Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2231473/?format=api
{ "id": 2231473, "url": "http://patchwork.ozlabs.org/api/patches/2231473/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linux-cifs-client/patch/20260430-kerbmi-v2-1-0b98fe250425@microsoft.com/", "project": { "id": 12, "url": "http://patchwork.ozlabs.org/api/projects/12/?format=api", "name": "Linux CIFS Client", "link_name": "linux-cifs-client", "list_id": "linux-cifs.vger.kernel.org", "list_email": "linux-cifs@vger.kernel.org", "web_url": "", "scm_url": "", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260430-kerbmi-v2-1-0b98fe250425@microsoft.com>", "list_archive_url": null, "date": "2026-04-30T17:48:23", "name": "[v2,1/2] smb: client: Use FullSessionKey for AES-256 encryption key derivation", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "701badbbb70d5f75138a32e34de4ed66df2fd428", "submitter": { "id": 92318, "url": "http://patchwork.ozlabs.org/api/people/92318/?format=api", "name": "Piyush Sachdeva", "email": "s.piyush1024@gmail.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/linux-cifs-client/patch/20260430-kerbmi-v2-1-0b98fe250425@microsoft.com/mbox/", "series": [ { "id": 502352, "url": "http://patchwork.ozlabs.org/api/series/502352/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linux-cifs-client/list/?series=502352", "date": "2026-04-30T17:48:22", "name": "smb: client: Spec-compliance fixes for Kerberos key derivation", "version": 2, "mbox": "http://patchwork.ozlabs.org/series/502352/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2231473/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2231473/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "\n <linux-cifs+bounces-11312-incoming=patchwork.ozlabs.org@vger.kernel.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "linux-cifs@vger.kernel.org" ], "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256\n header.s=20251104 header.b=Qheco9xl;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=172.234.253.10; helo=sea.lore.kernel.org;\n envelope-from=linux-cifs+bounces-11312-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)", "smtp.subspace.kernel.org;\n\tdkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com\n header.b=\"Qheco9xl\"", "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=209.85.214.179", "smtp.subspace.kernel.org;\n dmarc=pass (p=none dis=none) header.from=gmail.com", "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=gmail.com" ], "Received": [ "from sea.lore.kernel.org (sea.lore.kernel.org [172.234.253.10])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g61vR2LHPz1xqf\n\tfor <incoming@patchwork.ozlabs.org>; Fri, 01 May 2026 03:51:47 +1000 (AEST)", "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby sea.lore.kernel.org (Postfix) with ESMTP id EFA49303CE91\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 30 Apr 2026 17:48:44 +0000 (UTC)", "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 901F22727FD;\n\tThu, 30 Apr 2026 17:48:44 +0000 (UTC)", "from mail-pl1-f179.google.com (mail-pl1-f179.google.com\n [209.85.214.179])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id 22F8F478846\n\tfor <linux-cifs@vger.kernel.org>; Thu, 30 Apr 2026 17:48:43 +0000 (UTC)", "by mail-pl1-f179.google.com with SMTP id\n d9443c01a7336-2a871daa98fso7110585ad.1\n for <linux-cifs@vger.kernel.org>;\n Thu, 30 Apr 2026 10:48:43 -0700 (PDT)", "from localhost ([49.207.150.30])\n by smtp.gmail.com with ESMTPSA id\n d9443c01a7336-2b9caaaec82sm2285365ad.24.2026.04.30.10.48.41\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Thu, 30 Apr 2026 10:48:42 -0700 (PDT)" ], "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1777571324; cv=none;\n b=osBhKX4FoypZp4G8KR2YwVrS51y539IHfNwox3yGHKjbubYmBjIY1GwKz0ScQrxN+8bCGL6qipmcmv3q0Zpm8cXCWi2oidAjMLSuYcqXsLvdiO/1EupItlbS+PuNz2JjoQVdFyGr1/phC/9VbDHRvD5VX8tBnhG7IlXOVAu0Wyw=", "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1777571324; c=relaxed/simple;\n\tbh=0dIn3pRB9mFvWh8+m3Q/ynj13bsM4JgCV1C0hx+Z2lY=;\n\th=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References:\n\t In-Reply-To:To:Cc;\n b=hFeRdaqo48FYHJhUcmiwWj0eInl6WUlu9OORclnbh1efveGMu+yb9Tz8p+03TWeyXh6mw8UY+xidtm+6Hc3cOOkt3tvEsgU2Bbsk71ahvLkTi7gqHUWFYAnc0RPAW525oCowwl8DEeUj/6io4Unfe22F8qSlvN052tdqzLx+vlk=", "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=pass (p=none dis=none) header.from=gmail.com;\n spf=pass smtp.mailfrom=gmail.com;\n dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com\n header.b=Qheco9xl; arc=none smtp.client-ip=209.85.214.179", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=gmail.com; s=20251104; t=1777571322; x=1778176122;\n darn=vger.kernel.org;\n h=cc:to:in-reply-to:references:message-id:content-transfer-encoding\n :mime-version:subject:date:from:from:to:cc:subject:date:message-id\n :reply-to;\n bh=7951eQ/78Es31REawF8+h8DYhmlO7R1alAiqr8CzZJU=;\n b=Qheco9xlqOi6a06wOQTTS2+8a15KwXLDl7LtUdbGnOVwMxP6+6uU6SCj5D8pQoUCiS\n 0Z8mZXynnJXNGUXPcMcx+BHOd9Chc/XQuy1Dc41rlTHd7BKvTqCIJrnAm1UctmuNWWGH\n +bKp1SIV8FB2Z/xIKJzWr2kv8dsE7jdO2T98Kiy0WuupNg0LCfLFD+aY7JI3XleeEV44\n p/C4FpsG5WCfjU9Os4flczfzlnggQTCGGSgeuAIn/lT29E6Jl02IpXWAYxhkUkiXtKEc\n +ZTTNaZioGKzw3Hdze8k+FFkDXyKDU4QXlCZ2t4wsyEKIXeTsfNU10o7t43lxhk51T4B\n QRiw==", "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1777571322; x=1778176122;\n h=cc:to:in-reply-to:references:message-id:content-transfer-encoding\n :mime-version:subject:date:from:x-gm-gg:x-gm-message-state:from:to\n :cc:subject:date:message-id:reply-to;\n bh=7951eQ/78Es31REawF8+h8DYhmlO7R1alAiqr8CzZJU=;\n b=K6LhstxfxBiQRPIm+Vn1vhoqe2BPiUBE5xsQC95w4b1yQebzYsI8FeloxzAY2uUCna\n kfHo0bo3MnjTZOKCfRiJr/EEko4mlFf6eJYJ9sgCRGXnQUmy3LOGSV0BhBKWfpMO9km/\n jDbng6Uc/HWKzPnzsS2d+/tMvwVOwKEl7dIyqjxMo6uzApQAQ7uPaLMf8fZXKe0QTtxU\n