0, 0, 0, 128}; __u8 L256[4] =3D {0, 0, 1, 0}; int rc =3D 0; unsigned char prfhash[SMB2_HMACSHA256_SIZE]; - unsigned char *hashptr =3D prfhash; struct TCP_Server_Info *server =3D ses->server; + struct hmac_sha256_ctx hmac_ctx; =20 memset(prfhash, 0x0, SMB2_HMACSHA256_SIZE); memset(key, 0x0, key_size); =20 rc =3D smb3_crypto_shash_allocate(server); if (rc) { cifs_server_dbg(VFS, "%s: crypto alloc failed\n", __func__); - goto smb3signkey_ret; - } - - rc =3D crypto_shash_setkey(server->secmech.hmacsha256->tfm, - ses->auth_key.response, SMB2_NTLMV2_SESSKEY_SIZE); - if (rc) { - cifs_server_dbg(VFS, "%s: Could not set with session key\n", __func__); - goto smb3signkey_ret; - } - - rc =3D crypto_shash_init(server->secmech.hmacsha256); - if (rc) { - cifs_server_dbg(VFS, "%s: Could not init sign hmac\n", __func__); - goto smb3signkey_ret; - } - - rc =3D crypto_shash_update(server->secmech.hmacsha256, i, 4); - if (rc) { - cifs_server_dbg(VFS, "%s: Could not update with n\n", __func__); - goto smb3signkey_ret; - } - - rc =3D crypto_shash_update(server->secmech.hmacsha256, label.iov_base, la= bel.iov_len); - if (rc) { - cifs_server_dbg(VFS, "%s: Could not update with label\n", __func__); - goto smb3signkey_ret; - } - - rc =3D crypto_shash_update(server->secmech.hmacsha256, &zero, 1); - if (rc) { - cifs_server_dbg(VFS, "%s: Could not update with zero\n", __func__); - goto smb3signkey_ret; + return rc; } =20 - rc =3D crypto_shash_update(server->secmech.hmacsha256, context.iov_base, = context.iov_len); - if (rc) { - cifs_server_dbg(VFS, "%s: Could not update with context\n", __func__); - goto smb3signkey_ret; - } + hmac_sha256_init_usingrawkey(&hmac_ctx, ses->auth_key.response, + SMB2_NTLMV2_SESSKEY_SIZE); + hmac_sha256_update(&hmac_ctx, i, 4); + hmac_sha256_update(&hmac_ctx, label.iov_base, label.iov_len); + hmac_sha256_update(&hmac_ctx, &zero, 1); + hmac_sha256_update(&hmac_ctx, context.iov_base, context.iov_len); =20 if ((server->cipher_type =3D=3D SMB2_ENCRYPTION_AES256_CCM) || (server->cipher_type =3D=3D SMB2_ENCRYPTION_AES256_GCM)) { - rc =3D crypto_shash_update(server->secmech.hmacsha256, L256, 4); + hmac_sha256_update(&hmac_ctx, L256, 4); } else { - rc =3D crypto_shash_update(server->secmech.hmacsha256, L128, 4); - } - if (rc) { - cifs_server_dbg(VFS, "%s: Could not update with L\n", __func__); - goto smb3signkey_ret; + hmac_sha256_update(&hmac_ctx, L128, 4); } + hmac_sha256_final(&hmac_ctx, prfhash); =20 - rc =3D crypto_shash_final(server->secmech.hmacsha256, hashptr); - if (rc) { - cifs_server_dbg(VFS, "%s: Could not generate sha256 hash\n", __func__); - goto smb3signkey_ret; - } - - memcpy(key, hashptr, key_size); - -smb3signkey_ret: - return rc; + memcpy(key, prfhash, key_size); + return 0; } =20 struct derivation { struct kvec label; struct kvec context; --=20 2.51.0 From nobody Sun Feb 8 05:07:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9445D1DF75B; Sun, 12 Oct 2025 01:59:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234386; cv=none; b=LfbWehseQbOUNh3LmipSEnOfAuFWeyug5K7n1bsGovq2zzVLUejmQvSD6+770YEGSXX5hhXVsz2Tg6VqPGkFQQSFlaaIVUSvtAlHxKQ6L/xqEjzUch+YHdnaO8iWDSW4Sgg6U3cZsq6HtKix0LFzkYDCbScTq77IoVyLDd22Bv8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234386; c=relaxed/simple; bh=jA2FZfxhMt+Si3tAOFKV6vLTDHlRUvrqQRWqaoJ6Ieo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=DhXS7o7FHPaXx2HkwcovLj8FAih4sE/iOdCP2Mfa4xXaUeiFPf9IqTimeieLJp+GbeVlgP+tMAWNYg3gSMHJ0w+I2lid6/iezCMy5NM7R1PXcePgOJVWeyoBbUx9zvgyMkcr8tBxRr+03EgeaR15oKnslhiLPrpsEeAXqUlg2SU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=kGIj1BEK; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="kGIj1BEK" Received: by smtp.kernel.org (Postfix) with ESMTPSA id CA03CC113D0; Sun, 12 Oct 2025 01:59:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1760234386; bh=jA2FZfxhMt+Si3tAOFKV6vLTDHlRUvrqQRWqaoJ6Ieo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=kGIj1BEKaeQNdOQJatY5joQ+mhAEmceSlsKZ07M995GmsWcevhNyI72yekQyflvmp OiAIf64Khoz1HHwJUrEoFFPNqxg9NUCl3F/OT8GNHVyZwFailW5Pp/6aBXpMyYDUIr 03FqqwtTUIKAIhQ4tdDkNXMDign9Tsmeo5XOQQHV/KjsxC5D+wXHsT/T574vEK541j wAV28xUb+Kl3sAWuBwlLzHyB0WsjIiAgakUex4oHzXFA90fx9Kj97vS6pKWalVs3Zk AhCOpaItBbULbLBgSSomWvKyIJLr5Yu0LioaEi9dugeSNddJO8f0544w4h07bPjjqv fobeEWN+6MWWg== From: Eric Biggers To: linux-cifs@vger.kernel.org, Steve French Cc: samba-technical@lists.samba.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, Paulo Alcantara , Ronnie Sahlberg , Shyam Prasad N , Tom Talpey , Bharath SM , Eric Biggers Subject: [PATCH 3/8] smb: client: Use HMAC-SHA256 library for SMB2 signature calculation Date: Sat, 11 Oct 2025 18:57:33 -0700 Message-ID: <20251012015738.244315-4-ebiggers@kernel.org> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251012015738.244315-1-ebiggers@kernel.org> References: <20251012015738.244315-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Convert smb2_calc_signature() to use the HMAC-SHA256 library instead of a "hmac(sha256)" crypto_shash. This is simpler and faster. With the library there's no need to allocate memory, no need to handle errors, and the HMAC-SHA256 code is accessed directly without inefficient indirect calls and other unnecessary API overhead. To make this possible, make __cifs_calc_signature() support both the HMAC-SHA256 library and crypto_shash. (crypto_shash is still needed for HMAC-MD5 and AES-CMAC. A later commit will switch HMAC-MD5 from shash to the library. I'd like to eventually do the same for AES-CMAC, but it doesn't have a library API yet. So for now, shash is still needed.) Also remove the unnecessary 'sigptr' variable. For now smb3_crypto_shash_allocate() still allocates a "hmac(sha256)" crypto_shash. It will be removed in a later commit. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- fs/smb/client/cifsencrypt.c | 52 +++++++++++++++++++++++----------- fs/smb/client/cifsproto.h | 9 ++++-- fs/smb/client/smb2transport.c | 53 ++++++++--------------------------- 3 files changed, 53 insertions(+), 61 deletions(-) diff --git a/fs/smb/client/cifsencrypt.c b/fs/smb/client/cifsencrypt.c index 7b7c8c38fdd08..9522088a1cfb7 100644 --- a/fs/smb/client/cifsencrypt.c +++ b/fs/smb/client/cifsencrypt.c @@ -22,43 +22,62 @@ #include #include #include #include #include +#include =20 -static size_t cifs_shash_step(void *iter_base, size_t progress, size_t len, - void *priv, void *priv2) +static int cifs_sig_update(struct cifs_calc_sig_ctx *ctx, + const u8 *data, size_t len) { - struct shash_desc *shash =3D priv; + if (ctx->hmac) { + hmac_sha256_update(ctx->hmac, data, len); + return 0; + } + return crypto_shash_update(ctx->shash, data, len); +} + +static int cifs_sig_final(struct cifs_calc_sig_ctx *ctx, u8 *out) +{ + if (ctx->hmac) { + hmac_sha256_final(ctx->hmac, out); + return 0; + } + return crypto_shash_final(ctx->shash, out); +} + +static size_t cifs_sig_step(void *iter_base, size_t progress, size_t len, + void *priv, void *priv2) +{ + struct cifs_calc_sig_ctx *ctx =3D priv; int ret, *pret =3D priv2; =20 - ret =3D crypto_shash_update(shash, iter_base, len); + ret =3D cifs_sig_update(ctx, iter_base, len); if (ret < 0) { *pret =3D ret; return len; } return 0; } =20 /* * Pass the data from an iterator into a hash. */ -static int cifs_shash_iter(const struct iov_iter *iter, size_t maxsize, - struct shash_desc *shash) +static int cifs_sig_iter(const struct iov_iter *iter, size_t maxsize, + struct cifs_calc_sig_ctx *ctx) { struct iov_iter tmp_iter =3D *iter; int err =3D -EIO; =20 - if (iterate_and_advance_kernel(&tmp_iter, maxsize, shash, &err, - cifs_shash_step) !=3D maxsize) + if (iterate_and_advance_kernel(&tmp_iter, maxsize, ctx, &err, + cifs_sig_step) !=3D maxsize) return err; return 0; } =20 -int __cifs_calc_signature(struct smb_rqst *rqst, - struct TCP_Server_Info *server, char *signature, - struct shash_desc *shash) +int __cifs_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *s= erver, + char *signature, struct cifs_calc_sig_ctx *ctx) { int i; ssize_t rc; struct kvec *iov =3D rqst->rq_iov; int n_vec =3D rqst->rq_nvec; @@ -80,24 +99,23 @@ int __cifs_calc_signature(struct smb_rqst *rqst, if (iov[i].iov_base =3D=3D NULL) { cifs_dbg(VFS, "null iovec entry\n"); return -EIO; } =20 - rc =3D crypto_shash_update(shash, - iov[i].iov_base, iov[i].iov_len); + rc =3D cifs_sig_update(ctx, iov[i].iov_base, iov[i].iov_len); if (rc) { cifs_dbg(VFS, "%s: Could not update with payload\n", __func__); return rc; } } =20 - rc =3D cifs_shash_iter(&rqst->rq_iter, iov_iter_count(&rqst->rq_iter), sh= ash); + rc =3D cifs_sig_iter(&rqst->rq_iter, iov_iter_count(&rqst->rq_iter), ctx); if (rc < 0) return rc; =20 - rc =3D crypto_shash_final(shash, signature); + rc =3D cifs_sig_final(ctx, signature); if (rc) cifs_dbg(VFS, "%s: Could not generate hash\n", __func__); =20 return rc; } @@ -132,11 +150,13 @@ static int cifs_calc_signature(struct smb_rqst *rqst, if (rc) { cifs_dbg(VFS, "%s: Could not update with response\n", __func__); return rc; } =20 - return __cifs_calc_signature(rqst, server, signature, server->secmech.md5= ); + return __cifs_calc_signature( + rqst, server, signature, + &(struct cifs_calc_sig_ctx){ .shash =3D server->secmech.md5 }); } =20 /* must be called with server->srv_mutex held */ int cifs_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server, __u32 *pexpected_response_sequence_number) diff --git a/fs/smb/client/cifsproto.h b/fs/smb/client/cifsproto.h index e8fba98690ce3..3bb74eea0e4ff 100644 --- a/fs/smb/client/cifsproto.h +++ b/fs/smb/client/cifsproto.h @@ -630,13 +630,16 @@ int cifs_query_mf_symlink(unsigned int xid, struct ci= fs_tcon *tcon, unsigned int *pbytes_read); int cifs_create_mf_symlink(unsigned int xid, struct cifs_tcon *tcon, struct cifs_sb_info *cifs_sb, const unsigned char *path, char *pbuf, unsigned int *pbytes_written); -int __cifs_calc_signature(struct smb_rqst *rqst, - struct TCP_Server_Info *server, char *signature, - struct shash_desc *shash); +struct cifs_calc_sig_ctx { + struct hmac_sha256_ctx *hmac; + struct shash_desc *shash; +}; +int __cifs_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *s= erver, + char *signature, struct cifs_calc_sig_ctx *ctx); enum securityEnum cifs_select_sectype(struct TCP_Server_Info *, enum securityEnum); =20 int cifs_alloc_hash(const char *name, struct shash_desc **sdesc); void cifs_free_hash(struct shash_desc **sdesc); diff --git a/fs/smb/client/smb2transport.c b/fs/smb/client/smb2transport.c index bde96eace8c94..89258accc2203 100644 --- a/fs/smb/client/smb2transport.c +++ b/fs/smb/client/smb2transport.c @@ -252,14 +252,13 @@ int smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server, bool allocate_crypto) { int rc; unsigned char smb2_signature[SMB2_HMACSHA256_SIZE]; - unsigned char *sigptr =3D smb2_signature; struct kvec *iov =3D rqst->rq_iov; struct smb2_hdr *shdr =3D (struct smb2_hdr *)iov[0].iov_base; - struct shash_desc *shash =3D NULL; + struct hmac_sha256_ctx hmac_ctx; struct smb_rqst drqst; __u64 sid =3D le64_to_cpu(shdr->SessionId); u8 key[SMB2_NTLMV2_SESSKEY_SIZE]; =20 rc =3D smb2_get_sign_key(server, sid, key); @@ -270,63 +269,32 @@ smb2_calc_signature(struct smb_rqst *rqst, struct TCP= _Server_Info *server, } =20 memset(smb2_signature, 0x0, SMB2_HMACSHA256_SIZE); memset(shdr->Signature, 0x0, SMB2_SIGNATURE_SIZE); =20 - if (allocate_crypto) { - rc =3D cifs_alloc_hash("hmac(sha256)", &shash); - if (rc) { - cifs_server_dbg(VFS, - "%s: sha256 alloc failed\n", __func__); - goto out; - } - } else { - shash =3D server->secmech.hmacsha256; - } - - rc =3D