Commit 0b688cfc authored by Jeff Layton's avatar Jeff Layton Committed by Steve French

cifs: change smb2 signing routines to use smb_rqst structs

Signed-off-by: default avatarJeff Layton <jlayton@redhat.com>
Signed-off-by: default avatarSteve French <smfrench@gmail.com>
parent bf5ea0e2
...@@ -1297,6 +1297,8 @@ smb2_readv_callback(struct mid_q_entry *mid) ...@@ -1297,6 +1297,8 @@ smb2_readv_callback(struct mid_q_entry *mid)
struct TCP_Server_Info *server = tcon->ses->server; struct TCP_Server_Info *server = tcon->ses->server;
struct smb2_hdr *buf = (struct smb2_hdr *)rdata->iov[0].iov_base; struct smb2_hdr *buf = (struct smb2_hdr *)rdata->iov[0].iov_base;
unsigned int credits_received = 1; unsigned int credits_received = 1;
struct smb_rqst rqst = { .rq_iov = rdata->iov,
.rq_nvec = rdata->nr_iov };
cFYI(1, "%s: mid=%llu state=%d result=%d bytes=%u", __func__, cFYI(1, "%s: mid=%llu state=%d result=%d bytes=%u", __func__,
mid->mid, mid->mid_state, rdata->result, rdata->bytes); mid->mid, mid->mid_state, rdata->result, rdata->bytes);
...@@ -1309,8 +1311,7 @@ smb2_readv_callback(struct mid_q_entry *mid) ...@@ -1309,8 +1311,7 @@ smb2_readv_callback(struct mid_q_entry *mid)
(SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) { (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED)) {
int rc; int rc;
rc = smb2_verify_signature2(rdata->iov, rdata->nr_iov, rc = smb2_verify_signature(&rqst, server);
server);
if (rc) if (rc)
cERROR(1, "SMB signature verification returned " cERROR(1, "SMB signature verification returned "
"error = %d", rc); "error = %d", rc);
......
...@@ -26,6 +26,7 @@ ...@@ -26,6 +26,7 @@
#include <linux/key-type.h> #include <linux/key-type.h>
struct statfs; struct statfs;
struct smb_rqst;
/* /*
***************************************************************** *****************************************************************
...@@ -39,8 +40,7 @@ extern char *smb2_get_data_area_len(int *off, int *len, struct smb2_hdr *hdr); ...@@ -39,8 +40,7 @@ extern char *smb2_get_data_area_len(int *off, int *len, struct smb2_hdr *hdr);
extern __le16 *cifs_convert_path_to_utf16(const char *from, extern __le16 *cifs_convert_path_to_utf16(const char *from,
struct cifs_sb_info *cifs_sb); struct cifs_sb_info *cifs_sb);
extern int smb2_verify_signature2(struct kvec *, unsigned int, extern int smb2_verify_signature(struct smb_rqst *, struct TCP_Server_Info *);
struct TCP_Server_Info *);
extern int smb2_check_receive(struct mid_q_entry *mid, extern int smb2_check_receive(struct mid_q_entry *mid,
struct TCP_Server_Info *server, bool log_error); struct TCP_Server_Info *server, bool log_error);
extern int smb2_setup_request(struct cifs_ses *ses, struct kvec *iov, extern int smb2_setup_request(struct cifs_ses *ses, struct kvec *iov,
......
