1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2016 Namjae Jeon <linkinjeon@kernel.org>
4 * Copyright (C) 2018 Samsung Electronics Co., Ltd.
5 */
6
7 #include <linux/kernel.h>
8 #include <linux/fs.h>
9 #include <linux/uaccess.h>
10 #include <linux/backing-dev.h>
11 #include <linux/writeback.h>
12 #include <linux/uio.h>
13 #include <linux/xattr.h>
14 #include <crypto/hash.h>
15 #include <crypto/aead.h>
16 #include <linux/random.h>
17 #include <linux/scatterlist.h>
18
19 #include "auth.h"
20 #include "glob.h"
21
22 #include <linux/fips.h>
23 #include <crypto/des.h>
24
25 #include "server.h"
26 #include "smb_common.h"
27 #include "connection.h"
28 #include "mgmt/user_session.h"
29 #include "mgmt/user_config.h"
30 #include "crypto_ctx.h"
31 #include "transport_ipc.h"
32 #include "../smbfs_common/arc4.h"
33
34 /*
35 * Fixed format data defining GSS header and fixed string
36 * "not_defined_in_RFC4178@please_ignore".
37 * So sec blob data in neg phase could be generated statically.
38 */
39 static char NEGOTIATE_GSS_HEADER[AUTH_GSS_LENGTH] = {
40 #ifdef CONFIG_SMB_SERVER_KERBEROS5
41 0x60, 0x5e, 0x06, 0x06, 0x2b, 0x06, 0x01, 0x05,
42 0x05, 0x02, 0xa0, 0x54, 0x30, 0x52, 0xa0, 0x24,
43 0x30, 0x22, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
44 0xf7, 0x12, 0x01, 0x02, 0x02, 0x06, 0x09, 0x2a,
45 0x86, 0x48, 0x82, 0xf7, 0x12, 0x01, 0x02, 0x02,
46 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82,
47 0x37, 0x02, 0x02, 0x0a, 0xa3, 0x2a, 0x30, 0x28,
48 0xa0, 0x26, 0x1b, 0x24, 0x6e, 0x6f, 0x74, 0x5f,
49 0x64, 0x65, 0x66, 0x69, 0x6e, 0x65, 0x64, 0x5f,
50 0x69, 0x6e, 0x5f, 0x52, 0x46, 0x43, 0x34, 0x31,
51 0x37, 0x38, 0x40, 0x70, 0x6c, 0x65, 0x61, 0x73,
52 0x65, 0x5f, 0x69, 0x67, 0x6e, 0x6f, 0x72, 0x65
53 #else
54 0x60, 0x48, 0x06, 0x06, 0x2b, 0x06, 0x01, 0x05,
55 0x05, 0x02, 0xa0, 0x3e, 0x30, 0x3c, 0xa0, 0x0e,
56 0x30, 0x0c, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04,
57 0x01, 0x82, 0x37, 0x02, 0x02, 0x0a, 0xa3, 0x2a,
58 0x30, 0x28, 0xa0, 0x26, 0x1b, 0x24, 0x6e, 0x6f,
59 0x74, 0x5f, 0x64, 0x65, 0x66, 0x69, 0x6e, 0x65,
60 0x64, 0x5f, 0x69, 0x6e, 0x5f, 0x52, 0x46, 0x43,
61 0x34, 0x31, 0x37, 0x38, 0x40, 0x70, 0x6c, 0x65,
62 0x61, 0x73, 0x65, 0x5f, 0x69, 0x67, 0x6e, 0x6f,
63 0x72, 0x65
64 #endif
65 };
66
ksmbd_copy_gss_neg_header(void * buf)67 void ksmbd_copy_gss_neg_header(void *buf)
68 {
69 memcpy(buf, NEGOTIATE_GSS_HEADER, AUTH_GSS_LENGTH);
70 }
71
72 /**
73 * ksmbd_gen_sess_key() - function to generate session key
74 * @sess: session of connection
75 * @hash: source hash value to be used for find session key
76 * @hmac: source hmac value to be used for finding session key
77 *
78 */
ksmbd_gen_sess_key(struct ksmbd_session * sess,char * hash,char * hmac)79 static int ksmbd_gen_sess_key(struct ksmbd_session *sess, char *hash,
80 char *hmac)
81 {
82 struct ksmbd_crypto_ctx *ctx;
83 int rc;
84
85 ctx = ksmbd_crypto_ctx_find_hmacmd5();
86 if (!ctx) {
87 ksmbd_debug(AUTH, "could not crypto alloc hmacmd5\n");
88 return -ENOMEM;
89 }
90
91 rc = crypto_shash_setkey(CRYPTO_HMACMD5_TFM(ctx),
92 hash,
93 CIFS_HMAC_MD5_HASH_SIZE);
94 if (rc) {
95 ksmbd_debug(AUTH, "hmacmd5 set key fail error %d\n", rc);
96 goto out;
97 }
98
99 rc = crypto_shash_init(CRYPTO_HMACMD5(ctx));
100 if (rc) {
101 ksmbd_debug(AUTH, "could not init hmacmd5 error %d\n", rc);
102 goto out;
103 }
104
105 rc = crypto_shash_update(CRYPTO_HMACMD5(ctx),
106 hmac,
107 SMB2_NTLMV2_SESSKEY_SIZE);
108 if (rc) {
109 ksmbd_debug(AUTH, "Could not update with response error %d\n", rc);
110 goto out;
111 }
112
113 rc = crypto_shash_final(CRYPTO_HMACMD5(ctx), sess->sess_key);
114 if (rc) {
115 ksmbd_debug(AUTH, "Could not generate hmacmd5 hash error %d\n", rc);
116 goto out;
117 }
118
119 out:
120 ksmbd_release_crypto_ctx(ctx);
121 return rc;
122 }
123
calc_ntlmv2_hash(struct ksmbd_conn * conn,struct ksmbd_session * sess,char * ntlmv2_hash,char * dname)124 static int calc_ntlmv2_hash(struct ksmbd_conn *conn, struct ksmbd_session *sess,
125 char *ntlmv2_hash, char *dname)
126 {
127 int ret, len, conv_len;
128 wchar_t *domain = NULL;
129 __le16 *uniname = NULL;
130 struct ksmbd_crypto_ctx *ctx;
131
132 ctx = ksmbd_crypto_ctx_find_hmacmd5();
133 if (!ctx) {
134 ksmbd_debug(AUTH, "can't generate ntlmv2 hash\n");
135 return -ENOMEM;
136 }
137
138 ret = crypto_shash_setkey(CRYPTO_HMACMD5_TFM(ctx),
139 user_passkey(sess->user),
140 CIFS_ENCPWD_SIZE);
141 if (ret) {
142 ksmbd_debug(AUTH, "Could not set NT Hash as a key\n");
143 goto out;
144 }
145
