* [SMB3.1.1] Faster crypto (GCM) for Linux kernel SMB3.1.1 mounts
@ 2019-06-07 20:23 Steve French
2019-06-07 21:24 ` ronnie sahlberg
` (2 more replies)
0 siblings, 3 replies; 7+ messages in thread
From: Steve French @ 2019-06-07 20:23 UTC (permalink / raw)
To: CIFS, samba-technical
[-- Attachment #1: Type: text/plain, Size: 289 bytes --]
I am seeing more than double the performance of copy to Samba on
encrypted mount with this two patch set, and 80%+ faster on copy from
Samba server (when running Ralph's GCM capable experimental branch of
Samba)
Patches to update the kernel client (cifs.ko) attached:
--
Thanks,
Steve
[-- Attachment #2: 0001-SMB3-Add-SMB3.1.1-GCM-to-negotiated-crypto-algorigth.patch --]
[-- Type: text/x-patch, Size: 2912 bytes --]
From eddadf9736135359236b0040390a7ae1ea1d2b5e Mon Sep 17 00:00:00 2001
From: Steve French <stfrench@microsoft.com>
Date: Fri, 7 Jun 2019 08:59:40 -0500
Subject: [PATCH 1/2] SMB3: Add SMB3.1.1 GCM to negotiated crypto algorigthms
GCM is faster. Request it during negotiate protocol.
Followon patch will add callouts to GCM crypto
Signed-off-by: Steve French <stfrench@microsoft.com>
---
fs/cifs/smb2ops.c | 4 ++--
fs/cifs/smb2pdu.c | 8 ++++----
fs/cifs/smb2pdu.h | 4 ++--
3 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
index e921e6511728..7fa95929c8fc 100644
--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -3333,7 +3333,7 @@ fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, unsigned int orig_len,
tr_hdr->ProtocolId = SMB2_TRANSFORM_PROTO_NUM;
tr_hdr->OriginalMessageSize = cpu_to_le32(orig_len);
tr_hdr->Flags = cpu_to_le16(0x01);
- get_random_bytes(&tr_hdr->Nonce, SMB3_AES128CMM_NONCE);
+ get_random_bytes(&tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
memcpy(&tr_hdr->SessionId, &shdr->SessionId, 8);
}
@@ -3492,7 +3492,7 @@ crypt_message(struct TCP_Server_Info *server, int num_rqst,
goto free_sg;
}
iv[0] = 3;
- memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES128CMM_NONCE);
+ memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
aead_request_set_crypt(req, sg, sg, crypt_len, iv);
aead_request_set_ad(req, assoc_data_len);
diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index ab8dc73d2282..9afef0eaa1c4 100644
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -489,10 +489,10 @@ static void
build_encrypt_ctxt(struct smb2_encryption_neg_context *pneg_ctxt)
{
pneg_ctxt->ContextType = SMB2_ENCRYPTION_CAPABILITIES;
- pneg_ctxt->DataLength = cpu_to_le16(4); /* Cipher Count + le16 cipher */
- pneg_ctxt->CipherCount = cpu_to_le16(1);
-/* pneg_ctxt->Ciphers[0] = SMB2_ENCRYPTION_AES128_GCM;*/ /* not supported yet */
- pneg_ctxt->Ciphers[0] = SMB2_ENCRYPTION_AES128_CCM;
+ pneg_ctxt->DataLength = cpu_to_le16(6); /* Cipher Count + le16 cipher */
+ pneg_ctxt->CipherCount = cpu_to_le16(2);
+ pneg_ctxt->Ciphers[0] = SMB2_ENCRYPTION_AES128_GCM;
+ pneg_ctxt->Ciphers[1] = SMB2_ENCRYPTION_AES128_CCM;
}
static void
diff --git a/fs/cifs/smb2pdu.h b/fs/cifs/smb2pdu.h
index c7d5813bebd8..d3a64cf812d9 100644
--- a/fs/cifs/smb2pdu.h