gNKtFLGyaBMQJAhKhG/wjhAz3ByWHq3GhcvRWWCErIjx2VqC/8X6mmuXULtPX/v86okM\n EX8/+jJLQXkGdDLbEOsqYliNGUxy1uGnYf16rpEjL3tXKntyQxR+VWFHY1pe1dBFBpk+\n +KKQ==", "X-Forwarded-Encrypted": "i=1;\n AFNElJ+nwz0OrXHmn5Gn45Pg22oTx90CxIegE90lscwI8pPKJRknqPtXmSRzB5g7MVv82atYsvMRGk5N8l1p@vger.kernel.org", "X-Gm-Message-State": "AOJu0YzhgyNbabtVbah/22ap6Zr175v5koxRmJ3nSG1z8at/wnwqd+rI\n\tYW4BNPDoUclL9+zcutDzfRa63gUsW+3TmzmdrWd7wkSUCbkjd77VQErY", "X-Gm-Gg": "AeBDievcFf+pR/i7MswYjE9nbgS1rszODN0JRkNk/UaZ00ORgE9ML5mMs/F+kHtVyj0\n\tW8Vz7yLUy4EPHlY5jLwlJI/BDf2nJXqJvLxL2l2noi4AUFAhcnqhPi6YeEt5rA4iq0Q4OXH6BwC\n\tYHlFmmceKtjw9zfRWkxkjhWciqNyhATUNN/pU0LZjHH+E1HnQfxbeRntHWGgJy0owyx8u91OMjW\n\tdUUhjARZUuYn99gvHL61BZx0vcxPu66N3WSECcjMXDWDKZvuR9cvoZHvEMX3y0bXrZ2x1ltxxxr\n\tkosy2fp8eS+itnCr3eblwle5WfKnsIjTr8vZ7iNbzdOs8t93niwDtgoxBeyoWLUpFk7T06Qta9I\n\tOO34vcn6e146Ef5+M5eBuZuDJV0bBhSCIrcK9rPzHIsqRo7ov4XIeEsVP6v5+ev1GhOA3gD5Rfd\n\tcV2taJLxxPARmpGq+zv+uiAgKg2ZhEIDt4voWWOELRz7DfuxT+8g==", "X-Received": "by 2002:a17:903:24e:b0:2b4:5f69:715d with SMTP id\n d9443c01a7336-2b9a24b3372mr41032065ad.25.1777571322440;\n Thu, 30 Apr 2026 10:48:42 -0700 (PDT)", "From": "Piyush Sachdeva <s.piyush1024@gmail.com>", "X-Google-Original-From": "Piyush Sachdeva <psachdeva@microsoft.com>", "Date": "Thu, 30 Apr 2026 23:18:23 +0530", "Subject": "[PATCH v2 1/2] smb: client: Use FullSessionKey for AES-256\n encryption key derivation", "Precedence": "bulk", "X-Mailing-List": "linux-cifs@vger.kernel.org", "List-Id": "<linux-cifs.vger.kernel.org>", "List-Subscribe": "<mailto:linux-cifs+subscribe@vger.kernel.org>", "List-Unsubscribe": "<mailto:linux-cifs+unsubscribe@vger.kernel.org>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=\"utf-8\"", "Content-Transfer-Encoding": "7bit", "Message-Id": "<20260430-kerbmi-v2-1-0b98fe250425@microsoft.com>", "References": "<20260430-kerbmi-v2-0-0b98fe250425@microsoft.com>", "In-Reply-To": "<20260430-kerbmi-v2-0-0b98fe250425@microsoft.com>", "To": "Steve French <sfrench@samba.org>, linux-cifs@vger.kernel.org,\n Shyam Prasad N <sprasad@microsoft.com>,\n Bharath SM <bharathsm@microsoft.com>", "Cc": "samba-technical@lists.samba.org, linux-kernel@vger.kernel.org,\n vaibsharma@microsoft.com", "X-Mailer": "b4 0.15.2", "X-Developer-Signature": "v=1; a=openpgp-sha256; l=5862;\n i=psachdeva@microsoft.com; h=from:subject:message-id;\n bh=0dIn3pRB9mFvWh8+m3Q/ynj13bsM4JgCV1C0hx+Z2lY=;\n b=owGbwMvMwCV29FJ3ncRHDT/G02pJDJmfp75XTU96ckhn35m+L9G/yne8d9hW9S/K9dxZL02ve\n p1Hh+YIdExkYRDjYrAUU2TZcOKOLG/8Lsl5n54YwcxhZQIZIi3SwAAELAx8uYl5pUY6Rnqm2oZ6\n hkY6BjrGDFycAjDVDyQZGfr+nDiu8t3cNfBnsfEM4SqJ5d76Gttj6rWz9jz9wnio8TAjww+1nX8\n 4pD6ombV+Un8k8EeD4yfvbRaVVY4/P2/X7LpdzQgA", "X-Developer-Key": "i=psachdeva@microsoft.com; a=openpgp;\n fpr=80350F71F916134953C3EB979E19C6F9839C3CFC" }, "content": "When Kerberos authentication is used with AES-256 encryption (AES-256-CCM\nor AES-256-GCM), the SMB3 encryption and decryption keys must be derived\nusing the full session key (Session.FullSessionKey) rather than just the\nfirst 16 bytes (Session.SessionKey).