* [cifs:gmac-signing-access-denied 14/16] fs/cifs/smb2transport.c:772: warning: expecting prototype for smb311_crypt_sign(). Prototype was for smb311_gmac_sign() instead
@ 2022-09-14 11:15 kernel test robot
0 siblings, 0 replies; only message in thread
From: kernel test robot @ 2022-09-14 11:15 UTC (permalink / raw)
To: Steve French; +Cc: kbuild-all, linux-cifs, samba-technical
tree: git://git.samba.org/sfrench/cifs-2.6.git gmac-signing-access-denied
head: 2192d9439564a639ab2e9bc5d6c6ee64cb34283c
commit: 320f9b7ac776d203158be1d06147e94ca8fa794b [14/16] part2
config: m68k-allyesconfig (https://download.01.org/0day-ci/archive/20220914/202209141918.88hEOscp-lkp@intel.com/config)
compiler: m68k-linux-gcc (GCC) 12.1.0
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
git remote add cifs git://git.samba.org/sfrench/cifs-2.6.git
git fetch --no-tags cifs gmac-signing-access-denied
git checkout 320f9b7ac776d203158be1d06147e94ca8fa794b
# save the config file
mkdir build_dir && cp config build_dir/.config
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=m68k SHELL=/bin/bash fs/cifs/
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
>> fs/cifs/smb2transport.c:772: warning: expecting prototype for smb311_crypt_sign(). Prototype was for smb311_gmac_sign() instead
vim +772 fs/cifs/smb2transport.c
a7ecf7c2064db8 Steve French 2022-09-14 734
a7ecf7c2064db8 Steve French 2022-09-14 735 /**
a7ecf7c2064db8 Steve French 2022-09-14 736 * smb311_crypt_sign() - Encrypts, decrypts, or sign an SMB2 message using AES-GCM algorithm.
a7ecf7c2064db8 Steve French 2022-09-14 737 *
a7ecf7c2064db8 Steve French 2022-09-14 738 * @rqst: SMB2 request to transform.
a7ecf7c2064db8 Steve French 2022-09-14 739 * @num_rqst: Number of requests to transform. Must be 1 if @sign_only is true.
a7ecf7c2064db8 Steve French 2022-09-14 740 * @enc: True for an encryption operation, false for decryption. If both @enc and @sign_only are
a7ecf7c2064db8 Steve French 2022-09-14 741 * true, assumes an encryption operation and set @sign_only to false.
a7ecf7c2064db8 Steve French 2022-09-14 742 * @sign_only: True if the request must only have the signature computed.
a7ecf7c2064db8 Steve French 2022-09-14 743 * @tfm: AES-GCM crypto transformation object. Must be allocated and freed by the caller.
a7ecf7c2064db8 Steve French 2022-09-14 744 * @key: The private key to be used for the operation. Must be allocated and freed by the caller.
a7ecf7c2064db8 Steve French 2022-09-14 745 * @keylen: The size of @key. Must be 16 for AES-128-GCM crypt ops and AES-GMAC, or 32 for
a7ecf7c2064db8 Steve French 2022-09-14 746 * AES-256-GCM.
a7ecf7c2064db8 Steve French 2022-09-14 747 * @iv: The Initialization Vector, a.k.a. nonce. Must be allocated and freed by the caller.
a7ecf7c2064db8 Steve French 2022-09-14 748 * @assoclen: Size of the Additional Authenticated Data (AAD) (or Associated Data (AD)). Must be
a7ecf7c2064db8 Steve French 2022-09-14 749 * size of smb2_transform_hdr - 20 for encryption/decryption, and the size of the whole
a7ecf7c2064db8 Steve French 2022-09-14 750 * SMB2 message for signing (e.g gotten from smb_rqst_len()).
a7ecf7c2064db8 Steve French 2022-09-14 751 * @cryptlen: Size of the plain/cipher text buffer. Must be 0 if @sign_only is true.