+++ b/fs/cifs/smb2pdu.h
@@ -123,7 +123,7 @@ struct smb2_sync_pdu {
__le16 StructureSize2; /* size of wct area (varies, request specific) */
} __packed;
-#define SMB3_AES128CMM_NONCE 11
+#define SMB3_AES128CCM_NONCE 11
#define SMB3_AES128GCM_NONCE 12
struct smb2_transform_hdr {
@@ -293,7 +293,7 @@ struct smb2_encryption_neg_context {
__le16 DataLength;
__le32 Reserved;
__le16 CipherCount; /* AES-128-GCM and AES-128-CCM */
- __le16 Ciphers[1]; /* Ciphers[0] since only one used now */
+ __le16 Ciphers[2];
} __packed;
/* See MS-SMB2 2.2.3.1.3 */
--
2.20.1
[-- Attachment #3: 0002-SMB3-Add-SMB3.1.1-GCM-crypto-to-the-encrypt-and-decr.patch --]
[-- Type: text/x-patch, Size: 3617 bytes --]
From 1dc851a452ebbc191b750fee8fb41da45d9b20fb Mon Sep 17 00:00:00 2001
From: Steve French <stfrench@microsoft.com>
Date: Fri, 7 Jun 2019 15:16:10 -0500
Subject: [PATCH 2/2] [SMB3] Add SMB3.1.1 GCM crypto to the encrypt and decrypt
functions
SMB3.1.1 GCM performs much better than the older CCM default:
more than twice as fast in the write patch (copy to the Samba
server on localhost for example) and 80% faster on the read
patch (copy from the server).
Signed-off-by: Steve French <stfrench@microsoft.com>
---
fs/cifs/smb2ops.c | 18 +++++++++++++-----
fs/cifs/smb2transport.c | 10 ++++++++--
2 files changed, 21 insertions(+), 7 deletions(-)
diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
index 7fa95929c8fc..a8e28b955c69 100644
--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -3324,7 +3324,7 @@ smb2_dir_needs_close(struct cifsFileInfo *cfile)
static void
fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, unsigned int orig_len,
- struct smb_rqst *old_rq)
+ struct smb_rqst *old_rq, struct TCP_Server_Info *server)
{
struct smb2_sync_hdr *shdr =
(struct smb2_sync_hdr *)old_rq->rq_iov[0].iov_base;
@@ -3333,7 +3333,10 @@ fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, unsigned int orig_len,
tr_hdr->ProtocolId = SMB2_TRANSFORM_PROTO_NUM;
tr_hdr->OriginalMessageSize = cpu_to_le32(orig_len);
tr_hdr->Flags = cpu_to_le16(0x01);
- get_random_bytes(&tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
+ if (server->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ get_random_bytes(&tr_hdr->Nonce, SMB3_AES128GCM_NONCE);
+ else
+ get_random_bytes(&tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
memcpy(&tr_hdr->SessionId, &shdr->SessionId, 8);
}
@@ -3491,8 +3494,13 @@ crypt_message(struct TCP_Server_Info *server, int num_rqst,
rc = -ENOMEM;
goto free_sg;
}
- iv[0] = 3;
- memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
+
+ if (server->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ memcpy(iv, (char *)tr_hdr->Nonce, SMB3_AES128GCM_NONCE);
+ else {
+ iv[0] = 3;
+ memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
+ }
aead_request_set_crypt(req, sg, sg, crypt_len, iv);
aead_request_set_ad(req, assoc_data_len);
@@ -3592,7 +3600,7 @@ smb3_init_transform_rq(struct TCP_Server_Info *server, int num_rqst,
}
/* fill the 1st iov with a transform header */
- fill_transform_hdr(tr_hdr, orig_len, old_rq);
