{"id":2224817,"url":"http://patchwork.ozlabs.org/api/patches/2224817/?format=json","web_url":"http://patchwork.ozlabs.org/project/linux-cifs-client/patch/20260418221707.67972-1-ebiggers@kernel.org/","project":{"id":12,"url":"http://patchwork.ozlabs.org/api/projects/12/?format=json","name":"Linux CIFS Client","link_name":"linux-cifs-client","list_id":"linux-cifs.vger.kernel.org","list_email":"linux-cifs@vger.kernel.org","web_url":"","scm_url":"","webscm_url":"","list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<20260418221707.67972-1-ebiggers@kernel.org>","list_archive_url":null,"date":"2026-04-18T22:17:07","name":"[v2] ksmbd: Use AES-CMAC library for SMB3 signature calculation","commit_ref":null,"pull_url":null,"state":"new","archived":false,"hash":"fb735d47aedbe6e4504012e21ef788db9cb529b3","submitter":{"id":74690,"url":"http://patchwork.ozlabs.org/api/people/74690/?format=json","name":"Eric Biggers","email":"ebiggers@kernel.org"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/linux-cifs-client/patch/20260418221707.67972-1-ebiggers@kernel.org/mbox/","series":[{"id":500472,"url":"http://patchwork.ozlabs.org/api/series/500472/?format=json","web_url":"http://patchwork.ozlabs.org/project/linux-cifs-client/list/?series=500472","date":"2026-04-18T22:17:07","name":"[v2] ksmbd: Use AES-CMAC library for SMB3 signature calculation","version":2,"mbox":"http://patchwork.ozlabs.org/series/500472/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/2224817/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/2224817/checks/","tags":{},"related":[],"headers":{"Return-Path":"\n ","X-Original-To":["incoming@patchwork.ozlabs.org","linux-cifs@vger.kernel.org"],"Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=kernel.org header.i=@kernel.org header.a=rsa-sha256\n header.s=k20201202 header.b=BjDUiE6t;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=172.234.253.10; helo=sea.lore.kernel.org;\n envelope-from=linux-cifs+bounces-10907-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)","smtp.subspace.kernel.org;\n\tdkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org\n header.b=\"BjDUiE6t\"","smtp.subspace.kernel.org;\n arc=none smtp.client-ip=10.30.226.201"],"Received":["from sea.lore.kernel.org (sea.lore.kernel.org [172.234.253.10])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fymP10vFvz1yGt\n\tfor ; Sun, 19 Apr 2026 08:18:45 +1000 (AEST)","from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby sea.lore.kernel.org (Postfix) with ESMTP id B38E1301993B\n\tfor ; Sat, 18 Apr 2026 22:18:33 +0000 (UTC)","from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id CB90C1C5F11;\n\tSat, 18 Apr 2026 22:18:32 +0000 (UTC)","from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org\n [10.30.226.201])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id A8E4BC8CE;\n\tSat, 18 Apr 2026 22:18:32 +0000 (UTC)","by smtp.kernel.org (Postfix) with ESMTPSA id E659BC19424;\n\tSat, 18 Apr 2026 22:18:31 +0000 (UTC)"],"ARC-Seal":"i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1776550712; cv=none;\n b=cywlRJSgVdcxvJ1ehpu9AEZ5bpRQZfxQt7f03wu0fMF1DNuYIAfKSzQpXzYrI65iNzGTxgogUCWaK18QCedmob213tMj8e5ZT8HbACc4iFXZ6BXbDnWGdvk91Eb+L0x3g499QuhU/4ay9KpUTsyMttKLP7qp1nA9EvREp9GPzP8=","ARC-Message-Signature":"i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1776550712; c=relaxed/simple;\n\tbh=4SqN0/imj48EocU/KcOP+YvUMBfC3KL8Tw0kM9BHH+8=;\n\th=From:To:Cc:Subject:Date:Message-ID:MIME-Version;\n