crypto_shash_setkey(shash->tfm, key, sizeof(key)); - if (rc) { - cifs_server_dbg(VFS, - "%s: Could not update with response\n", - __func__); - goto out; - } - - rc =3D crypto_shash_init(shash); - if (rc) { - cifs_server_dbg(VFS, "%s: Could not init sha256", __func__); - goto out; - } + hmac_sha256_init_usingrawkey(&hmac_ctx, key, sizeof(key)); =20 /* * For SMB2+, __cifs_calc_signature() expects to sign only the actual * data, that is, iov[0] should not contain a rfc1002 length. * * Sign the rfc1002 length prior to passing the data (iov[1-N]) down to * __cifs_calc_signature(). */ drqst =3D *rqst; if (drqst.rq_nvec >=3D 2 && iov[0].iov_len =3D=3D 4) { - rc =3D crypto_shash_update(shash, iov[0].iov_base, - iov[0].iov_len); - if (rc) { - cifs_server_dbg(VFS, - "%s: Could not update with payload\n", - __func__); - goto out; - } + hmac_sha256_update(&hmac_ctx, iov[0].iov_base, iov[0].iov_len); drqst.rq_iov++; drqst.rq_nvec--; } =20 - rc =3D __cifs_calc_signature(&drqst, server, sigptr, shash); + rc =3D __cifs_calc_signature( + &drqst, server, smb2_signature, + &(struct cifs_calc_sig_ctx){ .hmac =3D &hmac_ctx }); if (!rc) - memcpy(shdr->Signature, sigptr, SMB2_SIGNATURE_SIZE); + memcpy(shdr->Signature, smb2_signature, SMB2_SIGNATURE_SIZE); =20 -out: - if (allocate_crypto) - cifs_free_hash(&shash); return rc; } =20 static int generate_key(struct cifs_ses *ses, struct kvec label, struct kvec context, __u8 *key, unsigned int key_size) @@ -540,11 +508,10 @@ int smb3_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server, bool allocate_crypto) { int rc; unsigned char smb3_signature[SMB2_CMACAES_SIZE]; - unsigned char *sigptr =3D smb3_signature; struct kvec *iov =3D rqst->rq_iov; struct smb2_hdr *shdr =3D (struct smb2_hdr *)iov[0].iov_base; struct shash_desc *shash =3D NULL; struct smb_rqst drqst; u8 key[SMB3_SIGN_KEY_SIZE]; @@ -601,13 +568,15 @@ smb3_calc_signature(struct smb_rqst *rqst, struct TCP= _Server_Info *server, } drqst.rq_iov++; drqst.rq_nvec--; } =20 - rc =3D __cifs_calc_signature(&drqst, server, sigptr, shash); + rc =3D __cifs_calc_signature( + &drqst, server, smb3_signature, + &(struct cifs_calc_sig_ctx){ .shash =3D shash }); if (!rc) - memcpy(shdr->Signature, sigptr, SMB2_SIGNATURE_SIZE); + memcpy(shdr->Signature, smb3_signature, SMB2_SIGNATURE_SIZE); =20 out: if (allocate_crypto) cifs_free_hash(&shash); return rc; --=20 2.51.0 From nobody Sun Feb 8 05:07:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BC9E81E0DFE; Sun, 12 Oct 2025 01:59:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234386; cv=none; b=ZXTNC9rzzv9yA2aihBrcPYHoPR1DVtnwtL7CpDg4OohDWAC/LsW9K1wYFDSo5W8BOvVSHLzCosbH1zm0UMsrf4ydPFc+x3c1oNqgAU4SWPgO9Dz8vNPjCIOrrBGht5/B4w7hv/TSEY2w3ixkcn+6zR1T6l2DyIZkXUBKwbMdSaY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234386; c=relaxed/simple; bh=JhHxre8sN4Y1ugTTLTf0Yhjkw9zjfabtQaNOSXJn+OU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=LJfx5kYoDJ793c6IWdsQxqk2ZM0natXQWefZestdKuzeXbRvVuYOFvpzNuy4/h9XKxEC8k5idvWCF2I0h6qKjwDo6xaMkfCQQ8k1B6Oj/ghavo0TeFF/fbqq7MEMCFPnr7A/fGjGWVXEIpSk2hcJFVE2pIqOzZcuy4xj1w3XgeM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=sa30SE0+; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="sa30SE0+" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4B95FC4CEF9; Sun, 12 Oct 2025 01:59:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1760234386; bh=JhHxre8sN4Y1ugTTLTf0Yhjkw9zjfabtQaNOSXJn+OU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=sa30SE0+EqxZyaE63NhzySKXds81BVuFMAZIUhwiffgHWzABbBQG9NAjqIu+fSede Lj6Yg9xae/goWaRuySxh19XVDzLc2RvVXi1PlRkEEMcxkamzBipF/MaRwEAOZjpn1J eUHBmHbENwi3UefeoAd82vZsHef4xD8JxgFac9lCFnanOmSv1jn2GRD7qFOvS0ILOy n2bHdgtImzZJvS23Skuhze89+6SkEmkyGaAAaiCiCnn7V6tAj+feLqAUQVDxCCW2Aa H/Ib5LxeJy4VzXQOgdCsSKfGPaAdT3+XrQ2sC1Ju+xVULfUu0dXwDGaQyEjpG7bm+5 e7izBmIHvV+HA== From: Eric Biggers To: linux-cifs@vger.kernel.org, Steve French Cc: samba-technical@lists.samba.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, Paulo Alcantara , Ronnie Sahlberg , Shyam Prasad N , Tom Talpey , Bharath SM , Eric Biggers Subject: [PATCH 4/8] smb: client: Use MD5 library for M-F symlink hashing Date: Sat, 11 Oct 2025 18:57:34 -0700 Message-ID: <20251012015738.244315-5-ebiggers@kernel.org> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251012015738.244315-1-ebiggers@kernel.org> References: <20251012015738.244315-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Convert parse_mf_symlink() and format_mf_symlink() to use the MD5 library instead of a "md5" crypto_shash. This is simpler and faster. With the library there's no need to allocate memory, no need to handle errors, and the MD5 code is accessed directly without inefficient indirect calls and other unnecessary API overhead. This also fixes an issue where these functions did not work on kernels booted in FIPS mode. The use of MD5 here is for data integrity rather than a security purpose, so it can use a non-FIPS-approved algorithm. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- fs/smb/client/Kconfig | 1 + fs/smb/client/link.c | 31 +++---------------------------- 2 files changed, 4 insertions(+), 28 deletions(-) diff --git a/fs/smb/client/Kconfig b/fs/smb/client/Kconfig index f0c1ff8544f67..f5a980bdfc939 100644 --- a/fs/smb/client/Kconfig +++ b/fs/smb/client/Kconfig @@ -14,10 +14,11 @@ config CIFS select CRYPTO_CCM select CRYPTO_GCM select CRYPTO_ECB select CRYPTO_AES select CRYPTO_LIB_ARC4 + select CRYPTO_LIB_MD5 select CRYPTO_LIB_SHA256 select CRYPTO_LIB_SHA512 select KEYS select DNS_RESOLVER select ASN1 diff --git a/fs/smb/client/link.c b/fs/smb/client/link.c index fe80e711cd756..70f3c0c67eebd 100644 --- a/fs/smb/client/link.c +++ b/fs/smb/client/link.c @@ -3,10 +3,11 @@ * * Copyright (C) International Business Machines Corp., 2002,2008 * Author(s): Steve French (sfrench@us.ibm.com) * */ +#include #include #include #include #include #include "cifsfs.h" @@ -34,27 +35,10 @@ =20 #define CIFS_MF_SYMLINK_LEN_FORMAT "XSym\n%04u\n" #define CIFS_MF_SYMLINK_MD5_FORMAT "%16phN\n" #define CIFS_MF_SYMLINK_MD5_ARGS(md5_hash) md5_hash =20 -static int -symlink_hash(unsigned int link_len, const char *link_str, u8 *md5_hash) -{ - int rc; - struct shash_desc *md5 =3D NULL; - - rc =3D cifs_alloc_hash("md5", &md5); - if (rc) - return rc; - - rc =3D crypto_shash_digest(md5, link_str, link_len, md5_hash); - if (rc) - cifs_dbg(VFS, "%s: Could not generate md5 hash\n", __func__); - cifs_free_hash(&md5); - return rc; -} - static int parse_mf_symlink(const u8 *buf, unsigned int buf_len, unsigned int *_link_= len, char **_link_str) { int rc; @@ -75,15 +59,11 @@ parse_mf_symlink(const u8 *buf, unsigned int buf_len, u= nsigned int *_link_len, return -EINVAL; =20 if (link_len > CIFS_MF_SYMLINK_LINK_MAXLEN) return -EINVAL; =20 - rc =3D symlink_hash(link_len, link_str, md5_hash); - if (rc) { - cifs_dbg(FYI, "%s: MD5 hash failure: %d\n", __func__, rc); - return rc; - } + md5(link_str, link_len, md5_hash); =20 scnprintf(md5_str2, sizeof(md5_str2), CIFS_MF_SYMLINK_MD5_FORMAT, CIFS_MF_SYMLINK_MD5_ARGS(md5_hash)); =20 @@ -101,11 +81,10 @@ parse_mf_symlink(const u8 *buf, unsigned int buf_len, = unsigned int *_link_len, } =20 static int format_mf_symlink(u8 *buf, unsigned int buf_len, const char *link_str) { - int rc; unsigned int link_len; unsigned int ofs; u8 md5_hash[16]; =20 if (buf_len !=3D CIFS_MF_SYMLINK_FILE_SIZE) @@ -114,15 +93,11 @@ format_mf_symlink(u8 *buf, unsigned int buf_len, const= char *link_str) link_len =3D strlen(link_str); =20 if (link_len > CIFS_MF_SYMLINK_LINK_MAXLEN) return -ENAMETOOLONG; =20 - rc =3D symlink_hash(link_len, link_str, md5_hash); - if (rc) { - cifs_dbg(FYI, "%s: MD5 hash failure: %d\n", __func__, rc); - return rc; - } + md5(link_str, link_len, md5_hash); =20 scnprintf(buf, buf_len, CIFS_MF_SYMLINK_LEN_FORMAT CIFS_MF_SYMLINK_MD5_FORMAT, link_len, CIFS_MF_SYMLINK_MD5_ARGS(md5_hash)); --=20 2.51.0 From nobody Sun Feb 8 05:07:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3D55E1EB9FA; Sun, 12 Oct 2025 01:59:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234387; cv=none; b=KK6+pUVAA2vJq0NXOti55U0TjOqTjFwcfd6e+Om7yL5TkIYD693X60Ky4WwUIDHx0ietWzxqtzZcbW9oQ9V3uOEdTW06nk36cvkyruq75pJDO5uBDTh1+vhNT/kGi6GcwJwEPSpuN9KZwCde2yEWBjHA+XjAZo/HaouvQc/lzSc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234387; c=relaxed/simple; bh=BeoMBztbvcFX7rlY3UlLBL/j/SrAexLozHMH/LcR0Eg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ALhK9kmQe4ljWHsVWS9XcBUHMQBmTPgT22vu1SOfh9vVZQkRWlO4aYvb9g5b8uy/w1IYOVvy0nDz6mplqTXah3xTb8QysPVWd/vNx26XifrjJYwCKE2Hg8Ibl3Jto7FDaIPPEE6+88n/vGiKSUuViKuMmduWVPqESZ8VZP7pgK0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=N/HdaC4u; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="N/HdaC4u" Received: by smtp.kernel.org (Postfix) with ESMTPSA id C09C2C116B1; Sun, 12 Oct 2025 01:59:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1760234387; bh=BeoMBztbvcFX7rlY3UlLBL/j/SrAexLozHMH/LcR0Eg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=N/HdaC4uMmXHTdT/xwfRNxGkdiy2jHuLg1LULk7maMj+wD1Z5ajherw1whr2B5e18 ZE+xAYUnyUfn6uDMobTxz4MaOzJVUjvq0tm/9nchPlMhCJkRgA6rKXJzEkvoXj6USO A1JBSfHmEK5us02Vzoqn7AThV8pcLrFXFYwruECHyMEvToRMlRpFbG5kqQnVJDMCDm SLYUPP6XBI+1OIfE/n/mSR2B/VruZihrDgH41uxu+YyCgGsizvkI+68CsBbgp2RNaO OCt/W8gd8dL/k0/Ge/a4/r0Yd/wgT/mVUVZGStJPPy9Dxh2fILgyUih69GNaZM2BEm 4nCO/ylPjB6qw== From: Eric Biggers To: linux-cifs@vger.kernel.org, Steve French Cc: samba-technical@lists.samba.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, Paulo Alcantara , Ronnie Sahlberg , Shyam Prasad N , Tom Talpey , Bharath SM , Eric Biggers Subject: [PATCH 5/8] smb: client: Use MD5 library for SMB1 signature calculation Date: Sat, 11 Oct 2025 18:57:35 -0700 Message-ID: <20251012015738.244315-6-ebiggers@kernel.org> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251012015738.244315-1-ebiggers@kernel.org> References: <20251012015738.244315-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Convert cifs_calc_signature() to use the MD5 library instead of a "md5" crypto_shash. This is simpler and faster. With the library there's no need to allocate memory, no need to handle errors, and the MD5 code is accessed directly without inefficient indirect calls and other unnecessary API overhead. To preserve the existing behavior of MD5 signature support being disabled when the kernel is booted with "fips=3D1", make cifs_calc_signature() check fips_enabled itself. Previously it relied on the error from cifs_alloc_hash("md5", &server->secmech.md5). Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- fs/smb/client/cifsencrypt.c | 34 +++++++++++++++++----------------- fs/smb/client/cifsproto.h | 1 + 2 files changed, 18 insertions(+), 17 deletions(-) diff --git a/fs/smb/client/cifsencrypt.c b/fs/smb/client/cifsencrypt.c index 9522088a1cfb7..80215ba7a5744 100644 --- a/fs/smb/client/cifsencrypt.c +++ b/fs/smb/client/cifsencrypt.c @@ -22,24 +22,33 @@ #include #include #include #include #include +#include #include =20 static int cifs_sig_update(struct cifs_calc_sig_ctx *ctx, const u8 *data, size_t len) { + if (ctx->md5) { + md5_update(ctx->md5, data, len); + return 0; + } if (ctx->hmac) { hmac_sha256_update(ctx->hmac, data, len); return 0; } return crypto_shash_update(ctx->shash, data, len); } =20 static int cifs_sig_final(struct cifs_calc_sig_ctx *ctx, u8 *out) { + if (ctx->md5) { + md5_final(ctx->md5, out); + return 0; + } if (ctx->hmac) { hmac_sha256_final(ctx->hmac, out); return 0; } return crypto_shash_final(ctx->shash, out); @@ -128,35 +137,26 @@ int __cifs_calc_signature(struct