...@@ -39,12 +39,13 @@ ...@@ -39,12 +39,13 @@
#include "smb2glob.h" #include "smb2glob.h"
static int static int
smb2_calc_signature2(const struct kvec *iov, int n_vec, smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)
struct TCP_Server_Info *server)
{ {
int i, rc; int i, rc;
unsigned char smb2_signature[SMB2_HMACSHA256_SIZE]; unsigned char smb2_signature[SMB2_HMACSHA256_SIZE];
unsigned char *sigptr = smb2_signature; unsigned char *sigptr = smb2_signature;
struct kvec *iov = rqst->rq_iov;
int n_vec = rqst->rq_nvec;
struct smb2_hdr *smb2_pdu = (struct smb2_hdr *)iov[0].iov_base; struct smb2_hdr *smb2_pdu = (struct smb2_hdr *)iov[0].iov_base;
memset(smb2_signature, 0x0, SMB2_HMACSHA256_SIZE); memset(smb2_signature, 0x0, SMB2_HMACSHA256_SIZE);
...@@ -106,10 +107,10 @@ smb2_calc_signature2(const struct kvec *iov, int n_vec, ...@@ -106,10 +107,10 @@ smb2_calc_signature2(const struct kvec *iov, int n_vec,
/* must be called with server->srv_mutex held */ /* must be called with server->srv_mutex held */
static int static int
smb2_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server) smb2_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server)
{ {
int rc = 0; int rc = 0;
struct smb2_hdr *smb2_pdu = iov[0].iov_base; struct smb2_hdr *smb2_pdu = rqst->rq_iov[0].iov_base;
if (!(smb2_pdu->Flags & SMB2_FLAGS_SIGNED) || if (!(smb2_pdu->Flags & SMB2_FLAGS_SIGNED) ||
server->tcpStatus == CifsNeedNegotiate) server->tcpStatus == CifsNeedNegotiate)
...@@ -120,18 +121,17 @@ smb2_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server) ...@@ -120,18 +121,17 @@ smb2_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server)
return rc; return rc;
} }
rc = smb2_calc_signature2(iov, n_vec, server); rc = smb2_calc_signature(rqst, server);
return rc; return rc;
} }
int int
smb2_verify_signature2(struct kvec *iov, unsigned int n_vec, smb2_verify_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)
struct TCP_Server_Info *server)
{ {
unsigned int rc; unsigned int rc;
char server_response_sig[16]; char server_response_sig[16];
struct smb2_hdr *smb2_pdu = (struct smb2_hdr *)iov[0].iov_base; struct smb2_hdr *smb2_pdu = (struct smb2_hdr *)rqst->rq_iov[0].iov_base;
if ((smb2_pdu->Command == SMB2_NEGOTIATE) || if ((smb2_pdu->Command == SMB2_NEGOTIATE) ||
(smb2_pdu->Command == SMB2_OPLOCK_BREAK) || (smb2_pdu->Command == SMB2_OPLOCK_BREAK) ||
...@@ -157,7 +157,7 @@ smb2_verify_signature2(struct kvec *iov, unsigned int n_vec, ...@@ -157,7 +157,7 @@ smb2_verify_signature2(struct kvec *iov, unsigned int n_vec,
memset(smb2_pdu->Signature, 0, SMB2_SIGNATURE_SIZE); memset(smb2_pdu->Signature, 0, SMB2_SIGNATURE_SIZE);
mutex_lock(&server->srv_mutex); mutex_lock(&server->srv_mutex);
rc = smb2_calc_signature2(iov, n_vec, server); rc = smb2_calc_signature(rqst, server);
mutex_unlock(&server->srv_mutex); mutex_unlock(&server->srv_mutex);
if (rc) if (rc)
...@@ -170,16 +170,6 @@ smb2_verify_signature2(struct kvec *iov, unsigned int n_vec, ...@@ -170,16 +170,6 @@ smb2_verify_signature2(struct kvec *iov, unsigned int n_vec,
return 0; return 0;
} }
static int
smb2_verify_signature(struct smb2_hdr *smb2_pdu, struct TCP_Server_Info *server)
{
struct kvec iov;
iov.iov_base = (char *)smb2_pdu;
iov.iov_len = get_rfc1002_length(smb2_pdu) + 4;
return smb2_verify_signature2(&iov, 1, server);
}
/* /*
* Set message id for the request. Should be called after wait_for_free_request * Set message id for the request. Should be called after wait_for_free_request
* and when srv_mutex is held. * and when srv_mutex is held.