146 ret = crypto_shash_init(CRYPTO_HMACMD5(ctx));
147 if (ret) {
148 ksmbd_debug(AUTH, "could not init hmacmd5\n");
149 goto out;
150 }
151
152 /* convert user_name to unicode */
153 len = strlen(user_name(sess->user));
154 uniname = kzalloc(2 + UNICODE_LEN(len), GFP_KERNEL);
155 if (!uniname) {
156 ret = -ENOMEM;
157 goto out;
158 }
159
160 conv_len = smb_strtoUTF16(uniname, user_name(sess->user), len,
161 conn->local_nls);
162 if (conv_len < 0 || conv_len > len) {
163 ret = -EINVAL;
164 goto out;
165 }
166 UniStrupr(uniname);
167
168 ret = crypto_shash_update(CRYPTO_HMACMD5(ctx),
169 (char *)uniname,
170 UNICODE_LEN(conv_len));
171 if (ret) {
172 ksmbd_debug(AUTH, "Could not update with user\n");
173 goto out;
174 }
175
176 /* Convert domain name or conn name to unicode and uppercase */
177 len = strlen(dname);
178 domain = kzalloc(2 + UNICODE_LEN(len), GFP_KERNEL);
179 if (!domain) {
180 ret = -ENOMEM;
181 goto out;
182 }
183
184 conv_len = smb_strtoUTF16((__le16 *)domain, dname, len,
185 conn->local_nls);
186 if (conv_len < 0 || conv_len > len) {
187 ret = -EINVAL;
188 goto out;
189 }
190
191 ret = crypto_shash_update(CRYPTO_HMACMD5(ctx),
192 (char *)domain,
193 UNICODE_LEN(conv_len));
194 if (ret) {
195 ksmbd_debug(AUTH, "Could not update with domain\n");
196 goto out;
197 }
198
199 ret = crypto_shash_final(CRYPTO_HMACMD5(ctx), ntlmv2_hash);
200 if (ret)
201 ksmbd_debug(AUTH, "Could not generate md5 hash\n");
202 out:
203 kfree(uniname);
204 kfree(domain);
205 ksmbd_release_crypto_ctx(ctx);
206 return ret;
207 }
208
209 /**
210 * ksmbd_auth_ntlmv2() - NTLMv2 authentication handler
211 * @sess: session of connection
212 * @ntlmv2: NTLMv2 challenge response
213 * @blen: NTLMv2 blob length
214 * @domain_name: domain name
215 *
216 * Return: 0 on success, error number on error
217 */
ksmbd_auth_ntlmv2(struct ksmbd_conn * conn,struct ksmbd_session * sess,struct ntlmv2_resp * ntlmv2,int blen,char * domain_name,char * cryptkey)218 int ksmbd_auth_ntlmv2(struct ksmbd_conn *conn, struct ksmbd_session *sess,
219 struct ntlmv2_resp *ntlmv2, int blen, char *domain_name,
220 char *cryptkey)
221 {
222 char ntlmv2_hash[CIFS_ENCPWD_SIZE];
223 char ntlmv2_rsp[CIFS_HMAC_MD5_HASH_SIZE];
224 struct ksmbd_crypto_ctx *ctx;
225 char *construct = NULL;
226 int rc, len;
227
228 ctx = ksmbd_crypto_ctx_find_hmacmd5();
229 if (!ctx) {
230 ksmbd_debug(AUTH, "could not crypto alloc hmacmd5\n");
231 return -ENOMEM;
232 }
233
234 rc = calc_ntlmv2_hash(conn, sess, ntlmv2_hash, domain_name);
235 if (rc) {
236 ksmbd_debug(AUTH, "could not get v2 hash rc %d\n", rc);
237 goto out;
238 }
239
240 rc = crypto_shash_setkey(CRYPTO_HMACMD5_TFM(ctx),
241 ntlmv2_hash,
242 CIFS_HMAC_MD5_HASH_SIZE);
243 if (rc) {
244 ksmbd_debug(AUTH, "Could not set NTLMV2 Hash as a key\n");
245 goto out;
246 }
247
248 rc = crypto_shash_init(CRYPTO_HMACMD5(ctx));
249 if (rc) {
250 ksmbd_debug(AUTH, "Could not init hmacmd5\n");
251 goto out;
252 }
253
254 len = CIFS_CRYPTO_KEY_SIZE + blen;
255 construct = kzalloc(len, GFP_KERNEL);
256 if (!construct) {
257 rc = -ENOMEM;
258 goto out;
259 }
260
261 memcpy(construct, cryptkey, CIFS_CRYPTO_KEY_SIZE);
262 memcpy(construct + CIFS_CRYPTO_KEY_SIZE, &ntlmv2->blob_signature, blen);
263
264 rc = crypto_shash_update(CRYPTO_HMACMD5(ctx), construct, len);
265 if (rc) {
266 ksmbd_debug(AUTH, "Could not update with response\n");
267 goto out;
268 }
269
270 rc = crypto_shash_final(CRYPTO_HMACMD5(ctx), ntlmv2_rsp);
271 if (rc) {
272 ksmbd_debug(AUTH, "Could not generate md5 hash\n");
273 goto out;
274 }
275
276 rc = ksmbd_gen_sess_key(sess, ntlmv2_hash, ntlmv2_rsp);
277 if (rc) {
278 ksmbd_debug(AUTH, "Could not generate sess key\n");
279 goto out;
280 }
281
282 if (memcmp(ntlmv2->ntlmv2_hash, ntlmv2_rsp, CIFS_HMAC_MD5_HASH_SIZE) != 0)
283 rc = -EINVAL;
284 out:
285 ksmbd_release_crypto_ctx(ctx);
286 kfree(construct);
287 return rc;
288 }
289
290 /**
291 * ksmbd_decode_ntlmssp_auth_blob() - helper function to construct
292 * authenticate blob
293 * @authblob: authenticate blob source pointer
294 * @usr: user details
295 * @sess: session of connection
296 *
297 * Return: 0 on success, error number on error
298 */
ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message * authblob,int blob_len,struct ksmbd_conn * conn,struct ksmbd_session * sess)299 int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob,
300 int blob_len, struct ksmbd_conn *conn,
301 struct ksmbd_session *sess)
302 {
303 char *domain_name;
304 unsigned int nt_off, dn_off;
305 unsigned short nt_len, dn_len;