smb_rqst *rqst, stru= ct TCP_Server_Info *server, * should be called with the server->srv_mutex held. */ static int cifs_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server, char *signature) { - int rc; + struct md5_ctx ctx; =20 if (!rqst->rq_iov || !signature || !server) return -EINVAL; - - rc =3D cifs_alloc_hash("md5", &server->secmech.md5); - if (rc) - return -1; - - rc =3D crypto_shash_init(server->secmech.md5); - if (rc) { - cifs_dbg(VFS, "%s: Could not init md5\n", __func__); - return rc; + if (fips_enabled) { + cifs_dbg(VFS, + "MD5 signature support is disabled due to FIPS\n"); + return -EOPNOTSUPP; } =20 - rc =3D crypto_shash_update(server->secmech.md5, - server->session_key.response, server->session_key.len); - if (rc) { - cifs_dbg(VFS, "%s: Could not update with response\n", __func__); - return rc; - } + md5_init(&ctx); + md5_update(&ctx, server->session_key.response, server->session_key.len); =20 return __cifs_calc_signature( rqst, server, signature, - &(struct cifs_calc_sig_ctx){ .shash =3D server->secmech.md5 }); + &(struct cifs_calc_sig_ctx){ .md5 =3D &ctx }); } =20 /* must be called with server->srv_mutex held */ int cifs_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server, __u32 *pexpected_response_sequence_number) diff --git a/fs/smb/client/cifsproto.h b/fs/smb/client/cifsproto.h index 3bb74eea0e4ff..4976be2c47c14 100644 --- a/fs/smb/client/cifsproto.h +++ b/fs/smb/client/cifsproto.h @@ -631,10 +631,11 @@ int cifs_query_mf_symlink(unsigned int xid, struct ci= fs_tcon *tcon, int cifs_create_mf_symlink(unsigned int xid, struct cifs_tcon *tcon, struct cifs_sb_info *cifs_sb, const unsigned char *path, char *pbuf, unsigned int *pbytes_written); struct cifs_calc_sig_ctx { + struct md5_ctx *md5; struct hmac_sha256_ctx *hmac; struct shash_desc *shash; }; int __cifs_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *s= erver, char *signature, struct cifs_calc_sig_ctx *ctx); --=20 2.51.0 From nobody Sun Feb 8 05:07:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1CB4920F08E; Sun, 12 Oct 2025 01:59:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234389; cv=none; b=c/6uqXoYjRSrJG+YfCH65Ca64fUNwuUXFDbuuq8zLamTFjGAmAk1sKkxWxzY4E52hs67nc465umMH7Y9HwPHHc39PowzkWmm57CHVOlT9aisOhG9m3HK2GBsYtiyYrKwDoUZ99KomH6Jp3ZDaWWG1Nr0L8dO8xJEd2nG70y2l5Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234389; c=relaxed/simple; bh=J6mbhHXU0seemf1o87nmEu43wEPi9saI0VMIAbjq9mw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=jUxe/0FGGv+hyrkkIDspnhxHS8g/JijqrP2Rvjm/PPpyZgEG1RX63mNvJemGY1/veJuQJsc/ShwCJHaH3KIadaSOZVx07d3Eta+cy3Lj4yCtP22ARfywiBZnT84OC0GiYl5gqsg+ghRUlkieO1bfhmHgeDUBY7JR+h1k9karD4U= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=kIImpOmL; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="kIImpOmL" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 41E24C4AF09; Sun, 12 Oct 2025 01:59:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1760234387; bh=J6mbhHXU0seemf1o87nmEu43wEPi9saI0VMIAbjq9mw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=kIImpOmLVSuiSsv4S+rFxYlKi8EwLJnegWbA/vPc0+eTLH26dyMnyCiPsMnHya2Py 2+CoT/Dx8oYwvHdtGF04wPpg1xdbAfk4KCXkllb+EBfLjesFlRogsROtHfUXzhgNS+ 2GulfyiVFUTPS8+xlwj0TJLTPhVPTTOHg62r4937ukloDVrWpK6nUuGi1d4WoSofVf P3+4s2TjmSEIPwy2YrMkMOcUgFrMe5YvN9a+QrivOMMgChn+lJB0QRyTpx+fudFd2t f1C3WgDM2jbkWQcIZubIwOJrYbaY2hT/13L+1HlNzizATC+Y5tOhdPb7SeBbkYpoCh cyH4H+e1u9+fA== From: Eric Biggers To: linux-cifs@vger.kernel.org, Steve French Cc: samba-technical@lists.samba.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, Paulo Alcantara , Ronnie Sahlberg , Shyam Prasad N , Tom Talpey , Bharath SM , Eric Biggers Subject: [PATCH 6/8] smb: client: Use HMAC-MD5 library for NTLMv2 Date: Sat, 11 Oct 2025 18:57:36 -0700 Message-ID: <20251012015738.244315-7-ebiggers@kernel.org> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251012015738.244315-1-ebiggers@kernel.org> References: <20251012015738.244315-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" For the HMAC-MD5 computations in NTLMv2, use the HMAC-MD5 library instead of a "hmac(md5)" crypto_shash. This is simpler and faster. With the library there's no need to allocate memory, no need to handle errors, and the HMAC-MD5 code is accessed directly without inefficient indirect calls and other unnecessary API overhead. To preserve the existing behavior of NTLMv2 support being disabled when the kernel is booted with "fips=3D1", make setup_ntlmv2_rsp() check fips_enabled itself. Previously it relied on the error from cifs_alloc_hash("hmac(md5)", &hmacmd5). Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- fs/smb/client/cifsencrypt.c | 114 +++++++----------------------------- 1 file changed, 22 insertions(+), 92 deletions(-) diff --git a/fs/smb/client/cifsencrypt.c b/fs/smb/client/cifsencrypt.c index 80215ba7a5744..bbcf3b05c19ab 100644 --- a/fs/smb/client/cifsencrypt.c +++ b/fs/smb/client/cifsencrypt.c @@ -423,33 +423,23 @@ static __le64 find_timestamp(struct cifs_ses *ses) ktime_get_real_ts64(&ts); return cpu_to_le64(cifs_UnixTimeToNT(ts)); } =20 static int calc_ntlmv2_hash(struct cifs_ses *ses, char *ntlmv2_hash, - const struct nls_table *nls_cp, struct shash_desc *hmacmd5) + const struct nls_table *nls_cp) { - int rc =3D 0; int len; char nt_hash[CIFS_NTHASH_SIZE]; + struct hmac_md5_ctx hmac_ctx; __le16 *user; wchar_t *domain; wchar_t *server; =20 /* calculate md4 hash of password */ E_md4hash(ses->password, nt_hash, nls_cp); =20 - rc =3D crypto_shash_setkey(hmacmd5->tfm, nt_hash, CIFS_NTHASH_SIZE); - if (rc) { - cifs_dbg(VFS, "%s: Could not set NT hash as a key, rc=3D%d\n", __func__,= rc); - return rc; - } - - rc =3D crypto_shash_init(hmacmd5); - if (rc) { - cifs_dbg(VFS, "%s: Could not init HMAC-MD5, rc=3D%d\n", __func__, rc); - return