...@@ -258,6 +248,12 @@ smb2_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server, ...@@ -258,6 +248,12 @@ smb2_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server,
bool log_error) bool log_error)
{ {
unsigned int len = get_rfc1002_length(mid->resp_buf); unsigned int len = get_rfc1002_length(mid->resp_buf);
struct kvec iov;
struct smb_rqst rqst = { .rq_iov = &iov,
.rq_nvec = 1 };
iov.iov_base = (char *)mid->resp_buf;
iov.iov_len = get_rfc1002_length(mid->resp_buf) + 4;
dump_smb(mid->resp_buf, min_t(u32, 80, len)); dump_smb(mid->resp_buf, min_t(u32, 80, len));
/* convert the length into a more usable form */ /* convert the length into a more usable form */
...@@ -265,7 +261,7 @@ smb2_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server, ...@@ -265,7 +261,7 @@ smb2_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server,
(server->sec_mode & (SECMODE_SIGN_REQUIRED|SECMODE_SIGN_ENABLED))) { (server->sec_mode & (SECMODE_SIGN_REQUIRED|SECMODE_SIGN_ENABLED))) {
int rc; int rc;
rc = smb2_verify_signature(mid->resp_buf, server); rc = smb2_verify_signature(&rqst, server);
if (rc) if (rc)
cERROR(1, "SMB signature verification returned error = " cERROR(1, "SMB signature verification returned error = "
"%d", rc); "%d", rc);
...@@ -281,13 +277,15 @@ smb2_setup_request(struct cifs_ses *ses, struct kvec *iov, ...@@ -281,13 +277,15 @@ smb2_setup_request(struct cifs_ses *ses, struct kvec *iov,
int rc; int rc;
struct smb2_hdr *hdr = (struct smb2_hdr *)iov[0].iov_base; struct smb2_hdr *hdr = (struct smb2_hdr *)iov[0].iov_base;
struct mid_q_entry *mid; struct mid_q_entry *mid;
struct smb_rqst rqst = { .rq_iov = iov,
.rq_nvec = nvec };
smb2_seq_num_into_buf(ses->server, hdr); smb2_seq_num_into_buf(ses->server, hdr);
rc = smb2_get_mid_entry(ses, hdr, &mid); rc = smb2_get_mid_entry(ses, hdr, &mid);
if (rc) if (rc)
return rc; return rc;
rc = smb2_sign_smb2(iov, nvec, ses->server); rc = smb2_sign_rqst(&rqst, ses->server);
if (rc) if (rc)
cifs_delete_mid(mid); cifs_delete_mid(mid);
*ret_mid = mid; *ret_mid = mid;
...@@ -301,6 +299,8 @@ smb2_setup_async_request(struct TCP_Server_Info *server, struct kvec *iov, ...@@ -301,6 +299,8 @@ smb2_setup_async_request(struct TCP_Server_Info *server, struct kvec *iov,
int rc = 0; int rc = 0;
struct smb2_hdr *hdr = (struct smb2_hdr *)iov[0].iov_base; struct smb2_hdr *hdr = (struct smb2_hdr *)iov[0].iov_base;
struct mid_q_entry *mid; struct mid_q_entry *mid;
struct smb_rqst rqst = { .rq_iov = iov,
.rq_nvec = nvec };
smb2_seq_num_into_buf(server, hdr); smb2_seq_num_into_buf(server, hdr);
...@@ -308,7 +308,7 @@ smb2_setup_async_request(struct TCP_Server_Info *server, struct kvec *iov, ...@@ -308,7 +308,7 @@ smb2_setup_async_request(struct TCP_Server_Info *server, struct kvec *iov,
if (mid == NULL) if (mid == NULL)
return -ENOMEM; return -ENOMEM;
rc = smb2_sign_smb2(iov, nvec, server); rc = smb2_sign_rqst(&rqst, server);
if (rc) { if (rc) {
DeleteMidQEntry(mid); DeleteMidQEntry(mid);
return rc; return rc;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment