This is a note to let you know that I've just added the patch titled ksmbd: fix wrong signingkey creation when encryption is AES256 to the 6.2-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: ksmbd-fix-wrong-signingkey-creation-when-encryption-is-aes256.patch and it can be found in the queue-6.2 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 7a891d4b62d62566323676cb0e922ded4f37afe1 Mon Sep 17 00:00:00 2001 From: Namjae Jeon <linkinjeon@xxxxxxxxxx> Date: Wed, 1 Mar 2023 00:01:21 +0900 Subject: ksmbd: fix wrong signingkey creation when encryption is AES256 From: Namjae Jeon <linkinjeon@xxxxxxxxxx> commit 7a891d4b62d62566323676cb0e922ded4f37afe1 upstream. MacOS and Win11 support AES256 encrytion and it is included in the cipher array of encryption context. Especially on macOS, The most preferred cipher is AES256. Connecting to ksmbd fails on newer MacOS clients that support AES256 encryption. MacOS send disconnect request after receiving final session setup response from ksmbd. Because final session setup is signed with signing key was generated incorrectly. For signging key, 'L' value should be initialized to 128 if key size is 16bytes. Cc: stable@xxxxxxxxxxxxxxx Reported-by: Miao Lihua <441884205@xxxxxx> Tested-by: Miao Lihua <441884205@xxxxxx> Signed-off-by: Namjae Jeon <linkinjeon@xxxxxxxxxx> Signed-off-by: Steve French <stfrench@xxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- fs/ksmbd/auth.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) --- a/fs/ksmbd/auth.c +++ b/fs/ksmbd/auth.c @@ -727,8 +727,9 @@ static int generate_key(struct ksmbd_con goto smb3signkey_ret; } - if (conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM || - conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM) + if (key_size == SMB3_ENC_DEC_KEY_SIZE && + (conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM || + conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), L256, 4); else rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), L128, 4); Patches currently in stable-queue which might be from linkinjeon@xxxxxxxxxx are queue-6.2/ksmbd-fix-wrong-signingkey-creation-when-encryption-is-aes256.patch queue-6.2/ksmbd-set-file_named_streams-attribute-in-fs_attribute_information.patch queue-6.2/ksmbd-add-low-bound-validation-to-fsctl_query_alloca.patch queue-6.2/ksmbd-fix-possible-refcount-leak-in-smb2_open.patch queue-6.2/ksmbd-return-status_not_supported-on-unsupported-smb2.0-dialect.patch queue-6.2/ksmbd-don-t-terminate-inactive-sessions-after-a-few-seconds.patch queue-6.2/ksmbd-return-unsupported-error-on-smb1-mount.patch queue-6.2/ksmbd-add-low-bound-validation-to-fsctl_set_zero_dat.patch