rpms / kernel

Clone
Source Code
GIT

Blame sunrpc-remove-incorrect-HMAC-request-initialization.patch

26 Label_NFS f10 f11 f12 f12-user-myoung-xendom0 f13 f13-2.6.33-master f13-user-steved-pnfs-13 f14 f14-user-kyle-bz664206 f14-user-kyle-f14-2.6.37 f14-user-lkundrak-vaio-brightness-645937 f14-user-steved-pnfs-f14 f15 f15-2.6.39 f15-30-going-on-40 f15-user-steved-pnfs-f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f25-pf f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 main oneoffs private-jcm-arm-nosmp-kallsyms private-jcm-arm-nosmp-kallsyms-f17 private-nhorman-sgx-v15 rawhide rhbz_1205083 stabilization talos user/steved/f19-lnfs-v3.8 user/steved/f19-lnfs-v3.8-rc7
  1.   748ac1b79ca18f919e961d1c3fac21ed069cbe55
  2.   sunrpc-remove-incorrect-HMAC-request-initialization.patch
Blob History Raw
e8e939e 
From 5cdbcf4aa78b57c4f10892f20725174829cca191 Mon Sep 17 00:00:00 2001
e8e939e 
From: Eric Biggers <ebiggers@google.com>
e8e939e 
Date: Wed, 28 Mar 2018 10:57:22 -0700
e8e939e 
Subject: [PATCH] sunrpc: remove incorrect HMAC request initialization
e8e939e
e8e939e 
make_checksum_hmac_md5() is allocating an HMAC transform and doing
e8e939e 
crypto API calls in the following order:
e8e939e
e8e939e 
    crypto_ahash_init()
e8e939e 
    crypto_ahash_setkey()
e8e939e 
    crypto_ahash_digest()
e8e939e
e8e939e 
This is wrong because it makes no sense to init() the request before a
e8e939e 
key has been set, given that the initial state depends on the key.  And
e8e939e 
digest() is short for init() + update() + final(), so in this case
e8e939e 
there's no need to explicitly call init() at all.
e8e939e
e8e939e 
Before commit 9fa68f620041 ("crypto: hash - prevent using keyed hashes
e8e939e 
without setting key") the extra init() had no real effect, at least for
e8e939e 
the software HMAC implementation.  (There are also hardware drivers that
e8e939e 
implement HMAC-MD5, and it's not immediately obvious how gracefully they
e8e939e 
handle init() before setkey().)  But now the crypto API detects this
e8e939e 
incorrect initialization and returns -ENOKEY.  This is breaking NFS
e8e939e 
mounts in some cases.
e8e939e
e8e939e 
Fix it by removing the incorrect call to crypto_ahash_init().
e8e939e
e8e939e 
Reported-by: Michael Young <m.a.young@durham.ac.uk>
e8e939e 
Fixes: 9fa68f620041 ("crypto: hash - prevent using keyed hashes without setting key")
e8e939e 
Fixes: fffdaef2eb4a ("gss_krb5: Add support for rc4-hmac encryption")
e8e939e 
Cc: stable@vger.kernel.org
e8e939e 
Signed-off-by: Eric Biggers <ebiggers@google.com>
e8e939e 
Signed-off-by: Jeremy Cline <jeremy@jcline.org>
e8e939e 
---
e8e939e 
 net/sunrpc/auth_gss/gss_krb5_crypto.c | 3 ---
e8e939e 
 1 file changed, 3 deletions(-)
e8e939e
e8e939e 
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c
e8e939e 
index 12649c9fedab..8654494b4d0a 100644
e8e939e 
--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
e8e939e 
+++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
e8e939e 
@@ -237,9 +237,6 @@ make_checksum_hmac_md5(struct krb5_ctx *kctx, char *header, int hdrlen,
e8e939e
e8e939e 
 	ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL);
e8e939e
e8e939e 
-	err = crypto_ahash_init(req);
e8e939e 
-	if (err)
e8e939e 
-		goto out;
e8e939e 
 	err = crypto_ahash_setkey(hmac_md5, cksumkey, kctx->gk5e->keylength);
e8e939e 
 	if (err)
e8e939e 
 		goto out;
e8e939e 
--
e8e939e 
2.16.2
e8e939e
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.