+ fill_transform_hdr(tr_hdr, orig_len, old_rq, server);
rc = crypt_message(server, num_rqst, new_rq, 1);
cifs_dbg(FYI, "Encrypt message returned %d\n", rc);
diff --git a/fs/cifs/smb2transport.c b/fs/cifs/smb2transport.c
index d1181572758b..1ccbcf9c2c3b 100644
--- a/fs/cifs/smb2transport.c
+++ b/fs/cifs/smb2transport.c
@@ -734,7 +734,10 @@ smb3_crypto_aead_allocate(struct TCP_Server_Info *server)
struct crypto_aead *tfm;
if (!server->secmech.ccmaesencrypt) {
- tfm = crypto_alloc_aead("ccm(aes)", 0, 0);
+ if (server->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ tfm = crypto_alloc_aead("gcm(aes)", 0, 0);
+ else
+ tfm = crypto_alloc_aead("ccm(aes)", 0, 0);
if (IS_ERR(tfm)) {
cifs_dbg(VFS, "%s: Failed to alloc encrypt aead\n",
__func__);
@@ -744,7 +747,10 @@ smb3_crypto_aead_allocate(struct TCP_Server_Info *server)
}
if (!server->secmech.ccmaesdecrypt) {
- tfm = crypto_alloc_aead("ccm(aes)", 0, 0);
+ if (server->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ tfm = crypto_alloc_aead("gcm(aes)", 0, 0);
+ else
+ tfm = crypto_alloc_aead("ccm(aes)", 0, 0);
if (IS_ERR(tfm)) {
crypto_free_aead(server->secmech.ccmaesencrypt);
server->secmech.ccmaesencrypt = NULL;
--
2.20.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [SMB3.1.1] Faster crypto (GCM) for Linux kernel SMB3.1.1 mounts
2019-06-07 20:23 [SMB3.1.1] Faster crypto (GCM) for Linux kernel SMB3.1.1 mounts Steve French
@ 2019-06-07 21:24 ` ronnie sahlberg
2019-06-08 8:38 ` Steve French
2019-06-10 14:56 ` Andreas Schneider
2019-06-10 19:19 ` Pavel Shilovsky
2 siblings, 1 reply; 7+ messages in thread
From: ronnie sahlberg @ 2019-06-07 21:24 UTC (permalink / raw)
To: Steve French; +Cc: CIFS, samba-technical
First patch, fix the comment :
+ pneg_ctxt->DataLength = cpu_to_le16(6); /* Cipher Count + le16 cipher */
to
+ pneg_ctxt->DataLength = cpu_to_le16(6); /* Cipher Count + 2 * le16 cipher */
You can add a Reviewed-by me.
Very nice!
On Sat, Jun 8, 2019 at 6:24 AM Steve French via samba-technical
<samba-technical@lists.samba.org> wrote:
>
> I am seeing more than double the performance of copy to Samba on
> encrypted mount with this two patch set, and 80%+ faster on copy from
> Samba server (when running Ralph's GCM capable experimental branch of
> Samba)
>
> Patches to update the kernel client (cifs.ko) attached:
>
> --
> Thanks,
>
> Steve
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [SMB3.1.1] Faster crypto (GCM) for Linux kernel SMB3.1.1 mounts
2019-06-07 21:24 ` ronnie sahlberg
@ 2019-06-08 8:38 ` Steve French
0 siblings, 0 replies; 7+ messages in thread
From: Steve French @ 2019-06-08 8:38 UTC (permalink / raw)
To: ronnie sahlberg; +Cc: CIFS, samba-technical
updated and repushed to cifs-2.6.git for-next
On Fri, Jun 7, 2019 at 4:24 PM ronnie sahlberg <ronniesahlberg@gmail.com> wrote:
>
> First patch, fix the comment :
> + pneg_ctxt->DataLength = cpu_to_le16(6); /* Cipher Count + le16 cipher */
> to
> + pneg_ctxt->DataLength = cpu_to_le16(6); /* Cipher Count + 2 * le16 cipher */
>
> You can add a Reviewed-by me.
> Very nice!