306 int ret;
307
308 if (blob_len < sizeof(struct authenticate_message)) {
309 ksmbd_debug(AUTH, "negotiate blob len %d too small\n",
310 blob_len);
311 return -EINVAL;
312 }
313
314 if (memcmp(authblob->Signature, "NTLMSSP", 8)) {
315 ksmbd_debug(AUTH, "blob signature incorrect %s\n",
316 authblob->Signature);
317 return -EINVAL;
318 }
319
320 nt_off = le32_to_cpu(authblob->NtChallengeResponse.BufferOffset);
321 nt_len = le16_to_cpu(authblob->NtChallengeResponse.Length);
322 dn_off = le32_to_cpu(authblob->DomainName.BufferOffset);
323 dn_len = le16_to_cpu(authblob->DomainName.Length);
324
325 if (blob_len < (u64)dn_off + dn_len || blob_len < (u64)nt_off + nt_len)
326 return -EINVAL;
327
328 /* TODO : use domain name that imported from configuration file */
329 domain_name = smb_strndup_from_utf16((const char *)authblob + dn_off,
330 dn_len, true, conn->local_nls);
331 if (IS_ERR(domain_name))
332 return PTR_ERR(domain_name);
333
334 /* process NTLMv2 authentication */
335 ksmbd_debug(AUTH, "decode_ntlmssp_authenticate_blob dname%s\n",
336 domain_name);
337 ret = ksmbd_auth_ntlmv2(conn, sess,
338 (struct ntlmv2_resp *)((char *)authblob + nt_off),
339 nt_len - CIFS_ENCPWD_SIZE,
340 domain_name, conn->ntlmssp.cryptkey);
341 kfree(domain_name);
342
343 /* The recovered secondary session key */
344 if (conn->ntlmssp.client_flags & NTLMSSP_NEGOTIATE_KEY_XCH) {
345 struct arc4_ctx *ctx_arc4;
346 unsigned int sess_key_off, sess_key_len;
347
348 sess_key_off = le32_to_cpu(authblob->SessionKey.BufferOffset);
349 sess_key_len = le16_to_cpu(authblob->SessionKey.Length);
350
351 if (blob_len < (u64)sess_key_off + sess_key_len)
352 return -EINVAL;
353
354 ctx_arc4 = kmalloc(sizeof(*ctx_arc4), GFP_KERNEL);
355 if (!ctx_arc4)
356 return -ENOMEM;
357
358 cifs_arc4_setkey(ctx_arc4, sess->sess_key,
359 SMB2_NTLMV2_SESSKEY_SIZE);
360 cifs_arc4_crypt(ctx_arc4, sess->sess_key,
361 (char *)authblob + sess_key_off, sess_key_len);
362 kfree_sensitive(ctx_arc4);
363 }
364
365 return ret;
366 }
367
368 /**
369 * ksmbd_decode_ntlmssp_neg_blob() - helper function to construct
370 * negotiate blob
371 * @negblob: negotiate blob source pointer
372 * @rsp: response header pointer to be updated
373 * @sess: session of connection
374 *
375 */
ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message * negblob,int blob_len,struct ksmbd_conn * conn)376 int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob,
377 int blob_len, struct ksmbd_conn *conn)
378 {
379 if (blob_len < sizeof(struct negotiate_message)) {
380 ksmbd_debug(AUTH, "negotiate blob len %d too small\n",
381 blob_len);
382 return -EINVAL;
383 }
384
385 if (memcmp(negblob->Signature, "NTLMSSP", 8)) {
386 ksmbd_debug(AUTH, "blob signature incorrect %s\n",
387 negblob->Signature);
388 return -EINVAL;
389 }
390
391 conn->ntlmssp.client_flags = le32_to_cpu(negblob->NegotiateFlags);
392 return 0;
393 }
394
395 /**
396 * ksmbd_build_ntlmssp_challenge_blob() - helper function to construct
397 * challenge blob
398 * @chgblob: challenge blob source pointer to initialize
399 * @rsp: response header pointer to be updated
400 * @sess: session of connection
401 *
402 */
403 unsigned int
ksmbd_build_ntlmssp_challenge_blob(struct challenge_message * chgblob,struct ksmbd_conn * conn)404 ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,
405 struct ksmbd_conn *conn)
406 {
407 struct target_info *tinfo;
408 wchar_t *name;
409 __u8 *target_name;
410 unsigned int flags, blob_off, blob_len, type, target_info_len = 0;
411 int len, uni_len, conv_len;
412 int cflags = conn->ntlmssp.client_flags;
413
414 memcpy(chgblob->Signature, NTLMSSP_SIGNATURE, 8);
415 chgblob->MessageType = NtLmChallenge;
416
417 flags = NTLMSSP_NEGOTIATE_UNICODE |
418 NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_TARGET_TYPE_SERVER |
419 NTLMSSP_NEGOTIATE_TARGET_INFO;
420
421 if (cflags & NTLMSSP_NEGOTIATE_SIGN) {
422 flags |= NTLMSSP_NEGOTIATE_SIGN;
423 flags |= cflags & (NTLMSSP_NEGOTIATE_128 |
424 NTLMSSP_NEGOTIATE_56);
425 }
426
427 if (cflags & NTLMSSP_NEGOTIATE_SEAL && smb3_encryption_negotiated(conn))
428 flags |= NTLMSSP_NEGOTIATE_SEAL;
429
430 if (cflags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN)
431 flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
432
433 if (cflags & NTLMSSP_REQUEST_TARGET)
434 flags |= NTLMSSP_REQUEST_TARGET;
435
436 if (conn->use_spnego &&
437 (cflags & NTLMSSP_NEGOTIATE_EXTENDED_SEC))
438 flags |= NTLMSSP_NEGOTIATE_EXTENDED_SEC;
439
440 if (cflags & NTLMSSP_NEGOTIATE_KEY_XCH)