a7ecf7c2064db8 Steve French 2022-09-14 752 *
a7ecf7c2064db8 Steve French 2022-09-14 753 * This function is shared between the SMB 3.1.1 AES-GCM encryption/decryption operations
a7ecf7c2064db8 Steve French 2022-09-14 754 * (crypt_message()), and AES-GMAC signing operation (smb311_calc_aes_gmac()).
a7ecf7c2064db8 Steve French 2022-09-14 755 *
a7ecf7c2064db8 Steve French 2022-09-14 756 * This function will perform the core operations (encrypt and decrypt) using the parameters passed
a7ecf7c2064db8 Steve French 2022-09-14 757 * by the callers, which is what differ encrypt/decrypt ops from signing ops.
a7ecf7c2064db8 Steve French 2022-09-14 758 *
a7ecf7c2064db8 Steve French 2022-09-14 759 * Note that signing functionality (@sign_only == true) must only be used when the request must NOT
a7ecf7c2064db8 Steve French 2022-09-14 760 * be encrypted, as encrypted requests will have their own signatures, but computed differently.
a7ecf7c2064db8 Steve French 2022-09-14 761 *
a7ecf7c2064db8 Steve French 2022-09-14 762 * References:
a7ecf7c2064db8 Steve French 2022-09-14 763 * MS-SMB2 3.2.4.1.1 "Signing the Message"
a7ecf7c2064db8 Steve French 2022-09-14 764 *
a7ecf7c2064db8 Steve French 2022-09-14 765 * Return: 0 on success, negative errno otherwise.
a7ecf7c2064db8 Steve French 2022-09-14 766 */
a7ecf7c2064db8 Steve French 2022-09-14 767 static int smb311_gmac_sign(struct smb_rqst *rqst, int num_rqst,
320f9b7ac776d2 Steve French 2022-09-14 768 unsigned long assoclen,
a7ecf7c2064db8 Steve French 2022-09-14 769 struct crypto_aead *tfm,
a7ecf7c2064db8 Steve French 2022-09-14 770 const u8 *key, unsigned int keylen,
a7ecf7c2064db8 Steve French 2022-09-14 771 u8 *iv)
a7ecf7c2064db8 Steve French 2022-09-14 @772 {
a7ecf7c2064db8 Steve French 2022-09-14 773 struct smb2_hdr *shdr = (struct smb2_hdr *)rqst[0].rq_iov[0].iov_base;
a7ecf7c2064db8 Steve French 2022-09-14 774 u8 sig[SMB2_SIGNATURE_SIZE] = { 0 };
a7ecf7c2064db8 Steve French 2022-09-14 775 struct aead_request *aead_req;
a7ecf7c2064db8 Steve French 2022-09-14 776 DECLARE_CRYPTO_WAIT(wait);
a7ecf7c2064db8 Steve French 2022-09-14 777 struct scatterlist *sg;
a7ecf7c2064db8 Steve French 2022-09-14 778 int rc = 0;
a7ecf7c2064db8 Steve French 2022-09-14 779
a7ecf7c2064db8 Steve French 2022-09-14 780 /* basic checks */
a7ecf7c2064db8 Steve French 2022-09-14 781 if (!rqst || !tfm || !key || !iv)
a7ecf7c2064db8 Steve French 2022-09-14 782 return -EINVAL;
a7ecf7c2064db8 Steve French 2022-09-14 783
a7ecf7c2064db8 Steve French 2022-09-14 784 if (unlikely(!rqst))
a7ecf7c2064db8 Steve French 2022-09-14 785 return -ENODATA;
a7ecf7c2064db8 Steve French 2022-09-14 786
a7ecf7c2064db8 Steve French 2022-09-14 787 /* signing is done on single requests only */
a7ecf7c2064db8 Steve French 2022-09-14 788 if (num_rqst > 1) {
a7ecf7c2064db8 Steve French 2022-09-14 789 cifs_dbg(VFS, "%s: invalid number of requests to sign '%u', expected 1\n",
a7ecf7c2064db8 Steve French 2022-09-14 790 __func__, num_rqst);
a7ecf7c2064db8 Steve French 2022-09-14 791 return -EINVAL;
a7ecf7c2064db8 Steve French 2022-09-14 792 }
a7ecf7c2064db8 Steve French 2022-09-14 793
a7ecf7c2064db8 Steve French 2022-09-14 794 /*
a7ecf7c2064db8 Steve French 2022-09-14 795 * Set the Additional Authenticated Data (AAD)/Associated Data (AD) length to the SMB
a7ecf7c2064db8 Steve French 2022-09-14 796 * request length, which corresponds to the part of the buffer we want to sign/authenticate.