rc; - } + hmac_md5_init_usingrawkey(&hmac_ctx, nt_hash, CIFS_NTHASH_SIZE); =20 /* convert ses->user_name to unicode */ len =3D ses->user_name ? strlen(ses->user_name) : 0; user =3D kmalloc(2 + (len * 2), GFP_KERNEL); if (user =3D=3D NULL) @@ -460,16 +450,12 @@ static int calc_ntlmv2_hash(struct cifs_ses *ses, cha= r *ntlmv2_hash, UniStrupr(user); } else { *(u16 *)user =3D 0; } =20 - rc =3D crypto_shash_update(hmacmd5, (char *)user, 2 * len); + hmac_md5_update(&hmac_ctx, (const u8 *)user, 2 * len); kfree(user); - if (rc) { - cifs_dbg(VFS, "%s: Could not update with user, rc=3D%d\n", __func__, rc); - return rc; - } =20 /* convert ses->domainName to unicode and uppercase */ if (ses->domainName) { len =3D strlen(ses->domainName); =20 @@ -477,81 +463,48 @@ static int calc_ntlmv2_hash(struct cifs_ses *ses, cha= r *ntlmv2_hash, if (domain =3D=3D NULL) return -ENOMEM; =20 len =3D cifs_strtoUTF16((__le16 *)domain, ses->domainName, len, nls_cp); - rc =3D crypto_shash_update(hmacmd5, (char *)domain, 2 * len); + hmac_md5_update(&hmac_ctx, (const u8 *)domain, 2 * len); kfree(domain); - if (rc) { - cifs_dbg(VFS, "%s: Could not update with domain, rc=3D%d\n", __func__, = rc); - return rc; - } } else { /* We use ses->ip_addr if no domain name available */ len =3D strlen(ses->ip_addr); =20 server =3D kmalloc(2 + (len * 2), GFP_KERNEL); if (server =3D=3D NULL) return -ENOMEM; =20 len =3D cifs_strtoUTF16((__le16 *)server, ses->ip_addr, len, nls_cp); - rc =3D crypto_shash_update(hmacmd5, (char *)server, 2 * len); + hmac_md5_update(&hmac_ctx, (const u8 *)server, 2 * len); kfree(server); - if (rc) { - cifs_dbg(VFS, "%s: Could not update with server, rc=3D%d\n", __func__, = rc); - return rc; - } } =20 - rc =3D crypto_shash_final(hmacmd5, ntlmv2_hash); - if (rc) - cifs_dbg(VFS, "%s: Could not generate MD5 hash, rc=3D%d\n", __func__, rc= ); - - return rc; + hmac_md5_final(&hmac_ctx, ntlmv2_hash); + return 0; } =20 -static int -CalcNTLMv2_response(const struct cifs_ses *ses, char *ntlmv2_hash, struct = shash_desc *hmacmd5) +static void CalcNTLMv2_response(const struct cifs_ses *ses, char *ntlmv2_h= ash) { - int rc; struct ntlmv2_resp *ntlmv2 =3D (struct ntlmv2_resp *) (ses->auth_key.response + CIFS_SESS_KEY_SIZE); unsigned int hash_len; =20 /* The MD5 hash starts at challenge_key.key */ hash_len =3D ses->auth_key.len - (CIFS_SESS_KEY_SIZE + offsetof(struct ntlmv2_resp, challenge.key[0])); =20 - rc =3D crypto_shash_setkey(hmacmd5->tfm, ntlmv2_hash, CIFS_HMAC_MD5_HASH_= SIZE); - if (rc) { - cifs_dbg(VFS, "%s: Could not set NTLMv2 hash as a key, rc=3D%d\n", __fun= c__, rc); - return rc; - } - - rc =3D crypto_shash_init(hmacmd5); - if (rc) { - cifs_dbg(VFS, "%s: Could not init HMAC-MD5, rc=3D%d\n", __func__, rc); - return rc; - } - if (ses->server->negflavor =3D=3D CIFS_NEGFLAVOR_EXTENDED) memcpy(ntlmv2->challenge.key, ses->ntlmssp->cryptkey, CIFS_SERVER_CHALLE= NGE_SIZE); else memcpy(ntlmv2->challenge.key, ses->server->cryptkey, CIFS_SERVER_CHALLEN= GE_SIZE); =20 - rc =3D crypto_shash_update(hmacmd5, ntlmv2->challenge.key, hash_len); - if (rc) { - cifs_dbg(VFS, "%s: Could not update with response, rc=3D%d\n", __func__,= rc); - return rc; - } - - /* Note that the MD5 digest over writes anon.challenge_key.key */ - rc =3D crypto_shash_final(hmacmd5, ntlmv2->ntlmv2_hash); - if (rc) - cifs_dbg(VFS, "%s: Could not generate MD5 hash, rc=3D%d\n", __func__, rc= ); - - return rc; + /* Note that the HMAC-MD5 value overwrites ntlmv2->challenge.key */ + hmac_md5_usingrawkey(ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE, + ntlmv2->challenge.key, hash_len, + ntlmv2->ntlmv2_hash); } =20 /* * Set up NTLMv2 response blob with SPN (cifs/) appended to the * existing list of AV pairs. @@ -604,11 +557,10 @@ static int set_auth_key_response(struct cifs_ses *ses) } =20 int setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp) { - struct shash_desc *hmacmd5 =3D NULL; unsigned char *tiblob =3D NULL; /* target info blob */ struct ntlmv2_resp *ntlmv2; char ntlmv2_hash[16]; __le64 rsp_timestamp; __u64 cc; @@ -675,55 +627,33 @@ setup_ntlmv2_rsp(struct cifs_ses *ses, const struct n= ls_table *nls_cp) ntlmv2->reserved =3D 0; ntlmv2->time =3D rsp_timestamp; ntlmv2->client_chal =3D cc; ntlmv2->reserved2 =3D 0; =20 - rc =3D cifs_alloc_hash("hmac(md5)", &hmacmd5); - if (rc) { - cifs_dbg(VFS, "Could not allocate HMAC-MD5, rc=3D%d\n", rc); + if (fips_enabled) { + cifs_dbg(VFS, "NTLMv2 support is disabled due to FIPS\n"); + rc =3D -EOPNOTSUPP; goto unlock; } =20 /* calculate ntlmv2_hash */ - rc =3D calc_ntlmv2_hash(ses, ntlmv2_hash, nls_cp, hmacmd5); + rc =3D calc_ntlmv2_hash(ses, ntlmv2_hash, nls_cp); if (rc) { cifs_dbg(VFS, "Could not get NTLMv2 hash, rc=3D%d\n", rc); goto unlock; } =20 /* calculate first part of the client response (CR1) */ - rc =3D CalcNTLMv2_response(ses, ntlmv2_hash, hmacmd5); - if (rc) { - cifs_dbg(VFS, "Could not calculate CR1, rc=3D%d\n", rc); - goto unlock; - } + CalcNTLMv2_response(ses, ntlmv2_hash); =20 /* now calculate the session key for NTLMv2 */ - rc =3D crypto_shash_setkey(hmacmd5->tfm, ntlmv2_hash, CIFS_HMAC_MD5_HASH_= SIZE); - if (rc) { - cifs_dbg(VFS, "%s: Could not set NTLMv2 hash as a key, rc=3D%d\n", __fun= c__, rc); - goto unlock; - } - - rc =3D crypto_shash_init(hmacmd5); - if (rc) { - cifs_dbg(VFS, "%s: Could not init HMAC-MD5, rc=3D%d\n", __func__, rc); - goto unlock; - } - - rc =3D crypto_shash_update(hmacmd5, ntlmv2->ntlmv2_hash, CIFS_HMAC_MD5_HA= SH_SIZE); - if (rc) { - cifs_dbg(VFS, "%s: Could not update with response, rc=3D%d\n", __func__,= rc); - goto unlock; - } - - rc =3D crypto_shash_final(hmacmd5, ses->auth_key.response); - if (rc) - cifs_dbg(VFS, "%s: Could not generate MD5 