441 flags |= NTLMSSP_NEGOTIATE_KEY_XCH;
442
443 chgblob->NegotiateFlags = cpu_to_le32(flags);
444 len = strlen(ksmbd_netbios_name());
445 name = kmalloc(2 + UNICODE_LEN(len), GFP_KERNEL);
446 if (!name)
447 return -ENOMEM;
448
449 conv_len = smb_strtoUTF16((__le16 *)name, ksmbd_netbios_name(), len,
450 conn->local_nls);
451 if (conv_len < 0 || conv_len > len) {
452 kfree(name);
453 return -EINVAL;
454 }
455
456 uni_len = UNICODE_LEN(conv_len);
457
458 blob_off = sizeof(struct challenge_message);
459 blob_len = blob_off + uni_len;
460
461 chgblob->TargetName.Length = cpu_to_le16(uni_len);
462 chgblob->TargetName.MaximumLength = cpu_to_le16(uni_len);
463 chgblob->TargetName.BufferOffset = cpu_to_le32(blob_off);
464
465 /* Initialize random conn challenge */
466 get_random_bytes(conn->ntlmssp.cryptkey, sizeof(__u64));
467 memcpy(chgblob->Challenge, conn->ntlmssp.cryptkey,
468 CIFS_CRYPTO_KEY_SIZE);
469
470 /* Add Target Information to security buffer */
471 chgblob->TargetInfoArray.BufferOffset = cpu_to_le32(blob_len);
472
473 target_name = (__u8 *)chgblob + blob_off;
474 memcpy(target_name, name, uni_len);
475 tinfo = (struct target_info *)(target_name + uni_len);
476
477 chgblob->TargetInfoArray.Length = 0;
478 /* Add target info list for NetBIOS/DNS settings */
479 for (type = NTLMSSP_AV_NB_COMPUTER_NAME;
480 type <= NTLMSSP_AV_DNS_DOMAIN_NAME; type++) {
481 tinfo->Type = cpu_to_le16(type);
482 tinfo->Length = cpu_to_le16(uni_len);
483 memcpy(tinfo->Content, name, uni_len);
484 tinfo = (struct target_info *)((char *)tinfo + 4 + uni_len);
485 target_info_len += 4 + uni_len;
486 }
487
488 /* Add terminator subblock */
489 tinfo->Type = 0;
490 tinfo->Length = 0;
491 target_info_len += 4;
492
493 chgblob->TargetInfoArray.Length = cpu_to_le16(target_info_len);
494 chgblob->TargetInfoArray.MaximumLength = cpu_to_le16(target_info_len);
495 blob_len += target_info_len;
496 kfree(name);
497 ksmbd_debug(AUTH, "NTLMSSP SecurityBufferLength %d\n", blob_len);
498 return blob_len;
499 }
500
501 #ifdef CONFIG_SMB_SERVER_KERBEROS5
ksmbd_krb5_authenticate(struct ksmbd_session * sess,char * in_blob,int in_len,char * out_blob,int * out_len)502 int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
503 int in_len, char *out_blob, int *out_len)
504 {
505 struct ksmbd_spnego_authen_response *resp;
506 struct ksmbd_user *user = NULL;
507 int retval;
508
509 resp = ksmbd_ipc_spnego_authen_request(in_blob, in_len);
510 if (!resp) {
511 ksmbd_debug(AUTH, "SPNEGO_AUTHEN_REQUEST failure\n");
512 return -EINVAL;
513 }
514
515 if (!(resp->login_response.status & KSMBD_USER_FLAG_OK)) {
516 ksmbd_debug(AUTH, "krb5 authentication failure\n");
517 retval = -EPERM;
518 goto out;
519 }
520
521 if (*out_len <= resp->spnego_blob_len) {
522 ksmbd_debug(AUTH, "buf len %d, but blob len %d\n",
523 *out_len, resp->spnego_blob_len);
524 retval = -EINVAL;
525 goto out;
526 }
527
528 if (resp->session_key_len > sizeof(sess->sess_key)) {
529 ksmbd_debug(AUTH, "session key is too long\n");
530 retval = -EINVAL;
531 goto out;
532 }
533
534 user = ksmbd_alloc_user(&resp->login_response);
535 if (!user) {
536 ksmbd_debug(AUTH, "login failure\n");
537 retval = -ENOMEM;
538 goto out;
539 }
540 sess->user = user;
541
542 memcpy(sess->sess_key, resp->payload, resp->session_key_len);
543 memcpy(out_blob, resp->payload + resp->session_key_len,
544 resp->spnego_blob_len);
545 *out_len = resp->spnego_blob_len;
546 retval = 0;
547 out:
548 kvfree(resp);
549 return retval;
550 }
551 #else
ksmbd_krb5_authenticate(struct ksmbd_session * sess,char * in_blob,int in_len,char * out_blob,int * out_len)552 int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,
553 int in_len, char *out_blob, int *out_len)
554 {
555 return -EOPNOTSUPP;
556 }
557 #endif
558
559 /**
560 * ksmbd_sign_smb2_pdu() - function to generate packet signing
561 * @conn: connection
562 * @key: signing key
563 * @iov: buffer iov array
564 * @n_vec: number of iovecs
565 * @sig: signature value generated for client request packet
566 *
567 */
ksmbd_sign_smb2_pdu(struct ksmbd_conn * conn,char * key,struct kvec * iov,int n_vec,char * sig)568 int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
569 int n_vec, char *sig)
570 {
571 struct ksmbd_crypto_ctx *ctx;
572 int rc, i;
573
574 ctx = ksmbd_crypto_ctx_find_hmacsha256();
575 if (!ctx) {
576 ksmbd_debug(AUTH, "could not crypto alloc hmacmd5\n");
577 return -ENOMEM;
578 }
579
580 rc = crypto_shash_setkey(CRYPTO_HMACSHA256_TFM(ctx),
581 key,