b=LigfgVqPwiGNJcsb3atM3C1azDJKFlLXmgWx3Q9FvsWorDvjTEwpwHSuQbv8oCepb+Gz/cDp6NmkT4gUM3olIes+GBKpZNPEuHDDNyPLmiwe7qYyNVLsgHELRNuepkmklihwZIzDnEG8MDoQNmQZ9FlFAHzkMAJwjxqN/v2GHV8=","ARC-Authentication-Results":"i=1; smtp.subspace.kernel.org;\n dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org\n header.b=BjDUiE6t; arc=none smtp.client-ip=10.30.226.201","DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;\n\ts=k20201202; t=1776550712;\n\tbh=4SqN0/imj48EocU/KcOP+YvUMBfC3KL8Tw0kM9BHH+8=;\n\th=From:To:Cc:Subject:Date:From;\n\tb=BjDUiE6tyfJ1jF49Z2OtqJatQ7fVkJwq59xur4wLLj9kPPpwQnA+H72qXyJB6pqv3\n\t FpwcLblvp2vySyA9Wau9up2SsgZ5e82O2woJpaPJSJx+S691uSQRht7te3XAYjOtA6\n\t olxNAqYRhtedYa2mWilxUotkvrHySvYgDj+94yG3QFnJI8H5YFSI4OGuc+50ChoYmG\n\t tZxRQovequxGqUtqBE3um6vGNGyy/Kc4A3kpLFJXgnmH329/RZ0Pi+yHv2zPEIo7lU\n\t AysYMQGTaFZushQdSjwmMsM6ZkMMdemEDcj4Z3lsPwFevIqaeTg/8OYOYaNLsQ0dBN\n\t fSXYsbpHjK3aQ==","From":"Eric Biggers ","To":"linux-cifs@vger.kernel.org,\n\tNamjae Jeon ,\n\tSteve French ","Cc":"linux-crypto@vger.kernel.org,\n\tlinux-kernel@vger.kernel.org,\n\tArd Biesheuvel ,\n\tSergey Senozhatsky ,\n\tTom Talpey ,\n\tEric Biggers ","Subject":"[PATCH v2] ksmbd: Use AES-CMAC library for SMB3 signature calculation","Date":"Sat, 18 Apr 2026 15:17:07 -0700","Message-ID":"<20260418221707.67972-1-ebiggers@kernel.org>","X-Mailer":"git-send-email 2.53.0","Precedence":"bulk","X-Mailing-List":"linux-cifs@vger.kernel.org","List-Id":"","List-Subscribe":"","List-Unsubscribe":"","MIME-Version":"1.0","Content-Transfer-Encoding":"8bit"},"content":"Now that AES-CMAC has a library API, convert ksmbd_sign_smb3_pdu() to\nuse it instead of a \"cmac(aes)\" crypto_shash.\n\nThe result is simpler and faster code. With the library there's no need\nto dynamically allocate memory, no need to handle errors, and the\nAES-CMAC code is accessed directly without inefficient indirect calls\nand other unnecessary API overhead.\n\nAcked-by: Namjae Jeon \nReviewed-by: Ard Biesheuvel \nSigned-off-by: Eric Biggers \n---\n\nThis patch was originally sent as patch 12 of the series\nhttps://lore.kernel.org/r/20260218213501.136844-1-ebiggers@kernel.org/\nThe only change from that version was adding tags and rebasing.\n\nThis is intended to be taken through the ksmbd tree, either 7.1 or 7.2\ndepending on maintainer preference.\n\n fs/smb/server/Kconfig | 2 +-\n fs/smb/server/auth.c | 51 +++++++++------------------------\n fs/smb/server/auth.h | 4 +--\n fs/smb/server/crypto_ctx.c | 58 --------------------------------------\n fs/smb/server/crypto_ctx.h | 12 --------\n fs/smb/server/server.c | 1 -\n fs/smb/server/smb2pdu.c | 8 ++----\n 7 files changed, 19 insertions(+), 117 deletions(-)\n\n\nbase-commit: 8541d8f725c673db3bd741947f27974358b2e163","diff":"diff --git a/fs/smb/server/Kconfig b/fs/smb/server/Kconfig\nindex 37387410e5bb3..8827b36537864 100644\n--- a/fs/smb/server/Kconfig\n+++ b/fs/smb/server/Kconfig\n@@ -5,17 +5,17 @@ config SMB_SERVER\n \tdepends on FILE_LOCKING\n \tselect NLS\n \tselect NLS_UTF8\n \tselect NLS_UCS2_UTILS\n \tselect CRYPTO\n+\tselect CRYPTO_LIB_AES_CBC_MACS\n \tselect CRYPTO_LIB_ARC4\n \tselect CRYPTO_LIB_DES\n \tselect CRYPTO_LIB_MD5\n \tselect CRYPTO_LIB_SHA256\n \tselect CRYPTO_LIB_SHA512\n \tselect CRYPTO_LIB_UTILS\n-\tselect CRYPTO_CMAC\n \tselect CRYPTO_AEAD2\n \tselect