| Message ID | 20220929015637.14400-2-ematsumiya@suse.de (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | cifs: introduce support for AES-GMAC signing | expand |
looks fine - merged into cifs-2.6.git for-next still reviewing/testing others in the series. Feedback on those would be appreciated. On Wed, Sep 28, 2022 at 8:57 PM Enzo Matsumiya <ematsumiya@suse.de> wrote: > > Detach the TFM name from a specific algorithm (AES-CCM) as > AES-GCM is also supported, making the name misleading. > > s/ccmaesencrypt/enc/ > s/ccmaesdecrypt/dec/ > > Signed-off-by: Enzo Matsumiya <ematsumiya@suse.de> > --- > fs/cifs/cifsencrypt.c | 12 ++++++------ > fs/cifs/cifsglob.h | 4 ++-- > fs/cifs/smb2ops.c | 3 +-- > fs/cifs/smb2transport.c | 12 ++++++------ > 4 files changed, 15 insertions(+), 16 deletions(-) > > diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c > index 46f5718754f9..f622d2ba6bd0 100644 > --- a/fs/cifs/cifsencrypt.c > +++ b/fs/cifs/cifsencrypt.c > @@ -743,14 +743,14 @@ cifs_crypto_secmech_release(struct TCP_Server_Info *server) > server->secmech.hmacmd5 = NULL; > } > > - if (server->secmech.ccmaesencrypt) { > - crypto_free_aead(server->secmech.ccmaesencrypt); > - server->secmech.ccmaesencrypt = NULL; > + if (server->secmech.enc) { > + crypto_free_aead(server->secmech.enc); > + server->secmech.enc = NULL; > } > > - if (server->secmech.ccmaesdecrypt) { > - crypto_free_aead(server->secmech.ccmaesdecrypt); > - server->secmech.ccmaesdecrypt = NULL; > + if (server->secmech.dec) { > + crypto_free_aead(server->secmech.dec); > + server->secmech.dec = NULL; > } > > kfree(server->secmech.sdesccmacaes); > diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h > index ae7f571a7dba..cbb108b15412 100644 > --- a/fs/cifs/cifsglob.h > +++ b/fs/cifs/cifsglob.h > @@ -171,8 +171,8 @@ struct cifs_secmech { > struct sdesc *sdeschmacsha256; /* ctxt to generate smb2 signature */ > struct sdesc *sdesccmacaes; /* ctxt to generate smb3 signature */ > struct sdesc *sdescsha512; /* ctxt to generate smb3.11 signing key */ > - struct crypto_aead *ccmaesencrypt; /* smb3 encryption aead */ > - struct crypto_aead *ccmaesdecrypt; /* smb3 decryption aead */ > + struct crypto_aead *enc; /* smb3 AEAD encryption TFM (AES-CCM and AES-GCM) */ > + struct crypto_aead *dec; /* smb3 AEAD decryption TFM (AES-CCM and AES-GCM) */ > }; > > /* per smb session structure/fields */ > diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c > index 421be43af425..d1528755f330 100644 > --- a/fs/cifs/smb2ops.c > +++ b/fs/cifs/smb2ops.c > @@ -4344,8 +4344,7 @@ crypt_message(struct TCP_Server_Info *server, int num_rqst, > return rc; > } > > - tfm = enc ? server->secmech.ccmaesencrypt : > - server->secmech.ccmaesdecrypt; > + tfm = enc ? server->secmech.enc : server->secmech.dec; > > if ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) || > (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) > diff --git a/fs/cifs/smb2transport.c b/fs/cifs/smb2transport.c > index 4640fc4a8b13..d4e1a5d74dcd 100644 > --- a/fs/cifs/smb2transport.c > +++ b/fs/cifs/smb2transport.c > @@ -904,7 +904,7 @@ smb3_crypto_aead_allocate(struct TCP_Server_Info *server) > { > struct crypto_aead *tfm; > > - if (!server->secmech.ccmaesencrypt) { > + if (!server->secmech.enc) { > if ((server->cipher_type == SMB2_ENCRYPTION_AES128_GCM) || > (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) > tfm = crypto_alloc_aead("gcm(aes)", 0, 0); > @@ -915,23 +915,23 @@ smb3_crypto_aead_allocate(struct TCP_Server_Info *server) > __func__); > return PTR_ERR(tfm); > } > - server->secmech.ccmaesencrypt = tfm; > + server->secmech.enc = tfm; > } > > - if (!server->secmech.ccmaesdecrypt) { > + if (!server->secmech.dec) { > if ((server->cipher_type == SMB2_ENCRYPTION_AES128_GCM) || > (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) > tfm = crypto_alloc_aead("gcm(aes)", 0, 0); > else > tfm = crypto_alloc_aead("ccm(aes)", 0, 0); > if (IS_ERR(tfm)) { > - crypto_free_aead(server->secmech.ccmaesencrypt); > - server->secmech.ccmaesencrypt = NULL; > + crypto_free_aead(server->secmech.enc); > + server->secmech.enc = NULL; > cifs_server_dbg(VFS, "%s: Failed to alloc decrypt aead\n", > __func__); > return PTR_ERR(tfm); > } > - server->secmech.ccmaesdecrypt = tfm; > + server->secmech.dec = tfm; > } > > return 0; > -- > 2.35.3 >
diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index 46f5718754f9..f622d2ba6bd0 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c @@ -743,14 +743,14 @@ cifs_crypto_secmech_release(struct TCP_Server_Info *server) server->secmech.hmacmd5 = NULL; } - if (server->secmech.ccmaesencrypt) { - crypto_free_aead(server->secmech.ccmaesencrypt); - server->secmech.ccmaesencrypt = NULL; + if (server->secmech.enc) { + crypto_free_aead(server->secmech.enc); + server->secmech.enc = NULL; } - if (server->secmech.ccmaesdecrypt) { - crypto_free_aead(server->secmech.ccmaesdecrypt); - server->secmech.ccmaesdecrypt = NULL; + if (server->secmech.dec) { + crypto_free_aead(server->secmech.dec); + server->secmech.dec = NULL; } kfree(server->secmech.sdesccmacaes); diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index ae7f571a7dba..cbb108b15412 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -171,8 +171,8 @@ struct cifs_secmech { struct sdesc *sdeschmacsha256; /* ctxt to generate smb2 signature */ struct sdesc *sdesccmacaes; /* ctxt to generate smb3 signature */ struct sdesc *sdescsha512; /* ctxt to generate smb3.11 signing key */ - struct crypto_aead *ccmaesencrypt; /* smb3 encryption aead */ - struct crypto_aead *ccmaesdecrypt; /* smb3 decryption aead */ + struct crypto_aead *enc; /* smb3 AEAD encryption TFM (AES-CCM and AES-GCM) */ + struct crypto_aead *dec; /* smb3 AEAD decryption TFM (AES-CCM and AES-GCM) */ }; /* per smb session structure/fields */ diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c index 421be43af425..d1528755f330 100644 --- a/fs/cifs/smb2ops.c +++ b/fs/cifs/smb2ops.c @@ -4344,8 +4344,7 @@ crypt_message(struct TCP_Server_Info *server, int num_rqst, return rc; } - tfm = enc ? server->secmech.ccmaesencrypt : - server->secmech.ccmaesdecrypt; + tfm = enc ? server->secmech.enc : server->secmech.dec; if ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) || (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) diff --git a/fs/cifs/smb2transport.c b/fs/cifs/smb2transport.c index 4640fc4a8b13..d4e1a5d74dcd 100644 --- a/fs/cifs/smb2transport.c +++ b/fs/cifs/smb2transport.c @@ -904,7 +904,7 @@ smb3_crypto_aead_allocate(struct TCP_Server_Info *server) { struct crypto_aead *tfm; - if (!server->secmech.ccmaesencrypt) { + if (!server->secmech.enc) { if ((server->cipher_type == SMB2_ENCRYPTION_AES128_GCM) || (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) tfm = crypto_alloc_aead("gcm(aes)", 0, 0); @@ -915,23 +915,23 @@ smb3_crypto_aead_allocate(struct TCP_Server_Info *server) __func__); return PTR_ERR(tfm); } - server->secmech.ccmaesencrypt = tfm; + server->secmech.enc = tfm; } - if (!server->secmech.ccmaesdecrypt) { + if (!server->secmech.dec) { if ((server->cipher_type == SMB2_ENCRYPTION_AES128_GCM) || (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) tfm = crypto_alloc_aead("gcm(aes)", 0, 0); else tfm = crypto_alloc_aead("ccm(aes)", 0, 0); if (IS_ERR(tfm)) { - crypto_free_aead(server->secmech.ccmaesencrypt); - server->secmech.ccmaesencrypt = NULL; + crypto_free_aead(server->secmech.enc); + server->secmech.enc = NULL; cifs_server_dbg(VFS, "%s: Failed to alloc decrypt aead\n", __func__); return PTR_ERR(tfm); } - server->secmech.ccmaesdecrypt = tfm; + server->secmech.dec = tfm; } return 0;
Detach the TFM name from a specific algorithm (AES-CCM) as AES-GCM is also supported, making the name misleading. s/ccmaesencrypt/enc/ s/ccmaesdecrypt/dec/ Signed-off-by: Enzo Matsumiya <ematsumiya@suse.de> --- fs/cifs/cifsencrypt.c | 12 ++++++------ fs/cifs/cifsglob.h | 4 ++-- fs/cifs/smb2ops.c | 3 +-- fs/cifs/smb2transport.c | 12 ++++++------ 4 files changed, 15 insertions(+), 16 deletions(-)