hash, rc=3D%d\n", __func__, rc= ); + hmac_md5_usingrawkey(ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE, + ntlmv2->ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE, + ses->auth_key.response); + rc =3D 0; unlock: cifs_server_unlock(ses->server); - cifs_free_hash(&hmacmd5); setup_ntlmv2_rsp_ret: kfree_sensitive(tiblob); =20 return rc; } --=20 2.51.0 From nobody Sun Feb 8 05:07:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7BF0E2153D2; Sun, 12 Oct 2025 01:59:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234389; cv=none; b=deETar3eQD5kzUN6zrWKJ8S42uj79BJpAbcYFeh/H+blQoaYmNHYp+b4Fa+BQTmv+NZqHkxxXyUSG109P6aJc/edJiKc7lK0SfJvd5fE5Bsmx4QQzWPb6HAARq2Jk8eRTlveXR2EUBrRpmQaIjYknjXyE7LnsnI/Mkuuzc3E4yM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234389; c=relaxed/simple; bh=HHm6pOVf3sXBU3OQBSM5qr/7AHVRHIgZ/gieJ/a5ZQ4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=W8HaENpLJevaonIFa01OMYCABY44TE9mCri0daA+sFCdlm+WBkXM93yvKL3gk0YViTw7bRvopyTBRfwIUYHePHsHfyS9c0nIdNaXfvlITi4/XcHpvsTUAQSLrOdUL/px0MyW2r0zEXQ5hoIcgu+h4uSJOd4KSaMxH7/V+XrGOuI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=aqhjxUsc; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="aqhjxUsc" Received: by smtp.kernel.org (Postfix) with ESMTPSA id B89E8C4AF0B; Sun, 12 Oct 2025 01:59:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1760234388; bh=HHm6pOVf3sXBU3OQBSM5qr/7AHVRHIgZ/gieJ/a5ZQ4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=aqhjxUsc4ywtaQlokdKDqKbCRA5CyYQm1lk/0pTxq/nIpBi+mwzgy3Y6jNeXHi+3y R05NLQYxEcZL34GbgR9WR4jmvXWDuCn1TCmsovkVweYiSfchAVj2eJN6ZeyTHJ6+xr Nixkr9LHao9w/RLuZjErdz3jExn6wTh0LeusFucQezfCgk5Z5L+QVmzuOzx/dYjuT+ +jVCW3bqMSy2WgTIFG5T9CEfp/lnihyjgsrw9xW1E9QQ4rIwfgdQjjhzUQ5Fq8dM2S Xbh843sXNlUHPkVrxOUWFAHJdWlD1E72vRvRTKIUFvYhCaP018ICZUtayILJy+W/52 8MA9HG46EHj6w== From: Eric Biggers To: linux-cifs@vger.kernel.org, Steve French Cc: samba-technical@lists.samba.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, Paulo Alcantara , Ronnie Sahlberg , Shyam Prasad N , Tom Talpey , Bharath SM , Eric Biggers Subject: [PATCH 7/8] smb: client: Remove obsolete crypto_shash allocations Date: Sat, 11 Oct 2025 18:57:37 -0700 Message-ID: <20251012015738.244315-8-ebiggers@kernel.org> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251012015738.244315-1-ebiggers@kernel.org> References: <20251012015738.244315-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now that the SMB client accesses MD5, HMAC-MD5, HMAC-SHA256, and SHA-512 only via the library API and not via crypto_shash, allocating crypto_shash objects for these algorithms is no longer necessary. Remove all these allocations, their corresponding kconfig selections, and their corresponding module soft dependencies. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- fs/smb/client/Kconfig | 4 ---- fs/smb/client/cifsencrypt.c | 3 --- fs/smb/client/cifsfs.c | 4 ---- fs/smb/client/cifsglob.h | 3 --- fs/smb/client/smb2transport.c | 35 ++--------------------------------- 5 files changed, 2 insertions(+), 47 deletions(-) diff --git a/fs/smb/client/Kconfig b/fs/smb/client/Kconfig index f5a980bdfc939..17bd368574e94 100644 --- a/fs/smb/client/Kconfig +++ b/fs/smb/client/Kconfig @@ -3,15 +3,11 @@ config CIFS tristate "SMB3 and CIFS support (advanced network filesystem)" depends on INET select NLS select NLS_UCS2_UTILS select CRYPTO - select CRYPTO_MD5 - select CRYPTO_SHA256 - select CRYPTO_SHA512 select CRYPTO_CMAC - select CRYPTO_HMAC select CRYPTO_AEAD2 select CRYPTO_CCM select CRYPTO_GCM select CRYPTO_ECB select CRYPTO_AES diff --git a/fs/smb/client/cifsencrypt.c b/fs/smb/client/cifsencrypt.c index bbcf3b05c19ab..801824825ecf2 100644 --- a/fs/smb/client/cifsencrypt.c +++ b/fs/smb/client/cifsencrypt.c @@ -691,13 +691,10 @@ calc_seckey(struct cifs_ses *ses) =20 void cifs_crypto_secmech_release(struct TCP_Server_Info *server) { cifs_free_hash(&server->secmech.aes_cmac); - cifs_free_hash(&server->secmech.hmacsha256); - cifs_free_hash(&server->secmech.md5); - cifs_free_hash(&server->secmech.sha512); =20 if (server->secmech.enc) { crypto_free_aead(server->secmech.enc); server->secmech.enc =3D NULL; } diff --git a/fs/smb/client/cifsfs.c b/fs/smb/client/cifsfs.c index 05b1fa76e8ccf..4f959f1e08d23 100644 --- a/fs/smb/client/cifsfs.c +++ b/fs/smb/client/cifsfs.c @@ -2137,17 +2137,13 @@ MODULE_LICENSE("GPL"); /* combination of LGPL + GPL= source behaves as GPL */ MODULE_DESCRIPTION ("VFS to access SMB3 servers e.g. Samba, Macs, Azure and Windows (and " "also older servers complying with the SNIA CIFS Specification)"); MODULE_VERSION(CIFS_VERSION); MODULE_SOFTDEP("ecb"); -MODULE_SOFTDEP("hmac"); -MODULE_SOFTDEP("md5"); MODULE_SOFTDEP("nls"); MODULE_SOFTDEP("aes"); MODULE_SOFTDEP("cmac"); -MODULE_SOFTDEP("sha256"); -MODULE_SOFTDEP("sha512"); MODULE_SOFTDEP("aead2"); MODULE_SOFTDEP("ccm"); MODULE_SOFTDEP("gcm"); module_init(init_cifs) module_exit(exit_cifs) diff --git a/fs/smb/client/cifsglob.h b/fs/smb/client/cifsglob.h index 8f6f567d7474f..8932aa612db4a 100644 --- a/fs/smb/client/cifsglob.h +++ b/fs/smb/client/cifsglob.h @@ -219,13 +219,10 @@ struct session_key { char *response; }; =20 /* crypto hashing related structure/fields, not specific to a sec mech */ struct cifs_secmech { - struct shash_desc *md5; /* md5 hash function, for CIFS/SMB1 signatures */ - struct shash_desc *hmacsha256; /* hmac-sha256 hash function, for SMB2 sig= natures */ - struct shash_desc *sha512; /* sha512 hash function, for SMB3.1.1 preauth = hash */ struct shash_desc *aes_cmac; /* block-cipher based MAC function, for SMB3= signatures */ =20 struct crypto_aead *enc; /* smb3 encryption AEAD TFM (AES-CCM and AES-GCM= ) */ struct crypto_aead *dec; /* smb3 decryption AEAD TFM (AES-CCM and AES-GCM= ) */ }; diff --git a/fs/smb/client/smb2transport.c b/fs/smb/client/smb2transport.c index 