This is a note to let you know that I've just added the patch titled cifs: Fix smbencrypt() to stop pointing a scatterlist at the stack to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: cifs-fix-smbencrypt-to-stop-pointing-a-scatterlist-at-the-stack.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 06deeec77a5a689cc94b21a8a91a76e42176685d Mon Sep 17 00:00:00 2001 From: Andy Lutomirski <luto@xxxxxxxxxx> Date: Mon, 12 Dec 2016 12:54:37 -0800 Subject: cifs: Fix smbencrypt() to stop pointing a scatterlist at the stack From: Andy Lutomirski <luto@xxxxxxxxxx> commit 06deeec77a5a689cc94b21a8a91a76e42176685d upstream. smbencrypt() points a scatterlist to the stack, which is breaks if CONFIG_VMAP_STACK=y. Fix it by switching to crypto_cipher_encrypt_one(). The new code should be considerably faster as an added benefit. This code is nearly identical to some code that Eric Biggers suggested. Reported-by: Eric Biggers <ebiggers3@xxxxxxxxx> Signed-off-by: Andy Lutomirski <luto@xxxxxxxxxx> Acked-by: Jeff Layton <jlayton@xxxxxxxxxx> Signed-off-by: Steve French <smfrench@xxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- fs/cifs/smbencrypt.c | 40 ++++++++-------------------------------- 1 file changed, 8 insertions(+), 32 deletions(-) --- a/fs/cifs/smbencrypt.c +++ b/fs/cifs/smbencrypt.c @@ -23,7 +23,7 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ -#include <crypto/skcipher.h> +#include <linux/crypto.h> #include <linux/module.h> #include <linux/slab.h> #include <linux/fs.h> @@ -69,46 +69,22 @@ str_to_key(unsigned char *str, unsigned static int smbhash(unsigned char *out, const unsigned char *in, unsigned char *key) { - int rc; unsigned char key2[8]; - struct crypto_skcipher *tfm_des; - struct scatterlist sgin, sgout; - struct skcipher_request *req; + struct crypto_cipher *tfm_des; str_to_key(key, key2); - tfm_des = crypto_alloc_skcipher("ecb(des)", 0, CRYPTO_ALG_ASYNC); + tfm_des = crypto_alloc_cipher("des", 0, 0); if (IS_ERR(tfm_des)) { - rc = PTR_ERR(tfm_des); cifs_dbg(VFS, "could not allocate des crypto API\n"); - goto smbhash_err; + return PTR_ERR(tfm_des); } - req = skcipher_request_alloc(tfm_des, GFP_KERNEL); - if (!req) { - rc = -ENOMEM; - cifs_dbg(VFS, "could not allocate des crypto API\n"); - goto smbhash_free_skcipher; - } - - crypto_skcipher_setkey(tfm_des, key2, 8); - - sg_init_one(&sgin, in, 8); - sg_init_one(&sgout, out, 8); - - skcipher_request_set_callback(req, 0, NULL, NULL); - skcipher_request_set_crypt(req, &sgin, &sgout, 8, NULL); - - rc = crypto_skcipher_encrypt(req); - if (rc) - cifs_dbg(VFS, "could not encrypt crypt key rc: %d\n", rc); - - skcipher_request_free(req); + crypto_cipher_setkey(tfm_des, key2, 8); + crypto_cipher_encrypt_one(tfm_des, out, in); + crypto_free_cipher(tfm_des); -smbhash_free_skcipher: - crypto_free_skcipher(tfm_des); -smbhash_err: - return rc; + return 0; } static int Patches currently in stable-queue which might be from luto@xxxxxxxxxx are queue-4.9/cifs-fix-smbencrypt-to-stop-pointing-a-scatterlist-at-the-stack.patch -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html