On Mon, 2025-02-03 at 02:07 +0000, linux@xxxxxxxxxxx wrote:
> From: "Dr. David Alan Gilbert" <linux@xxxxxxxxxxx>
>
> Commit ec596aaf9b48 ("SUNRPC: Remove code behind
> CONFIG_RPCSEC_GSS_KRB5_SIMPLIFIED") was the last user of the
> make_checksum() function.
>
> Remove it.
>
> Signed-off-by: Dr. David Alan Gilbert <linux@xxxxxxxxxxx>
> ---
> net/sunrpc/auth_gss/gss_krb5_crypto.c | 90 -------------------------
> net/sunrpc/auth_gss/gss_krb5_internal.h | 4 --
> 2 files changed, 94 deletions(-)
>
> diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c
> index 7e09b15c5538..8f2d65c1e831 100644
> --- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
> +++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
> @@ -148,96 +148,6 @@ checksummer(struct scatterlist *sg, void *data)
> return crypto_ahash_update(req);
> }
>
> -/*
> - * checksum the plaintext data and hdrlen bytes of the token header
> - * The checksum is performed over the first 8 bytes of the
> - * gss token header and then over the data body
> - */
> -u32
> -make_checksum(struct krb5_ctx *kctx, char *header, int hdrlen,
> - struct xdr_buf *body, int body_offset, u8 *cksumkey,
> - unsigned int usage, struct xdr_netobj *cksumout)
> -{
> - struct crypto_ahash *tfm;
> - struct ahash_request *req;
> - struct scatterlist sg[1];
> - int err = -1;
> - u8 *checksumdata;
> - unsigned int checksumlen;
> -
> - if (cksumout->len < kctx->gk5e->cksumlength) {
> - dprintk("%s: checksum buffer length, %u, too small for %s\n",
> - __func__, cksumout->len, kctx->gk5e->name);
> - return GSS_S_FAILURE;
> - }
> -
> - checksumdata = kmalloc(GSS_KRB5_MAX_CKSUM_LEN, GFP_KERNEL);
> - if (checksumdata == NULL)
> - return GSS_S_FAILURE;
> -
> - tfm = crypto_alloc_ahash(kctx->gk5e->cksum_name, 0, CRYPTO_ALG_ASYNC);
> - if (IS_ERR(tfm))
> - goto out_free_cksum;
> -
> - req = ahash_request_alloc(tfm, GFP_KERNEL);
> - if (!req)
> - goto out_free_ahash;
> -
> - ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL);
> -
> - checksumlen = crypto_ahash_digestsize(tfm);
> -
> - if (cksumkey != NULL) {
> - err = crypto_ahash_setkey(tfm, cksumkey,
> - kctx->gk5e->keylength);
> - if (err)
> - goto out;
> - }
> -
> - err = crypto_ahash_init(req);
> - if (err)
> - goto out;
> - sg_init_one(sg, header, hdrlen);
> - ahash_request_set_crypt(req, sg, NULL, hdrlen);
> - err = crypto_ahash_update(req);
> - if (err)
> - goto out;
> - err = xdr_process_buf(body, body_offset, body->len - body_offset,
> - checksummer, req);
> - if (err)
> - goto out;
> - ahash_request_set_crypt(req, NULL, checksumdata, 0);
> - err = crypto_ahash_final(req);
> - if (err)
> - goto out;
> -
> - switch (kctx->gk5e->ctype) {
> - case CKSUMTYPE_RSA_MD5:
> - err = krb5_encrypt(kctx->seq, NULL, checksumdata,
> - checksumdata, checksumlen);
> - if (err)
> - goto out;
> - memcpy(cksumout->data,
> - checksumdata + checksumlen - kctx->gk5e->cksumlength,
> - kctx->gk5e->cksumlength);
> - break;
> - case CKSUMTYPE_HMAC_SHA1_DES3:
> - memcpy(cksumout->data, checksumdata, kctx->gk5e->cksumlength);
> - break;
> - default:
> - BUG();
> - break;
> - }
> - cksumout->len = kctx->gk5e->cksumlength;
> -out:
> - ahash_request_free(req);
> -out_free_ahash:
> - crypto_free_ahash(tfm);
> -out_free_cksum:
> - kfree(checksumdata);
> - return err ? GSS_S_FAILURE : 0;
> -}
> -
> /**
> * gss_krb5_checksum - Compute the MAC for a GSS Wrap or MIC token
> * @tfm: an initialized hash transform
> diff --git a/net/sunrpc/auth_gss/gss_krb5_internal.h b/net/sunrpc/auth_gss/gss_krb5_internal.h
> index 0bda0078d7d8..8769e9e705bf 100644
> --- a/net/sunrpc/auth_gss/gss_krb5_internal.h
> +++ b/net/sunrpc/auth_gss/gss_krb5_internal.h
> @@ -155,10 +155,6 @@ static inline int krb5_derive_key(struct krb5_ctx *kctx,
>
> void krb5_make_confounder(u8 *p, int conflen);
>
> -u32 make_checksum(struct krb5_ctx *kctx, char *header, int hdrlen,
> - struct xdr_buf *body, int body_offset, u8 *cksumkey,
> - unsigned int usage, struct xdr_netobj *cksumout);
> -
> u32 gss_krb5_checksum(struct crypto_ahash *tfm, char *header, int hdrlen,
> const struct xdr_buf *body, int body_offset,
> struct xdr_netobj *cksumout);
> --
> 2.48.1
>
Reviewed-by: Jeff Layton <jlayton@xxxxxxxxxx>