\n\nPer MS-SMB2 section 3.2.5.3.1, when Connection.Dialect is \"3.1.1\" and\nConnection.CipherId is AES-256-CCM or AES-256-GCM, Session.FullSessionKey\nmust be set to the full cryptographic key from the GSS authentication\ncontext. The encryption and decryption key derivation (SMBC2SCipherKey,\nSMBS2CCipherKey) must use this FullSessionKey as the KDF input. The\nsigning key derivation continues to use Session.SessionKey (first 16\nbytes) in all cases.\n\nPreviously, generate_key() hardcoded SMB2_NTLMV2_SESSKEY_SIZE (16) as the\nHMAC-SHA256 key input length for all derivations. When Kerberos with\nAES-256 provides a 32-byte session key, the KDF for encryption/decryption\nwas using only the first 16 bytes, producing keys that did not match the\nserver's, causing mount failures with sec=krb5 and require_gcm_256=1.\n\nAdd a full_key_size parameter to generate_key() and pass the appropriate\nsize from generate_smb3signingkey():\n - Signing: always SMB2_NTLMV2_SESSKEY_SIZE (16 bytes)\n - Encryption/Decryption: ses->auth_key.len when AES-256, otherwise 16\n\nAlso fix cifs_dump_full_key() to report the actual session key length for\nAES-256 instead of hardcoded CIFS_SESS_KEY_SIZE, so that userspace tools\nlike Wireshark receive the correct key for decryption.\n\nSigned-off-by: Piyush Sachdeva <psachdeva@microsoft.com>\nSigned-off-by: Piyush Sachdeva <s.piyush1024@gmail.com>\n---\n fs/smb/client/ioctl.c | 2 +-\n fs/smb/client/smb2transport.c | 35 ++++++++++++++++++++++++++---------\n 2 files changed, 27 insertions(+), 10 deletions(-)", "diff": "diff --git a/fs/smb/client/ioctl.c b/fs/smb/client/ioctl.c\nindex 9afab3237e54..17408bb8ab65 100644\n--- a/fs/smb/client/ioctl.c\n+++ b/fs/smb/client/ioctl.c\n@@ -296,7 +296,7 @@ static int cifs_dump_full_key(struct cifs_tcon *tcon, struct smb3_full_key_debug\n \t\tbreak;\n \tcase SMB2_ENCRYPTION_AES256_CCM:\n \tcase SMB2_ENCRYPTION_AES256_GCM:\n-\t\tout.session_key_length = CIFS_SESS_KEY_SIZE;\n+\t\tout.session_key_length = ses->auth_key.len;\n \t\tout.server_in_key_length = out.server_out_key_length = SMB3_GCM256_CRYPTKEY_SIZE;\n \t\tbreak;\n \tdefault:\ndiff --git a/fs/smb/client/smb2transport.c b/fs/smb/client/smb2transport.c\nindex 41009039b4cb..be421b852246 100644\n--- a/fs/smb/client/smb2transport.c\n+++ b/fs/smb/client/smb2transport.c\n@@ -251,7 +251,8 @@ smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server)\n }\n \n static void generate_key(struct cifs_ses *ses, struct kvec label,\n-\t\t\t struct kvec context, __u8 *key, unsigned int key_size)\n+\t\t\t struct kvec context, __u8 *key, unsigned int key_size,\n+\t\t\t unsigned int full_key_size)\n {\n \tunsigned char zero = 0x0;\n \t__u8 i[4] = {0, 0, 0, 1};\n@@ -265,7 +266,7 @@ static void generate_key(struct cifs_ses *ses, struct