89258accc2203..cd689bc27bfdc 100644 --- a/fs/smb/client/smb2transport.c +++ b/fs/smb/client/smb2transport.c @@ -29,53 +29,22 @@ =20 static int smb3_crypto_shash_allocate(struct TCP_Server_Info *server) { struct cifs_secmech *p =3D &server->secmech; - int rc; - - rc =3D cifs_alloc_hash("hmac(sha256)", &p->hmacsha256); - if (rc) - goto err; - - rc =3D cifs_alloc_hash("cmac(aes)", &p->aes_cmac); - if (rc) - goto err; =20 - return 0; -err: - cifs_free_hash(&p->hmacsha256); - return rc; + return cifs_alloc_hash("cmac(aes)", &p->aes_cmac); } =20 int smb311_crypto_shash_allocate(struct TCP_Server_Info *server) { struct cifs_secmech *p =3D &server->secmech; - int rc =3D 0; =20 - rc =3D cifs_alloc_hash("hmac(sha256)", &p->hmacsha256); - if (rc) - return rc; - - rc =3D cifs_alloc_hash("cmac(aes)", &p->aes_cmac); - if (rc) - goto err; - - rc =3D cifs_alloc_hash("sha512", &p->sha512); - if (rc) - goto err; - - return 0; - -err: - cifs_free_hash(&p->aes_cmac); - cifs_free_hash(&p->hmacsha256); - return rc; + return cifs_alloc_hash("cmac(aes)", &p->aes_cmac); } =20 - static int smb3_get_sign_key(__u64 ses_id, struct TCP_Server_Info *server, u8 *ke= y) { struct cifs_chan *chan; struct TCP_Server_Info *pserver; --=20 2.51.0 From nobody Sun Feb 8 05:07:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ABEC320126A; Sun, 12 Oct 2025 01:59:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234388; cv=none; b=YdH283ce9059970rJ+vu3n7/ZoWneLZSbztYyrPbbxOAM+5ooW8Llsrn3l3v9K8eQSUTXn0diPAyVTHR4GMezdKf2tWDePJJVciB5fkE7kOo476sdzkbWQ0KV08BgjGRBiS9tlWRBCL3LUnHRfQBP14XhchuE8Rlj6157ul9VmM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1760234388; c=relaxed/simple; bh=68uQaOv1+uvhvQouwuek8F2wnHh0nnIbcccW1KgVb2g=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=A7fjjZQGLXVMgjMTgqV4p3dG4fvr00020CYAkQy7VFudzRN/+AShVo/TW5qIIPCYR8/lYuNSEZ+Eu377VZtWwCgQijTzUG7GSG1fKegKusVDNTHM4WL/ot4tHmZEI2fB/8gkhUdGV0wmjVQflhpRjQE9cNDOR5vr1jrVzsgaJag= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=FbM0R5dj; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="FbM0R5dj" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3A54DC116C6; Sun, 12 Oct 2025 01:59:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1760234388; bh=68uQaOv1+uvhvQouwuek8F2wnHh0nnIbcccW1KgVb2g=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=FbM0R5djZTm0S99UUljKvf6qqa7s0wQ5i/slLm0bWAmG0y3kNMwAcz73FapbTXCl2 B7YixY/GU6hExfPP5ZSRcPhzyQBhpDFKjL+Bh2xh1KjPM0rXXpQpgVO9+T76lo2CiL P6wVjwB5DQTyIY9octvl/B7bcuMsw51YhvE/EbiO5zSB4V2TGZe+pI28TkDHLjeEVw S+Yzja43QlhGQaLudM8BupaX1fQV7cMF1Q1a3vAzVNCwONO0LubdRGf4A/yRfjWLKE GjjRzqlokfgS+4nZ9P9pc6RShNo4L6IoXDvjhYr1P0QOB/dVHqGssFaDqYMGrS/IbA SiodS1DlZ084Q== From: Eric Biggers To: linux-cifs@vger.kernel.org, Steve French Cc: samba-technical@lists.samba.org, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, Paulo Alcantara , Ronnie Sahlberg , Shyam Prasad N , Tom Talpey , Bharath SM , Eric Biggers Subject: [PATCH 8/8] smb: client: Consolidate cmac(aes) shash allocation Date: Sat, 11 Oct 2025 18:57:38 -0700 Message-ID: <20251012015738.244315-9-ebiggers@kernel.org> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251012015738.244315-1-ebiggers@kernel.org> References: <20251012015738.244315-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now that smb3_crypto_shash_allocate() and smb311_crypto_shash_allocate() are identical and only allocate "cmac(aes)", delete the latter and replace the call to it with the former. Signed-off-by: Eric Biggers Acked-by: Ard Biesheuvel --- fs/smb/client/sess.c | 2 +- fs/smb/client/smb2proto.h | 2 +- fs/smb/client/smb2transport.c | 10 +--------- 3 files changed, 3 insertions(+), 11 deletions(-) diff --git a/fs/smb/client/sess.c b/fs/smb/client/sess.c index 0a8c2fcc9dedf..ef3b498b0a02a 100644 --- a/fs/smb/client/sess.c +++ b/fs/smb/client/sess.c @@ -582,11 +582,11 @@ cifs_ses_add_channel(struct cifs_ses *ses, /* * We need to allocate the server crypto now as we will need * to sign packets before we generate the channel signing key * (we sign with the session key) */ - rc =3D smb311_crypto_shash_allocate(chan->server); + rc =3D smb3_crypto_shash_allocate(chan->server); if (rc) { cifs_dbg(VFS, "%s: crypto alloc failed\n", __func__); mutex_unlock(&ses->session_mutex); goto out; } diff --git a/fs/smb/client/smb2proto.h b/fs/smb/client/smb2proto.h index e7cda885c39f0..6eb86d134abcc 100644 --- a/fs/smb/client/smb2proto.h +++ b/fs/smb/client/smb2proto.h @@ -293,11 +293,11 @@ extern int smb2_validate_and_copy_iov(unsigned int of= fset, struct kvec *iov, unsigned int minbufsize, char *data); extern void smb2_copy_fs_info_to_kstatfs( struct smb2_fs_full_size_info *pfs_inf, struct kstatfs *kst); -extern int smb311_crypto_shash_allocate(struct TCP_Server_Info *server); +extern int smb3_crypto_shash_allocate(struct TCP_Server_Info *server); extern void smb311_update_preauth_hash(struct cifs_ses *ses, struct TCP_Server_Info *server, struct kvec *iov, int nvec); extern int smb2_query_info_compound(const unsigned int xid, struct cifs_tcon *tcon, diff --git a/fs/smb/client/smb2transport.c b/fs/smb/client/smb2transport.c index cd689bc27bfdc..ad6068e17a2a9 100644 --- a/fs/smb/client/smb2transport.c +++ b/fs/smb/client/smb2transport.c @@ -25,20 +25,12 @@ #include "smb2proto.h" #include "cifs_debug.h" #include "../common/smb2status.h" #include "smb2glob.h" =20 -static int -smb3_crypto_shash_allocate(struct TCP_Server_Info *server) -{ - struct cifs_secmech *p =3D &server->secmech; - - return cifs_alloc_hash("cmac(aes)", &p->aes_cmac); -} - int -smb311_crypto_shash_allocate(struct TCP_Server_Info *server) +smb3_crypto_shash_allocate(struct TCP_Server_Info *server) { struct cifs_secmech *p =3D &server->secmech; =20 return cifs_alloc_hash("cmac(aes)", &p->aes_cmac); } --=20 2.51.0