582 SMB2_NTLMV2_SESSKEY_SIZE);
583 if (rc)
584 goto out;
585
586 rc = crypto_shash_init(CRYPTO_HMACSHA256(ctx));
587 if (rc) {
588 ksmbd_debug(AUTH, "hmacsha256 init error %d\n", rc);
589 goto out;
590 }
591
592 for (i = 0; i < n_vec; i++) {
593 rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx),
594 iov[i].iov_base,
595 iov[i].iov_len);
596 if (rc) {
597 ksmbd_debug(AUTH, "hmacsha256 update error %d\n", rc);
598 goto out;
599 }
600 }
601
602 rc = crypto_shash_final(CRYPTO_HMACSHA256(ctx), sig);
603 if (rc)
604 ksmbd_debug(AUTH, "hmacsha256 generation error %d\n", rc);
605 out:
606 ksmbd_release_crypto_ctx(ctx);
607 return rc;
608 }
609
610 /**
611 * ksmbd_sign_smb3_pdu() - function to generate packet signing
612 * @conn: connection
613 * @key: signing key
614 * @iov: buffer iov array
615 * @n_vec: number of iovecs
616 * @sig: signature value generated for client request packet
617 *
618 */
ksmbd_sign_smb3_pdu(struct ksmbd_conn * conn,char * key,struct kvec * iov,int n_vec,char * sig)619 int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,
620 int n_vec, char *sig)
621 {
622 struct ksmbd_crypto_ctx *ctx;
623 int rc, i;
624
625 ctx = ksmbd_crypto_ctx_find_cmacaes();
626 if (!ctx) {
627 ksmbd_debug(AUTH, "could not crypto alloc cmac\n");
628 return -ENOMEM;
629 }
630
631 rc = crypto_shash_setkey(CRYPTO_CMACAES_TFM(ctx),
632 key,
633 SMB2_CMACAES_SIZE);
634 if (rc)
635 goto out;
636
637 rc = crypto_shash_init(CRYPTO_CMACAES(ctx));
638 if (rc) {
639 ksmbd_debug(AUTH, "cmaces init error %d\n", rc);
640 goto out;
641 }
642
643 for (i = 0; i < n_vec; i++) {
644 rc = crypto_shash_update(CRYPTO_CMACAES(ctx),
645 iov[i].iov_base,
646 iov[i].iov_len);
647 if (rc) {
648 ksmbd_debug(AUTH, "cmaces update error %d\n", rc);
649 goto out;
650 }
651 }
652
653 rc = crypto_shash_final(CRYPTO_CMACAES(ctx), sig);
654 if (rc)
655 ksmbd_debug(AUTH, "cmaces generation error %d\n", rc);
656 out:
657 ksmbd_release_crypto_ctx(ctx);
658 return rc;
659 }
660
661 struct derivation {
662 struct kvec label;
663 struct kvec context;
664 bool binding;
665 };
666
generate_key(struct ksmbd_conn * conn,struct ksmbd_session * sess,struct kvec label,struct kvec context,__u8 * key,unsigned int key_size)667 static int generate_key(struct ksmbd_conn *conn, struct ksmbd_session *sess,
668 struct kvec label, struct kvec context, __u8 *key,
669 unsigned int key_size)
670 {
671 unsigned char zero = 0x0;
672 __u8 i[4] = {0, 0, 0, 1};
673 __u8 L128[4] = {0, 0, 0, 128};
674 __u8 L256[4] = {0, 0, 1, 0};
675 int rc;
676 unsigned char prfhash[SMB2_HMACSHA256_SIZE];
677 unsigned char *hashptr = prfhash;
678 struct ksmbd_crypto_ctx *ctx;
679
680 memset(prfhash, 0x0, SMB2_HMACSHA256_SIZE);
681 memset(key, 0x0, key_size);
682
683 ctx = ksmbd_crypto_ctx_find_hmacsha256();
684 if (!ctx) {
685 ksmbd_debug(AUTH, "could not crypto alloc hmacmd5\n");
686 return -ENOMEM;
687 }
688
689 rc = crypto_shash_setkey(CRYPTO_HMACSHA256_TFM(ctx),
690 sess->sess_key,
691 SMB2_NTLMV2_SESSKEY_SIZE);
692 if (rc)
693 goto smb3signkey_ret;
694
695 rc = crypto_shash_init(CRYPTO_HMACSHA256(ctx));
696 if (rc) {
697 ksmbd_debug(AUTH, "hmacsha256 init error %d\n", rc);
698 goto smb3signkey_ret;
699 }
700
701 rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), i, 4);
702 if (rc) {
703 ksmbd_debug(AUTH, "could not update with n\n");
704 goto smb3signkey_ret;
705 }
706
707 rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx),
708 label.iov_base,
709 label.iov_len);
710 if (rc) {
711 ksmbd_debug(AUTH, "could not update with label\n");
712 goto smb3signkey_ret;
713 }
714
715 rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), &zero, 1);
716 if (rc) {
717 ksmbd_debug(AUTH, "could not update with zero\n");
718 goto smb3signkey_ret;
719 }
720
721 rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx),
722 context.iov_base,
723 context.iov_len);
724 if (rc) {
725 ksmbd_debug(AUTH, "could not update with context\n");
726 goto smb3signkey_ret;
727 }
728
729 if (conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM ||
730 conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM)
731 rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), L256, 4);
732 else
733 rc = crypto_shash_update(CRYPTO_HMACSHA256(ctx), L128, 4);
734 if (rc) {
735 ksmbd_debug(AUTH, "could not update with L\n");
736 goto smb3signkey_ret;
737 }
738
739 rc = crypto_shash_final(CRYPTO_HMACSHA256(ctx), hashptr);
740 if (rc) {
741 ksmbd_debug(AUTH, "Could not generate hmacmd5 hash error %d\n",
742 rc);
743 goto smb3signkey_ret;