CRYPTO_CCM\n \tselect CRYPTO_GCM\n \tselect ASN1\n \tselect OID_REGISTRY\ndiff --git a/fs/smb/server/auth.c b/fs/smb/server/auth.c\nindex 7d0691f7263fe..e99409fa721cd 100644\n--- a/fs/smb/server/auth.c\n+++ b/fs/smb/server/auth.c\n@@ -9,12 +9,12 @@\n #include \n #include \n #include \n #include \n #include \n-#include \n #include \n+#include \n #include \n #include \n #include \n #include \n #include \n@@ -488,50 +488,25 @@ void ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,\n * @iov: buffer iov array\n * @n_vec:\tnumber of iovecs\n * @sig:\tsignature value generated for client request packet\n *\n */\n-int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,\n-\t\t\tint n_vec, char *sig)\n+void ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,\n+\t\t\t int n_vec, char *sig)\n {\n-\tstruct ksmbd_crypto_ctx *ctx;\n-\tint rc, i;\n-\n-\tctx = ksmbd_crypto_ctx_find_cmacaes();\n-\tif (!ctx) {\n-\t\tksmbd_debug(AUTH, \"could not crypto alloc cmac\\n\");\n-\t\treturn -ENOMEM;\n-\t}\n-\n-\trc = crypto_shash_setkey(CRYPTO_CMACAES_TFM(ctx),\n-\t\t\t\t key,\n-\t\t\t\t SMB2_CMACAES_SIZE);\n-\tif (rc)\n-\t\tgoto out;\n-\n-\trc = crypto_shash_init(CRYPTO_CMACAES(ctx));\n-\tif (rc) {\n-\t\tksmbd_debug(AUTH, \"cmaces init error %d\\n\", rc);\n-\t\tgoto out;\n-\t}\n+\tstruct aes_cmac_key cmac_key;\n+\tstruct aes_cmac_ctx cmac_ctx;\n+\tint i;\n \n-\tfor (i = 0; i < n_vec; i++) {\n-\t\trc = crypto_shash_update(CRYPTO_CMACAES(ctx),\n-\t\t\t\t\t iov[i].iov_base,\n-\t\t\t\t\t iov[i].iov_len);\n-\t\tif (rc) {\n-\t\t\tksmbd_debug(AUTH, \"cmaces update error %d\\n\", rc);\n-\t\t\tgoto out;\n-\t\t}\n-\t}\n+\t/* This cannot fail, since we always pass a valid key length. */\n+\tstatic_assert(SMB2_CMACAES_SIZE == AES_KEYSIZE_128);\n+\taes_cmac_preparekey(&cmac_key, key, SMB2_CMACAES_SIZE);\n \n-\trc = crypto_shash_final(CRYPTO_CMACAES(ctx), sig);\n-\tif (rc)\n-\t\tksmbd_debug(AUTH, \"cmaces generation error %d\\n\", rc);\n-out:\n-\tksmbd_release_crypto_ctx(ctx);\n-\treturn rc;\n+\taes_cmac_init(&cmac_ctx, &cmac_key);\n+\tfor (i = 0; i < n_vec; i++)\n+\t\taes_cmac_update(&cmac_ctx, iov[i].iov_base, iov[i].iov_len);\n+\taes_cmac_final(&cmac_ctx, sig);\n }\n \n struct derivation {\n \tstruct kvec label;\n \tstruct kvec context;\ndiff --git a/fs/smb/server/auth.h b/fs/smb/server/auth.h\nindex 6d351d61b0e57..5767aabc63c9b 100644\n--- a/fs/smb/server/auth.h\n+++ b/fs/smb/server/auth.h\n@@ -52,12 +52,12 @@ ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob,\n \t\t\t\t struct ksmbd_conn *conn);\n int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob,\n \t\t\t int in_len,\tchar *out_blob, int *out_len);\n void ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,\n \t\t\t int n_vec, char *sig);\n-int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,\n-\t\t\tint n_vec, char *sig);\n+void ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov,\n+\t\t\t int n_vec, char *sig);\n int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess,\n \t\t\t struct ksmbd_conn *conn);\n int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess,\n \t\t\t\tstruct ksmbd_conn *conn);\n void ksmbd_gen_smb30_encryptionkey(struct ksmbd_conn *conn,\ndiff --git a/fs/smb/server/crypto_ctx.c b/fs/smb/server/crypto_ctx.c\nindex 8fd9713b00b7f..2fe7d33004807 100644\n--- a/fs/smb/server/crypto_ctx.c\n+++ b/fs/smb/server/crypto_ctx.c\n@@ -26,18 +26,10 @@ static inline