>
> On Sat, Jun 8, 2019 at 6:24 AM Steve French via samba-technical
> <samba-technical@lists.samba.org> wrote:
> >
> > I am seeing more than double the performance of copy to Samba on
> > encrypted mount with this two patch set, and 80%+ faster on copy from
> > Samba server (when running Ralph's GCM capable experimental branch of
> > Samba)
> >
> > Patches to update the kernel client (cifs.ko) attached:
> >
> > --
> > Thanks,
> >
> > Steve
--
Thanks,
Steve
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [SMB3.1.1] Faster crypto (GCM) for Linux kernel SMB3.1.1 mounts
2019-06-07 20:23 [SMB3.1.1] Faster crypto (GCM) for Linux kernel SMB3.1.1 mounts Steve French
2019-06-07 21:24 ` ronnie sahlberg
@ 2019-06-10 14:56 ` Andreas Schneider
2019-06-10 19:19 ` Pavel Shilovsky
2 siblings, 0 replies; 7+ messages in thread
From: Andreas Schneider @ 2019-06-10 14:56 UTC (permalink / raw)
To: samba-technical, Steve French; +Cc: CIFS
On Friday, 7 June 2019 22:23:30 CEST Steve French via samba-technical wrote:
> I am seeing more than double the performance of copy to Samba on
> encrypted mount with this two patch set, and 80%+ faster on copy from
> Samba server (when running Ralph's GCM capable experimental branch of
> Samba)
I'm sorry but I have to disappoint you, my name is Andreas and not Ralph ;-)
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [SMB3.1.1] Faster crypto (GCM) for Linux kernel SMB3.1.1 mounts
2019-06-07 20:23 [SMB3.1.1] Faster crypto (GCM) for Linux kernel SMB3.1.1 mounts Steve French
2019-06-07 21:24 ` ronnie sahlberg
2019-06-10 14:56 ` Andreas Schneider
@ 2019-06-10 19:19 ` Pavel Shilovsky
2019-06-10 22:34 ` Steve French
2 siblings, 1 reply; 7+ messages in thread
From: Pavel Shilovsky @ 2019-06-10 19:19 UTC (permalink / raw)
To: Steve French; +Cc: CIFS, samba-technical
пт, 7 июн. 2019 г. в 13:23, Steve French via samba-technical
<samba-technical@lists.samba.org>:
>
> I am seeing more than double the performance of copy to Samba on
> encrypted mount with this two patch set, and 80%+ faster on copy from
> Samba server (when running Ralph's GCM capable experimental branch of
> Samba)
>
> Patches to update the kernel client (cifs.ko) attached:
>
> --
> Thanks,
>
> Steve
--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -3324,7 +3324,7 @@ smb2_dir_needs_close(struct cifsFileInfo *cfile)
static void
fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, unsigned int orig_len,
- struct smb_rqst *old_rq)
+ struct smb_rqst *old_rq, struct TCP_Server_Info *server)
{
struct smb2_sync_hdr *shdr =
(struct smb2_sync_hdr *)old_rq->rq_iov[0].iov_base;
@@ -3333,7 +3333,10 @@ fill_transform_hdr(struct smb2_transform_hdr
*tr_hdr, unsigned int orig_len,
tr_hdr->ProtocolId = SMB2_TRANSFORM_PROTO_NUM;
tr_hdr->OriginalMessageSize = cpu_to_le32(orig_len);
tr_hdr->Flags = cpu_to_le16(0x01);
- get_random_bytes(&tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
+ if (server->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
We only use server->cipher_type here and below. Let's pass just this
integer instead of whole server pointer to fill_transform_hdr then
+ get_random_bytes(&tr_hdr->Nonce, SMB3_AES128GCM_NONCE);
+ else
+ get_random_bytes(&tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
memcpy(&tr_hdr->SessionId, &shdr->SessionId, 8);
}
@@ -3491,8 +3494,13 @@ crypt_message(struct TCP_Server_Info *server,
int num_rqst,
rc = -ENOMEM;
goto free_sg;
}
- iv[0] = 3;
- memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
+
+ if (server->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ memcpy(iv, (char *)tr_hdr->Nonce, SMB3_AES128GCM_NONCE);
+ else {
+ iv[0] = 3;
+ memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
+ }
aead_request_set_crypt(req, sg, sg, crypt_len, iv);
aead_request_set_ad(req, assoc_data_len);
Other than the note above looks good.
--
Best regards,
Pavel Shilovskiy
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [SMB3.1.1] Faster crypto (GCM) for Linux kernel SMB3.1.1 mounts
2019-06-10 19:19 ` Pavel Shilovsky
@ 2019-06-10 22:34 ` Steve French
2019-06-11 0:41 ` Pavel Shilovsky
0 siblings, 1 reply; 7+ messages in thread
From: Steve French @ 2019-06-10 22:34 UTC (permalink / raw)
To: Pavel Shilovsky; +Cc: CIFS, samba-technical
[-- Attachment #1: Type: text/plain, Size: 2712 bytes --]
Updated the patch with Pavel's suggestion and added reviewed by and
repushed to cifs-2.6.git for-next.