744 }
745
746 memcpy(key, hashptr, key_size);
747
748 smb3signkey_ret:
749 ksmbd_release_crypto_ctx(ctx);
750 return rc;
751 }
752
generate_smb3signingkey(struct ksmbd_session * sess,struct ksmbd_conn * conn,const struct derivation * signing)753 static int generate_smb3signingkey(struct ksmbd_session *sess,
754 struct ksmbd_conn *conn,
755 const struct derivation *signing)
756 {
757 int rc;
758 struct channel *chann;
759 char *key;
760
761 chann = lookup_chann_list(sess, conn);
762 if (!chann)
763 return 0;
764
765 if (conn->dialect >= SMB30_PROT_ID && signing->binding)
766 key = chann->smb3signingkey;
767 else
768 key = sess->smb3signingkey;
769
770 rc = generate_key(conn, sess, signing->label, signing->context, key,
771 SMB3_SIGN_KEY_SIZE);
772 if (rc)
773 return rc;
774
775 if (!(conn->dialect >= SMB30_PROT_ID && signing->binding))
776 memcpy(chann->smb3signingkey, key, SMB3_SIGN_KEY_SIZE);
777
778 ksmbd_debug(AUTH, "dumping generated AES signing keys\n");
779 ksmbd_debug(AUTH, "Session Id %llu\n", sess->id);
780 ksmbd_debug(AUTH, "Session Key %*ph\n",
781 SMB2_NTLMV2_SESSKEY_SIZE, sess->sess_key);
782 ksmbd_debug(AUTH, "Signing Key %*ph\n",
783 SMB3_SIGN_KEY_SIZE, key);
784 return 0;
785 }
786
ksmbd_gen_smb30_signingkey(struct ksmbd_session * sess,struct ksmbd_conn * conn)787 int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess,
788 struct ksmbd_conn *conn)
789 {
790 struct derivation d;
791
792 d.label.iov_base = "SMB2AESCMAC";
793 d.label.iov_len = 12;
794 d.context.iov_base = "SmbSign";
795 d.context.iov_len = 8;
796 d.binding = conn->binding;
797
798 return generate_smb3signingkey(sess, conn, &d);
799 }
800
ksmbd_gen_smb311_signingkey(struct ksmbd_session * sess,struct ksmbd_conn * conn)801 int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess,
802 struct ksmbd_conn *conn)
803 {
804 struct derivation d;
805
806 d.label.iov_base = "SMBSigningKey";
807 d.label.iov_len = 14;
808 if (conn->binding) {
809 struct preauth_session *preauth_sess;
810
811 preauth_sess = ksmbd_preauth_session_lookup(conn, sess->id);
812 if (!preauth_sess)
813 return -ENOENT;
814 d.context.iov_base = preauth_sess->Preauth_HashValue;
815 } else {
816 d.context.iov_base = sess->Preauth_HashValue;
817 }
818 d.context.iov_len = 64;
819 d.binding = conn->binding;
820
821 return generate_smb3signingkey(sess, conn, &d);
822 }
823
824 struct derivation_twin {
825 struct derivation encryption;
826 struct derivation decryption;
827 };
828
generate_smb3encryptionkey(struct ksmbd_conn * conn,struct ksmbd_session * sess,const struct derivation_twin * ptwin)829 static int generate_smb3encryptionkey(struct ksmbd_conn *conn,
830 struct ksmbd_session *sess,
831 const struct derivation_twin *ptwin)
832 {
833 int rc;
834
835 rc = generate_key(conn, sess, ptwin->encryption.label,
836 ptwin->encryption.context, sess->smb3encryptionkey,
837 SMB3_ENC_DEC_KEY_SIZE);
838 if (rc)
839 return rc;
840
841 rc = generate_key(conn, sess, ptwin->decryption.label,
842 ptwin->decryption.context,
843 sess->smb3decryptionkey, SMB3_ENC_DEC_KEY_SIZE);
844 if (rc)
845 return rc;
846
847 ksmbd_debug(AUTH, "dumping generated AES encryption keys\n");
848 ksmbd_debug(AUTH, "Cipher type %d\n", conn->cipher_type);
849 ksmbd_debug(AUTH, "Session Id %llu\n", sess->id);
850 ksmbd_debug(AUTH, "Session Key %*ph\n",
851 SMB2_NTLMV2_SESSKEY_SIZE, sess->sess_key);
852 if (conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM ||
853 conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM) {
854 ksmbd_debug(AUTH, "ServerIn Key %*ph\n",
855 SMB3_GCM256_CRYPTKEY_SIZE, sess->smb3encryptionkey);
856 ksmbd_debug(AUTH, "ServerOut Key %*ph\n",
857 SMB3_GCM256_CRYPTKEY_SIZE, sess->smb3decryptionkey);
858 } else {
859 ksmbd_debug(AUTH, "ServerIn Key %*ph\n",
860 SMB3_GCM128_CRYPTKEY_SIZE, sess->smb3encryptionkey);
861 ksmbd_debug(AUTH, "ServerOut Key %*ph\n",
862 SMB3_GCM128_CRYPTKEY_SIZE, sess->smb3decryptionkey);
863 }
864 return 0;
865 }
866
ksmbd_gen_smb30_encryptionkey(struct ksmbd_conn * conn,struct ksmbd_session * sess)867 int ksmbd_gen_smb30_encryptionkey(struct ksmbd_conn *conn,
868 struct ksmbd_session *sess)
869 {
870 struct derivation_twin twin;
871 struct derivation *d;
872
873 d = &twin.encryption;
874 d->label.iov_base = "SMB2AESCCM";
875 d->label.iov_len = 11;
876 d->context.iov_base = "ServerOut";
877 d->context.iov_len = 10;
878
879 d = &twin.decryption;
880 d->label.iov_base = "SMB2AESCCM";
881 d->label.iov_len = 11;
882 d->context.iov_base = "ServerIn ";
