[0/4] fix async decryption + some secmech cleanups

Message

Enzo Matsumiya Sept. 26, 2024, 5:46 p.m. UTC

Hi,

Patch 1/4:
Fix a use-after-free in the crypto API when using the same TFM in parallel to decrypt SMB2
messages. 'parallel' meaning only when 'min_enc_offload/esize' is > 0, so smb2_decrypt_offload()
is called.

Patch 2/4:
We store crypto keys in cifs_ses and we find them on every crypto operation by the Session ID.
Using a crypto TFM with the crypto keys set right after session setup would be ideal, but would
require a non-trivial redesign of the module.  So, instead, allocate a TFM on the primary server
only, and keep finding/setting the keys on a per-usage basis.

Patches 3 and 4/4:
HMAC-MD5 and SHA-512 TFMs are only used on Session Setup and each contained in a single function.
The allocated memory size doesn't hurt, but makes no sense to keep them around when they're not
going to be used again so soon (or at all).

Reviews appreciated.


Cheers,

Enzo Matsumiya (4):
  smb: client: fix UAF in async decryption
  smb: client: allocate crypto only for primary server
  smb: client: make HMAC-MD5 TFM ephemeral
  smb: client: make SHA-512 TFM ephemeral

 fs/smb/client/cifsencrypt.c   | 151 ++++++++++++++--------------------
 fs/smb/client/cifsglob.h      |   2 -
 fs/smb/client/sess.c          |   2 +-
 fs/smb/client/smb2misc.c      |  28 +++----
 fs/smb/client/smb2ops.c       |  47 ++++++-----
 fs/smb/client/smb2pdu.c       |  10 +++
 fs/smb/client/smb2proto.h     |   2 +-
 fs/smb/client/smb2transport.c |  30 +------
 8 files changed, 116 insertions(+), 156 deletions(-)