a7ecf7c2064db8 Steve French 2022-09-14 797 */
a7ecf7c2064db8 Steve French 2022-09-14 798 if (unlikely(assoclen == 0)) {
a7ecf7c2064db8 Steve French 2022-09-14 799 cifs_dbg(FYI, "%s: assoclen is 0 for signing operation\n", __func__);
a7ecf7c2064db8 Steve French 2022-09-14 800 return -ENODATA;
a7ecf7c2064db8 Steve French 2022-09-14 801 }
a7ecf7c2064db8 Steve French 2022-09-14 802
a7ecf7c2064db8 Steve French 2022-09-14 803 if (keylen != SMB3_GCM128_CRYPTKEY_SIZE) { /* 16 bytes, for AES-GMAC */
a7ecf7c2064db8 Steve French 2022-09-14 804 cifs_dbg(FYI, "%s: invalid key size '%u'\n", __func__, keylen);
a7ecf7c2064db8 Steve French 2022-09-14 805 return -EINVAL;
a7ecf7c2064db8 Steve French 2022-09-14 806 }
a7ecf7c2064db8 Steve French 2022-09-14 807
a7ecf7c2064db8 Steve French 2022-09-14 808 rc = crypto_aead_setkey(tfm, key, keylen);
a7ecf7c2064db8 Steve French 2022-09-14 809 if (rc) {
a7ecf7c2064db8 Steve French 2022-09-14 810 cifs_dbg(VFS, "%s: Failed to set AEAD key, rc=%d\n", __func__, rc);
a7ecf7c2064db8 Steve French 2022-09-14 811 return rc;
a7ecf7c2064db8 Steve French 2022-09-14 812 }
a7ecf7c2064db8 Steve French 2022-09-14 813
a7ecf7c2064db8 Steve French 2022-09-14 814 rc = crypto_aead_setauthsize(tfm, SMB2_SIGNATURE_SIZE);
a7ecf7c2064db8 Steve French 2022-09-14 815 if (rc) {
a7ecf7c2064db8 Steve French 2022-09-14 816 cifs_dbg(VFS, "%s: Failed to set AEAD authsize, rc=%d\n",
a7ecf7c2064db8 Steve French 2022-09-14 817 __func__, rc);
a7ecf7c2064db8 Steve French 2022-09-14 818 return rc;
a7ecf7c2064db8 Steve French 2022-09-14 819 }
a7ecf7c2064db8 Steve French 2022-09-14 820
a7ecf7c2064db8 Steve French 2022-09-14 821 aead_req = aead_request_alloc(tfm, GFP_KERNEL);
a7ecf7c2064db8 Steve French 2022-09-14 822 if (!aead_req) {
a7ecf7c2064db8 Steve French 2022-09-14 823 cifs_dbg(VFS, "%s: Failed to alloc AEAD request\n", __func__);
a7ecf7c2064db8 Steve French 2022-09-14 824 return -ENOMEM;
a7ecf7c2064db8 Steve French 2022-09-14 825 }
a7ecf7c2064db8 Steve French 2022-09-14 826
a7ecf7c2064db8 Steve French 2022-09-14 827 sg = init_sg_gmac(num_rqst, rqst, sig);
a7ecf7c2064db8 Steve French 2022-09-14 828 if (IS_ERR(sg)) {
a7ecf7c2064db8 Steve French 2022-09-14 829 rc = PTR_ERR(sg);
a7ecf7c2064db8 Steve French 2022-09-14 830 cifs_dbg(VFS, "%s: Failed to init SG, rc=%d\n", __func__, rc);
a7ecf7c2064db8 Steve French 2022-09-14 831
a7ecf7c2064db8 Steve French 2022-09-14 832 /* if -EIO, sg has been allocated */
a7ecf7c2064db8 Steve French 2022-09-14 833 if (rc == -EIO)