883 d->context.iov_len = 10;
884
885 return generate_smb3encryptionkey(conn, sess, &twin);
886 }
887
ksmbd_gen_smb311_encryptionkey(struct ksmbd_conn * conn,struct ksmbd_session * sess)888 int ksmbd_gen_smb311_encryptionkey(struct ksmbd_conn *conn,
889 struct ksmbd_session *sess)
890 {
891 struct derivation_twin twin;
892 struct derivation *d;
893
894 d = &twin.encryption;
895 d->label.iov_base = "SMBS2CCipherKey";
896 d->label.iov_len = 16;
897 d->context.iov_base = sess->Preauth_HashValue;
898 d->context.iov_len = 64;
899
900 d = &twin.decryption;
901 d->label.iov_base = "SMBC2SCipherKey";
902 d->label.iov_len = 16;
903 d->context.iov_base = sess->Preauth_HashValue;
904 d->context.iov_len = 64;
905
906 return generate_smb3encryptionkey(conn, sess, &twin);
907 }
908
ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn * conn,char * buf,__u8 * pi_hash)909 int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf,
910 __u8 *pi_hash)
911 {
912 int rc;
913 struct smb2_hdr *rcv_hdr = smb2_get_msg(buf);
914 char *all_bytes_msg = (char *)&rcv_hdr->ProtocolId;
915 int msg_size = get_rfc1002_len(buf);
916 struct ksmbd_crypto_ctx *ctx = NULL;
917
918 if (conn->preauth_info->Preauth_HashId !=
919 SMB2_PREAUTH_INTEGRITY_SHA512)
920 return -EINVAL;
921
922 ctx = ksmbd_crypto_ctx_find_sha512();
923 if (!ctx) {
924 ksmbd_debug(AUTH, "could not alloc sha512\n");
925 return -ENOMEM;
926 }
927
928 rc = crypto_shash_init(CRYPTO_SHA512(ctx));
929 if (rc) {
930 ksmbd_debug(AUTH, "could not init shashn");
931 goto out;
932 }
933
934 rc = crypto_shash_update(CRYPTO_SHA512(ctx), pi_hash, 64);
935 if (rc) {
936 ksmbd_debug(AUTH, "could not update with n\n");
937 goto out;
938 }
939
940 rc = crypto_shash_update(CRYPTO_SHA512(ctx), all_bytes_msg, msg_size);
941 if (rc) {
942 ksmbd_debug(AUTH, "could not update with n\n");
943 goto out;
944 }
945
946 rc = crypto_shash_final(CRYPTO_SHA512(ctx), pi_hash);
947 if (rc) {
948 ksmbd_debug(AUTH, "Could not generate hash err : %d\n", rc);
949 goto out;
950 }
951 out:
952 ksmbd_release_crypto_ctx(ctx);
953 return rc;
954 }
955
ksmbd_gen_sd_hash(struct ksmbd_conn * conn,char * sd_buf,int len,__u8 * pi_hash)956 int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len,
957 __u8 *pi_hash)
958 {
959 int rc;
960 struct ksmbd_crypto_ctx *ctx = NULL;
961
962 ctx = ksmbd_crypto_ctx_find_sha256();
963 if (!ctx) {
964 ksmbd_debug(AUTH, "could not alloc sha256\n");
965 return -ENOMEM;
966 }
967
968 rc = crypto_shash_init(CRYPTO_SHA256(ctx));
969 if (rc) {
970 ksmbd_debug(AUTH, "could not init shashn");
971 goto out;
972 }
973
974 rc = crypto_shash_update(CRYPTO_SHA256(ctx), sd_buf, len);
975 if (rc) {
976 ksmbd_debug(AUTH, "could not update with n\n");
977 goto out;
978 }
979
980 rc = crypto_shash_final(CRYPTO_SHA256(ctx), pi_hash);
981 if (rc) {
982 ksmbd_debug(AUTH, "Could not generate hash err : %d\n", rc);
983 goto out;
984 }
985 out:
986 ksmbd_release_crypto_ctx(ctx);
987 return rc;
988 }
989
ksmbd_get_encryption_key(struct ksmbd_work * work,__u64 ses_id,int enc,u8 * key)990 static int ksmbd_get_encryption_key(struct ksmbd_work *work, __u64 ses_id,
991 int enc, u8 *key)
992 {
993 struct ksmbd_session *sess;
994 u8 *ses_enc_key;
995
996 if (enc)
997 sess = work->sess;
998 else
999 sess = ksmbd_session_lookup_all(work->conn, ses_id);
1000 if (!sess)
1001 return -EINVAL;
1002
1003 ses_enc_key = enc ? sess->smb3encryptionkey :
1004 sess->smb3decryptionkey;
1005 memcpy(key, ses_enc_key, SMB3_ENC_DEC_KEY_SIZE);
1006
1007 return 0;
1008 }
1009
smb2_sg_set_buf(struct scatterlist * sg,const void * buf,unsigned int buflen)1010 static inline void smb2_sg_set_buf(struct scatterlist *sg, const void *buf,
1011 unsigned int buflen)
1012 {
1013 void *addr;
1014
1015 if (is_vmalloc_addr(buf))
1016 addr = vmalloc_to_page(buf);
1017 else
1018 addr = virt_to_page(buf);
1019 sg_set_page(sg, addr, buflen, offset_in_page(buf));
1020 }
1021
ksmbd_init_sg(struct kvec * iov,unsigned int nvec,u8 * sign)1022 static struct scatterlist *ksmbd_init_sg(struct kvec *iov, unsigned int nvec,
1023 u8 *sign)
1024 {
1025 struct scatterlist *sg;
1026 unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 20;
1027 int i, nr_entries[3] = {0}, total_entries = 0, sg_idx = 0;
1028
1029 if (!nvec)
1030 return NULL;
1031
1032 for (i = 0; i < nvec - 1; i++) {
1033 unsigned long kaddr = (unsigned long)iov[i + 1].iov_base;
1034
1035 if (is_vmalloc_addr(iov[i + 1].iov_base)) {
1036 nr_entries[i] = ((kaddr + iov[i + 1].iov_len +
1037 PAGE_SIZE - 1) >> PAGE_SHIFT) -