On Mon, Jun 10, 2019 at 2:19 PM Pavel Shilovsky
<pavel.shilovsky@gmail.com> wrote:
>
> пт, 7 июн. 2019 г. в 13:23, Steve French via samba-technical
> <samba-technical@lists.samba.org>:
> >
> > I am seeing more than double the performance of copy to Samba on
> > encrypted mount with this two patch set, and 80%+ faster on copy from
> > Samba server (when running Ralph's GCM capable experimental branch of
> > Samba)
> >
> > Patches to update the kernel client (cifs.ko) attached:
> >
> > --
> > Thanks,
> >
> > Steve
>
>
> --- a/fs/cifs/smb2ops.c
> +++ b/fs/cifs/smb2ops.c
> @@ -3324,7 +3324,7 @@ smb2_dir_needs_close(struct cifsFileInfo *cfile)
>
> static void
> fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, unsigned int orig_len,
> - struct smb_rqst *old_rq)
> + struct smb_rqst *old_rq, struct TCP_Server_Info *server)
> {
> struct smb2_sync_hdr *shdr =
> (struct smb2_sync_hdr *)old_rq->rq_iov[0].iov_base;
> @@ -3333,7 +3333,10 @@ fill_transform_hdr(struct smb2_transform_hdr
> *tr_hdr, unsigned int orig_len,
> tr_hdr->ProtocolId = SMB2_TRANSFORM_PROTO_NUM;
> tr_hdr->OriginalMessageSize = cpu_to_le32(orig_len);
> tr_hdr->Flags = cpu_to_le16(0x01);
> - get_random_bytes(&tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
> + if (server->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
>
> We only use server->cipher_type here and below. Let's pass just this
> integer instead of whole server pointer to fill_transform_hdr then
>
> + get_random_bytes(&tr_hdr->Nonce, SMB3_AES128GCM_NONCE);
> + else
> + get_random_bytes(&tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
> memcpy(&tr_hdr->SessionId, &shdr->SessionId, 8);
> }
>
> @@ -3491,8 +3494,13 @@ crypt_message(struct TCP_Server_Info *server,
> int num_rqst,
> rc = -ENOMEM;
> goto free_sg;
> }
> - iv[0] = 3;
> - memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
> +
> + if (server->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
> + memcpy(iv, (char *)tr_hdr->Nonce, SMB3_AES128GCM_NONCE);
> + else {
> + iv[0] = 3;
> + memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
> + }
>
> aead_request_set_crypt(req, sg, sg, crypt_len, iv);
> aead_request_set_ad(req, assoc_data_len);
>
> Other than the note above looks good.
>
> --
> Best regards,
> Pavel Shilovskiy
--
Thanks,
Steve
[-- Attachment #2: 0006-Add-SMB3.1.1-GCM-crypto-to-the-encrypt-and-decrypt-f.patch --]
[-- Type: text/x-patch, Size: 3707 bytes --]
From 120ae85c0e041d5c6ed2ca5adb370226bdd984e1 Mon Sep 17 00:00:00 2001
From: Steve French <stfrench@microsoft.com>
Date: Fri, 7 Jun 2019 15:16:10 -0500
Subject: [PATCH 6/7] Add SMB3.1.1 GCM crypto to the encrypt and decrypt
functions
SMB3.1.1 GCM performs much better than the older CCM default:
more than twice as fast in the write patch (copy to the Samba
server on localhost for example) and 80% faster on the read
patch (copy from the server).
