Re: [PATCH] cifs: Fix smbencrypt() to stop pointing a scatterlist at the stack

Tue, 13 Dec 2016 05:08:22 -0800 

On Mon, 2016-12-12 at 12:54 -0800, Andy Lutomirski wrote:
> smbencrypt() points a scatterlist to the stack, which is breaks if
> CONFIG_VMAP_STACK=y.
> 
> Fix it by switching to crypto_cipher_encrypt_one().  The new code
> should be considerably faster as an added benefit.
> 
> This code is nearly identical to some code that Eric Biggers
> suggested.
> 
> Cc: sta...@vger.kernel.org # 4.9 only
> Reported-by: Eric Biggers <ebigge...@gmail.com>
> Signed-off-by: Andy Lutomirski <l...@kernel.org>
> ---
> 
> Compile-tested only.
> 
> fs/cifs/smbencrypt.c | 40 ++++++++--------------------------------
>  1 file changed, 8 insertions(+), 32 deletions(-)
> 
> diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c
> index 699b7868108f..c12bffefa3c9 100644
> --- a/fs/cifs/smbencrypt.c
> +++ b/fs/cifs/smbencrypt.c
> @@ -23,7 +23,7 @@
>     Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
>  */
>  
> -#include <crypto/skcipher.h>
> +#include <linux/crypto.h>
>  #include <linux/module.h>
>  #include <linux/slab.h>
>  #include <linux/fs.h>
> @@ -69,46 +69,22 @@ str_to_key(unsigned char *str, unsigned char *key)
>  static int
>  smbhash(unsigned char *out, const unsigned char *in, unsigned char *key)
>  {
> -     int rc;
>       unsigned char key2[8];
> -     struct crypto_skcipher *tfm_des;
> -     struct scatterlist sgin, sgout;
> -     struct skcipher_request *req;
> +     struct crypto_cipher *tfm_des;
>  
>       str_to_key(key, key2);
>  
> -     tfm_des = crypto_alloc_skcipher("ecb(des)", 0, CRYPTO_ALG_ASYNC);
> +     tfm_des = crypto_alloc_cipher("des", 0, 0);
>       if (IS_ERR(tfm_des)) {
> -             rc = PTR_ERR(tfm_des);
> -             cifs_dbg(VFS, "could not allocate des crypto API\n");
> -             goto smbhash_err;
> -     }
> -
> -     req = skcipher_request_alloc(tfm_des, GFP_KERNEL);
> -     if (!req) {
> -             rc = -ENOMEM;
>               cifs_dbg(VFS, "could not allocate des crypto API\n");
> -             goto smbhash_free_skcipher;
> +             return PTR_ERR(tfm_des);
>       }
>  
> -     crypto_skcipher_setkey(tfm_des, key2, 8);
> -
> -     sg_init_one(&sgin, in, 8);
> -     sg_init_one(&sgout, out, 8);
> +     crypto_cipher_setkey(tfm_des, key2, 8);
> +     crypto_cipher_encrypt_one(tfm_des, out, in);
> +     crypto_free_cipher(tfm_des);
>  
> -     skcipher_request_set_callback(req, 0, NULL, NULL);
> -     skcipher_request_set_crypt(req, &sgin, &sgout, 8, NULL);
> -
> -     rc = crypto_skcipher_encrypt(req);
> -     if (rc)
> -             cifs_dbg(VFS, "could not encrypt crypt key rc: %d\n", rc);
> -
> -     skcipher_request_free(req);
> -
> -smbhash_free_skcipher:
> -     crypto_free_skcipher(tfm_des);
> -smbhash_err:
> -     return rc;
> +     return 0;
>  }
>  
>  static int

Acked-by: Jeff Layton <jlay...@redhat.com>
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to