1038 (kaddr >> PAGE_SHIFT);
1039 } else {
1040 nr_entries[i]++;
1041 }
1042 total_entries += nr_entries[i];
1043 }
1044
1045 /* Add two entries for transform header and signature */
1046 total_entries += 2;
1047
1048 sg = kmalloc_array(total_entries, sizeof(struct scatterlist), GFP_KERNEL);
1049 if (!sg)
1050 return NULL;
1051
1052 sg_init_table(sg, total_entries);
1053 smb2_sg_set_buf(&sg[sg_idx++], iov[0].iov_base + 24, assoc_data_len);
1054 for (i = 0; i < nvec - 1; i++) {
1055 void *data = iov[i + 1].iov_base;
1056 int len = iov[i + 1].iov_len;
1057
1058 if (is_vmalloc_addr(data)) {
1059 int j, offset = offset_in_page(data);
1060
1061 for (j = 0; j < nr_entries[i]; j++) {
1062 unsigned int bytes = PAGE_SIZE - offset;
1063
1064 if (!len)
1065 break;
1066
1067 if (bytes > len)
1068 bytes = len;
1069
1070 sg_set_page(&sg[sg_idx++],
1071 vmalloc_to_page(data), bytes,
1072 offset_in_page(data));
1073
1074 data += bytes;
1075 len -= bytes;
1076 offset = 0;
1077 }
1078 } else {
1079 sg_set_page(&sg[sg_idx++], virt_to_page(data), len,
1080 offset_in_page(data));
1081 }
1082 }
1083 smb2_sg_set_buf(&sg[sg_idx], sign, SMB2_SIGNATURE_SIZE);
1084 return sg;
1085 }
1086
ksmbd_crypt_message(struct ksmbd_work * work,struct kvec * iov,unsigned int nvec,int enc)1087 int ksmbd_crypt_message(struct ksmbd_work *work, struct kvec *iov,
1088 unsigned int nvec, int enc)
1089 {
1090 struct ksmbd_conn *conn = work->conn;
1091 struct smb2_transform_hdr *tr_hdr = smb2_get_msg(iov[0].iov_base);
1092 unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 20;
1093 int rc;
1094 struct scatterlist *sg;
1095 u8 sign[SMB2_SIGNATURE_SIZE] = {};
1096 u8 key[SMB3_ENC_DEC_KEY_SIZE];
1097 struct aead_request *req;
1098 char *iv;
1099 unsigned int iv_len;
1100 struct crypto_aead *tfm;
1101 unsigned int crypt_len = le32_to_cpu(tr_hdr->OriginalMessageSize);
1102 struct ksmbd_crypto_ctx *ctx;
1103
1104 rc = ksmbd_get_encryption_key(work,
1105 le64_to_cpu(tr_hdr->SessionId),
1106 enc,
1107 key);
1108 if (rc) {
1109 pr_err("Could not get %scryption key\n", enc ? "en" : "de");
1110 return rc;
1111 }
1112
1113 if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM ||
1114 conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM)
1115 ctx = ksmbd_crypto_ctx_find_gcm();
1116 else
1117 ctx = ksmbd_crypto_ctx_find_ccm();
1118 if (!ctx) {
1119 pr_err("crypto alloc failed\n");
1120 return -ENOMEM;
1121 }
1122
1123 if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM ||
1124 conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM)
1125 tfm = CRYPTO_GCM(ctx);
1126 else
1127 tfm = CRYPTO_CCM(ctx);
1128
1129 if (conn->cipher_type == SMB2_ENCRYPTION_AES256_CCM ||
1130 conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM)
1131 rc = crypto_aead_setkey(tfm, key, SMB3_GCM256_CRYPTKEY_SIZE);
1132 else
1133 rc = crypto_aead_setkey(tfm, key, SMB3_GCM128_CRYPTKEY_SIZE);
1134 if (rc) {
1135 pr_err("Failed to set aead key %d\n", rc);
1136 goto free_ctx;
1137 }
1138
1139 rc = crypto_aead_setauthsize(tfm, SMB2_SIGNATURE_SIZE);
1140 if (rc) {
1141 pr_err("Failed to set authsize %d\n", rc);
1142 goto free_ctx;
1143 }
1144
1145 req = aead_request_alloc(tfm, GFP_KERNEL);
1146 if (!req) {
1147 rc = -ENOMEM;
1148 goto free_ctx;
1149 }
1150
1151 if (!enc) {
1152 memcpy(sign, &tr_hdr->Signature, SMB2_SIGNATURE_SIZE);
1153 crypt_len += SMB2_SIGNATURE_SIZE;
1154 }
1155
1156 sg = ksmbd_init_sg(iov, nvec, sign);
1157 if (!sg) {
1158 pr_err("Failed to init sg\n");
1159 rc = -ENOMEM;
1160 goto free_req;
1161 }
1162
1163 iv_len = crypto_aead_ivsize(tfm);
1164 iv = kzalloc(iv_len, GFP_KERNEL);
1165 if (!iv) {
1166 rc = -ENOMEM;
1167 goto free_sg;
1168 }
1169
1170 if (conn->cipher_type == SMB2_ENCRYPTION_AES128_GCM ||
1171 conn->cipher_type == SMB2_ENCRYPTION_AES256_GCM) {
1172 memcpy(iv, (char *)tr_hdr->Nonce, SMB3_AES_GCM_NONCE);
1173 } else {
1174 iv[0] = 3;
1175 memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES_CCM_NONCE);
1176 }
1177
1178 aead_request_set_crypt(req, sg, sg, crypt_len, iv);
1179 aead_request_set_ad(req, assoc_data_len);
1180 aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL);
1181
1182 if (enc)
1183 rc = crypto_aead_encrypt(req);
1184 else
1185 rc = crypto_aead_decrypt(req);
1186 if (rc)
1187 goto free_iv;
1188
1189 if (enc)
1190 memcpy(&tr_hdr->Signature, sign, SMB2_SIGNATURE_SIZE);
1191
1192 free_iv:
1193 kfree(iv);
1194 free_sg:
1195 kfree(sg);
1196 free_req:
1197 kfree(req);
1198 free_ctx:
1199 ksmbd_release_crypto_ctx(ctx);
1200 return rc;
1201 }
1202