kvec label,\n \tmemset(key, 0x0, key_size);\n \n \thmac_sha256_init_usingrawkey(&hmac_ctx, ses->auth_key.response,\n-\t\t\t\t SMB2_NTLMV2_SESSKEY_SIZE);\n+\t\t\t\t full_key_size);\n \thmac_sha256_update(&hmac_ctx, i, 4);\n \thmac_sha256_update(&hmac_ctx, label.iov_base, label.iov_len);\n \thmac_sha256_update(&hmac_ctx, &zero, 1);\n@@ -298,6 +299,7 @@ generate_smb3signingkey(struct cifs_ses *ses,\n \t\t\tstruct TCP_Server_Info *server,\n \t\t\tconst struct derivation_triplet *ptriplet)\n {\n+\tunsigned int full_key_size = SMB2_NTLMV2_SESSKEY_SIZE;\n \tbool is_binding = false;\n \tint chan_index = 0;\n \n@@ -330,12 +332,24 @@ generate_smb3signingkey(struct cifs_ses *ses,\n \tif (is_binding) {\n \t\tgenerate_key(ses, ptriplet->signing.label,\n \t\t\t ptriplet->signing.context,\n-\t\t\t ses->chans[chan_index].signkey,\n-\t\t\t SMB3_SIGN_KEY_SIZE);\n+\t\t\t ses->chans[chan_index].signkey, SMB3_SIGN_KEY_SIZE,\n+\t\t\t SMB2_NTLMV2_SESSKEY_SIZE);\n \t} else {\n \t\tgenerate_key(ses, ptriplet->signing.label,\n-\t\t\t ptriplet->signing.context,\n-\t\t\t ses->smb3signingkey, SMB3_SIGN_KEY_SIZE);\n+\t\t\t ptriplet->signing.context, ses->smb3signingkey,\n+\t\t\t SMB3_SIGN_KEY_SIZE, SMB2_NTLMV2_SESSKEY_SIZE);\n+\n+\t\t/*\n+\t\t * Per MS-SMB2 3.2.5.3.1, signing key always uses Session.SessionKey\n+\t\t * (first 16 bytes). Encryption/decryption keys use\n+\t\t * Session.FullSessionKey when dialect is 3.1.1 and cipher is\n+\t\t * AES-256-CCM or AES-256-GCM, otherwise Session.SessionKey.\n+\t\t */\n+\n+\t\tif (server->dialect == SMB311_PROT_ID &&\n+\t\t (server->cipher_type == SMB2_ENCRYPTION_AES256_CCM ||\n+\t\t server->cipher_type == SMB2_ENCRYPTION_AES256_GCM))\n+\t\t\tfull_key_size = ses->auth_key.len;\n \n \t\t/* safe to access primary channel, since it will never go away */\n \t\tspin_lock(&ses->chan_lock);\n@@ -345,10 +359,13 @@ generate_smb3signingkey(struct cifs_ses *ses,\n \n \t\tgenerate_key(ses, ptriplet->encryption.label,\n \t\t\t ptriplet->encryption.context,\n-\t\t\t ses->smb3encryptionkey, SMB3_ENC_DEC_KEY_SIZE);\n+\t\t\t ses->smb3encryptionkey, SMB3_ENC_DEC_KEY_SIZE,\n+\t\t\t full_key_size);\n+\n \t\tgenerate_key(ses, ptriplet->decryption.label,\n \t\t\t ptriplet->decryption.context,\n-\t\t\t ses->smb3decryptionkey, SMB3_ENC_DEC_KEY_SIZE);\n+\t\t\t ses->smb3decryptionkey, SMB3_ENC_DEC_KEY_SIZE,\n+\t\t\t full_key_size);\n \t}\n \n #ifdef CONFIG_CIFS_DEBUG_DUMP_KEYS\n@@ -361,7 +378,7 @@ generate_smb3signingkey(struct cifs_ses *ses,\n \t\t\t&ses->Suid);\n \tcifs_dbg(VFS, \"Cipher type %d\\n\", server->cipher_type);\n \tcifs_dbg(VFS, \"Session Key %*ph\\n\",\n-\t\t SMB2_NTLMV2_SESSKEY_SIZE, ses->auth_key.response);\n+\t\t ses->auth_key.len, ses->auth_key.response);\n \tcifs_dbg(VFS, \"Signing Key %*ph\\n\",\n \t\t SMB3_SIGN_KEY_SIZE, ses->smb3signingkey);\n \tif ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) ||\n", "prefixes": [ "v2", "1/2" ] }