Re: Limiting allocation of smb2 crypto structs to smb2 mounts

Steve French <smfrench@xxxxxxxxx> · Sun, 30 Jun 2013 22:58:17 -0500



On Sun, Jun 30, 2013 at 10:55 PM, Shirish Pargaonkar
<shirishpargaonkar@xxxxxxxxx> wrote:
> On Sun, Jun 30, 2013 at 2:10 PM, Steve French <smfrench@xxxxxxxxx> wrote:
>> Updated patch to try to prevent allocation of smb2 or smb3 crypto
>> secmech structures unless needed.  There is probably more updates that
>> could be done to cleanup cifs - but the more important part is to get
>> the smb2/smb3 part cleaned up.
>>
<snip>>
>>  int
>>  smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)
>>  {
>> @@ -52,6 +111,9 @@ smb2_calc_signature(struct smb_rqst *rqst, struct
>> TCP_Server_Info *server)
>>         memset(smb2_signature, 0x0, SMB2_HMACSHA256_SIZE);
>>         memset(smb2_pdu->Signature, 0x0, SMB2_SIGNATURE_SIZE);
>>
>> +       if (server->secmech.hmacsha256 == NULL)
>> +               smb2_crypto_shash_allocate(server);
>> +
>
> I think we should check for error here
>
>>         rc = crypto_shash_setkey(server->secmech.hmacsha256,
>>                 server->session_key.response, SMB2_NTLMV2_SESSKEY_SIZE);
>>         if (rc) {
>> @@ -129,6 +191,10 @@ generate_smb3signingkey(struct TCP_Server_Info *server)
>>         memset(prfhash, 0x0, SMB2_HMACSHA256_SIZE);
>>         memset(server->smb3signingkey, 0x0, SMB3_SIGNKEY_SIZE);
>>
>> +       /* SMB3 essentially requires signing so no harm allocating it early */
>> +       if (server->secmech.hmacsha256 == NULL)
>> +               smb3_crypto_shash_allocate(server);
>> +
>
> This should be smb2_crypto_shash_allocate(sever), with error checked.
>
>>         rc = crypto_shash_setkey(server->secmech.hmacsha256,
>>                 server->session_key.response, SMB2_NTLMV2_SESSKEY_SIZE);
>>         if (rc) {
>> @@ -210,6 +276,9 @@ smb3_calc_signature(struct smb_rqst *rqst, struct
>> TCP_Server_Info *server)
>>                 return rc;
>>         }
>>
>> +       /* we already allocate sdesccmacaes when we init smb3 signing key,
>> +          so unlike smb2 we do not have to check here if secmech
>> +          are initialized */
>
> I do not see code to allocate cmac-aes.  I think we should do it in
> function smb3_calc_signature.  cmac-aes is not needed to generate the
> smb3 signing key.
> So there should be this call with error checked.
>
>           if (server->secmech.cmacaes == NULL)
>              smb3_crypto_shash_allocate(server);
>

Yes


-- 
Thanks,

Steve
--
To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html