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
---
fs/cifs/smb2ops.c | 18 +++++++++++++-----
fs/cifs/smb2transport.c | 10 ++++++++--
2 files changed, 21 insertions(+), 7 deletions(-)
diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
index 7fa95929c8fc..a8e28b955c69 100644
--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -3324,7 +3324,7 @@ smb2_dir_needs_close(struct cifsFileInfo *cfile)
static void
fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, unsigned int orig_len,
- struct smb_rqst *old_rq)
+ struct smb_rqst *old_rq, __le16 cipher_type)
{
struct smb2_sync_hdr *shdr =
(struct smb2_sync_hdr *)old_rq->rq_iov[0].iov_base;
@@ -3333,7 +3333,10 @@ fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, unsigned int orig_len,
tr_hdr->ProtocolId = SMB2_TRANSFORM_PROTO_NUM;
tr_hdr->OriginalMessageSize = cpu_to_le32(orig_len);
tr_hdr->Flags = cpu_to_le16(0x01);
- get_random_bytes(&tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
+ if (cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ get_random_bytes(&tr_hdr->Nonce, SMB3_AES128GCM_NONCE);
+ else
+ get_random_bytes(&tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
memcpy(&tr_hdr->SessionId, &shdr->SessionId, 8);
}
@@ -3491,8 +3494,13 @@ crypt_message(struct TCP_Server_Info *server, int num_rqst,
rc = -ENOMEM;
goto free_sg;
}
- iv[0] = 3;
- memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
+
+ if (server->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ memcpy(iv, (char *)tr_hdr->Nonce, SMB3_AES128GCM_NONCE);
+ else {
+ iv[0] = 3;
+ memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES128CCM_NONCE);
+ }
aead_request_set_crypt(req, sg, sg, crypt_len, iv);
aead_request_set_ad(req, assoc_data_len);
@@ -3592,7 +3600,7 @@ smb3_init_transform_rq(struct TCP_Server_Info *server, int num_rqst,
}
/* fill the 1st iov with a transform header */
- fill_transform_hdr(tr_hdr, orig_len, old_rq);
+ fill_transform_hdr(tr_hdr, orig_len, old_rq, server->cipher_type);
rc = crypt_message(server, num_rqst, new_rq, 1);
cifs_dbg(FYI, "Encrypt message returned %d\n", rc);
diff --git a/fs/cifs/smb2transport.c b/fs/cifs/smb2transport.c
index d1181572758b..1ccbcf9c2c3b 100644
--- a/fs/cifs/smb2transport.c
+++ b/fs/cifs/smb2transport.c
@@ -734,7 +734,10 @@ smb3_crypto_aead_allocate(struct TCP_Server_Info *server)
struct crypto_aead *tfm;
if (!server->secmech.ccmaesencrypt) {
- tfm = crypto_alloc_aead("ccm(aes)", 0, 0);
+ if (server->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ tfm = crypto_alloc_aead("gcm(aes)", 0, 0);
+ else
+ tfm = crypto_alloc_aead("ccm(aes)", 0, 0);
if (IS_ERR(tfm)) {
cifs_dbg(VFS, "%s: Failed to alloc encrypt aead\n",
__func__);
@@ -744,7 +747,10 @@ smb3_crypto_aead_allocate(struct TCP_Server_Info *server)
}
if (!server->secmech.ccmaesdecrypt) {
- tfm = crypto_alloc_aead("ccm(aes)", 0, 0);
+ if (server->cipher_type == SMB2_ENCRYPTION_AES128_GCM)
+ tfm = crypto_alloc_aead("gcm(aes)", 0, 0);
+ else
+ tfm = crypto_alloc_aead("ccm(aes)", 0, 0);
if (IS_ERR(tfm)) {
crypto_free_aead(server->secmech.ccmaesencrypt);
server->secmech.ccmaesencrypt = NULL;
--
2.20.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [SMB3.1.1] Faster crypto (GCM) for Linux kernel SMB3.1.1 mounts
2019-06-10 22:34 ` Steve French
@ 2019-06-11 0:41 ` Pavel Shilovsky
0 siblings, 0 replies; 7+ messages in thread
From: Pavel Shilovsky @ 2019-06-11 0:41 UTC (permalink / raw)
To: Steve French; +Cc: CIFS, samba-technical
пн, 10 июн. 2019 г. в 15:34, Steve French <smfrench@gmail.com>:
>
> Updated the patch with Pavel's suggestion and added reviewed by and
> repushed to cifs-2.6.git for-next.
>
Looks good. Thanks!
Best regards,
Pavel Shilovskiy
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2019-06-11 0:41 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-06-07 20:23 [SMB3.1.1] Faster crypto (GCM) for Linux kernel SMB3.1.1 mounts Steve French
2019-06-07 21:24 ` ronnie sahlberg
2019-06-08 8:38 ` Steve French
2019-06-10 14:56 ` Andreas Schneider
2019-06-10 19:19 ` Pavel Shilovsky
2019-06-10 22:34 ` Steve French
2019-06-11 0:41 ` Pavel Shilovsky
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).