diff options
| author | Chuck Lever <chuck.lever@oracle.com> | 2024-03-21 11:21:47 -0400 |
|---|---|---|
| committer | Chuck Lever <chuck.lever@oracle.com> | 2024-03-22 09:52:00 -0400 |
| commit | 6978bd6a913825eaf06629a02fc820d240d5fec6 (patch) | |
| tree | 87b62408b20438b9a78cfa4d497142335e1e5857 | |
| parent | 9fe6e9e7b58944037714442384075c17cfde1c56 (diff) | |
| download | linux-6978bd6a913825eaf06629a02fc820d240d5fec6.tar.gz | |
SUNRPC: Revert 561141dd494382217bace4d1a51d08168420eace
Scott reports an occasional scatterlist BUG that is triggered by the
RFC 8009 Kunit test, then says:
> Looking through the git history of the auth_gss code, there are various
> places where static buffers were replaced by dynamically allocated ones
> because they're being used with scatterlists.
Reported-by: Scott Mayhew <smayhew@redhat.com>
Fixes: 561141dd4943 ("SUNRPC: Use a static buffer for the checksum initialization vector")
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
| -rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_crypto.c | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c index b2c1b683a88ee..d2b02710ab070 100644 --- a/net/sunrpc/auth_gss/gss_krb5_crypto.c +++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c @@ -921,8 +921,6 @@ out_err: * Caller provides the truncation length of the output token (h) in * cksumout.len. * - * Note that for RPCSEC, the "initial cipher state" is always all zeroes. - * * Return values: * %GSS_S_COMPLETE: Digest computed, @cksumout filled in * %GSS_S_FAILURE: Call failed @@ -933,19 +931,22 @@ u32 krb5_etm_checksum(struct crypto_sync_skcipher *cipher, int body_offset, struct xdr_netobj *cksumout) { unsigned int ivsize = crypto_sync_skcipher_ivsize(cipher); - static const u8 iv[GSS_KRB5_MAX_BLOCKSIZE]; struct ahash_request *req; struct scatterlist sg[1]; + u8 *iv, *checksumdata; int err = -ENOMEM; - u8 *checksumdata; checksumdata = kmalloc(crypto_ahash_digestsize(tfm), GFP_KERNEL); if (!checksumdata) return GSS_S_FAILURE; + /* For RPCSEC, the "initial cipher state" is always all zeroes. */ + iv = kzalloc(ivsize, GFP_KERNEL); + if (!iv) + goto out_free_mem; req = ahash_request_alloc(tfm, GFP_KERNEL); if (!req) - goto out_free_cksumdata; + goto out_free_mem; ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL); err = crypto_ahash_init(req); if (err) @@ -969,7 +970,8 @@ u32 krb5_etm_checksum(struct crypto_sync_skcipher *cipher, out_free_ahash: ahash_request_free(req); -out_free_cksumdata: +out_free_mem: + kfree(iv); kfree_sensitive(checksumdata); return err ? GSS_S_FAILURE : GSS_S_COMPLETE; } |