a7ecf7c2064db8 Steve French 2022-09-14 834 goto out_free_sg;
a7ecf7c2064db8 Steve French 2022-09-14 835
a7ecf7c2064db8 Steve French 2022-09-14 836 goto out_free_req;
a7ecf7c2064db8 Steve French 2022-09-14 837 }
a7ecf7c2064db8 Steve French 2022-09-14 838
a7ecf7c2064db8 Steve French 2022-09-14 839 aead_request_set_crypt(aead_req, sg, sg, 0, iv);
a7ecf7c2064db8 Steve French 2022-09-14 840 aead_request_set_ad(aead_req, assoclen);
a7ecf7c2064db8 Steve French 2022-09-14 841 aead_request_set_callback(aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG,
a7ecf7c2064db8 Steve French 2022-09-14 842 crypto_req_done, &wait);
a7ecf7c2064db8 Steve French 2022-09-14 843
a7ecf7c2064db8 Steve French 2022-09-14 844 /*
a7ecf7c2064db8 Steve French 2022-09-14 845 * Note for AES-GMAC (@sign_only): whether signing or verifying a signature, we must
a7ecf7c2064db8 Steve French 2022-09-14 846 * always use the encrypt function, as AES-GCM decrypt will internally try to match the
a7ecf7c2064db8 Steve French 2022-09-14 847 * authentication codes, which were computed based on the ciphertext, and fail (-EBADMSG),
a7ecf7c2064db8 Steve French 2022-09-14 848 * as expected.
a7ecf7c2064db8 Steve French 2022-09-14 849 */
a7ecf7c2064db8 Steve French 2022-09-14 850 rc = crypto_wait_req(crypto_aead_encrypt(aead_req), &wait);
a7ecf7c2064db8 Steve French 2022-09-14 851 if (!rc) {
a7ecf7c2064db8 Steve French 2022-09-14 852 memcpy(&shdr->Signature, sig, SMB2_SIGNATURE_SIZE);
a7ecf7c2064db8 Steve French 2022-09-14 853 }
a7ecf7c2064db8 Steve French 2022-09-14 854
a7ecf7c2064db8 Steve French 2022-09-14 855 out_free_sg:
a7ecf7c2064db8 Steve French 2022-09-14 856 kfree(sg);
a7ecf7c2064db8 Steve French 2022-09-14 857 out_free_req:
a7ecf7c2064db8 Steve French 2022-09-14 858 kfree(aead_req);
a7ecf7c2064db8 Steve French 2022-09-14 859
a7ecf7c2064db8 Steve French 2022-09-14 860 return rc;
a7ecf7c2064db8 Steve French 2022-09-14 861 }
a7ecf7c2064db8 Steve French 2022-09-14 862
:::::: The code at line 772 was first introduced by commit
:::::: a7ecf7c2064db88102d9bc6080325078ee5ffad6 part1
:::::: TO: Steve French <stfrench@microsoft.com>
:::::: CC: Steve French <stfrench@microsoft.com>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-09-14 11:16 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-09-14 11:15 [cifs:gmac-signing-access-denied 14/16] fs/cifs/smb2transport.c:772: warning: expecting prototype for smb311_crypt_sign(). Prototype was for smb311_gmac_sign() instead kernel test robot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.