void free_aead(struct crypto_aead *aead)\n {\n \tif (aead)\n \t\tcrypto_free_aead(aead);\n }\n \n-static void free_shash(struct shash_desc *shash)\n-{\n-\tif (shash) {\n-\t\tcrypto_free_shash(shash->tfm);\n-\t\tkfree(shash);\n-\t}\n-}\n-\n static struct crypto_aead *alloc_aead(int id)\n {\n \tstruct crypto_aead *tfm = NULL;\n \n \tswitch (id) {\n@@ -58,41 +50,14 @@ static struct crypto_aead *alloc_aead(int id)\n \t}\n \n \treturn tfm;\n }\n \n-static struct shash_desc *alloc_shash_desc(int id)\n-{\n-\tstruct crypto_shash *tfm = NULL;\n-\tstruct shash_desc *shash;\n-\n-\tswitch (id) {\n-\tcase CRYPTO_SHASH_CMACAES:\n-\t\ttfm = crypto_alloc_shash(\"cmac(aes)\", 0, 0);\n-\t\tbreak;\n-\tdefault:\n-\t\treturn NULL;\n-\t}\n-\n-\tif (IS_ERR(tfm))\n-\t\treturn NULL;\n-\n-\tshash = kzalloc(sizeof(*shash) + crypto_shash_descsize(tfm),\n-\t\t\tKSMBD_DEFAULT_GFP);\n-\tif (!shash)\n-\t\tcrypto_free_shash(tfm);\n-\telse\n-\t\tshash->tfm = tfm;\n-\treturn shash;\n-}\n-\n static void ctx_free(struct ksmbd_crypto_ctx *ctx)\n {\n \tint i;\n \n-\tfor (i = 0; i < CRYPTO_SHASH_MAX; i++)\n-\t\tfree_shash(ctx->desc[i]);\n \tfor (i = 0; i < CRYPTO_AEAD_MAX; i++)\n \t\tfree_aead(ctx->ccmaes[i]);\n \tkfree(ctx);\n }\n \n@@ -151,33 +116,10 @@ void ksmbd_release_crypto_ctx(struct ksmbd_crypto_ctx *ctx)\n \tctx_list.avail_ctx--;\n \tspin_unlock(&ctx_list.ctx_lock);\n \tctx_free(ctx);\n }\n \n-static struct ksmbd_crypto_ctx *____crypto_shash_ctx_find(int id)\n-{\n-\tstruct ksmbd_crypto_ctx *ctx;\n-\n-\tif (id >= CRYPTO_SHASH_MAX)\n-\t\treturn NULL;\n-\n-\tctx = ksmbd_find_crypto_ctx();\n-\tif (ctx->desc[id])\n-\t\treturn ctx;\n-\n-\tctx->desc[id] = alloc_shash_desc(id);\n-\tif (ctx->desc[id])\n-\t\treturn ctx;\n-\tksmbd_release_crypto_ctx(ctx);\n-\treturn NULL;\n-}\n-\n-struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_cmacaes(void)\n-{\n-\treturn ____crypto_shash_ctx_find(CRYPTO_SHASH_CMACAES);\n-}\n-\n static struct ksmbd_crypto_ctx *____crypto_aead_ctx_find(int id)\n {\n \tstruct ksmbd_crypto_ctx *ctx;\n \n \tif (id >= CRYPTO_AEAD_MAX)\ndiff --git a/fs/smb/server/crypto_ctx.h b/fs/smb/server/crypto_ctx.h\nindex 27fd553d10aab..b22c6e086f032 100644\n--- a/fs/smb/server/crypto_ctx.h\n+++ b/fs/smb/server/crypto_ctx.h\n@@ -4,40 +4,28 @@\n */\n \n #ifndef __CRYPTO_CTX_H__\n #define __CRYPTO_CTX_H__\n \n-#include \n #include \n \n-enum {\n-\tCRYPTO_SHASH_CMACAES\t= 0,\n-\tCRYPTO_SHASH_MAX,\n-};\n-\n enum {\n \tCRYPTO_AEAD_AES_GCM = 16,\n \tCRYPTO_AEAD_AES_CCM,\n \tCRYPTO_AEAD_MAX,\n };\n \n struct ksmbd_crypto_ctx {\n \tstruct list_head\t\tlist;\n \n-\tstruct shash_desc\t\t*desc[CRYPTO_SHASH_MAX];\n \tstruct crypto_aead\t\t*ccmaes[CRYPTO_AEAD_MAX];\n };\n \n-#define CRYPTO_CMACAES(c)\t((c)->desc[CRYPTO_SHASH_CMACAES])\n-\n-#define CRYPTO_CMACAES_TFM(c)\t((c)->desc[CRYPTO_SHASH_CMACAES]->tfm)\n-\n #define CRYPTO_GCM(c)\t\t((c)->ccmaes[CRYPTO_AEAD_AES_GCM])\n #define CRYPTO_CCM(c)\t\t((c)->ccmaes[CRYPTO_AEAD_AES_CCM])\n \n void ksmbd_release_crypto_ctx(struct ksmbd_crypto_ctx *ctx);\n-struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_cmacaes(void);\n struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_gcm(void);\n struct ksmbd_crypto_ctx *ksmbd_crypto_ctx_find_ccm(void);\n void ksmbd_crypto_destroy(void);\n int ksmbd_crypto_create(void);\n \ndiff --git a/fs/smb/server/server.c b/fs/smb/server/server.c\nindex d8893079abdb5..58ef02c423fce 100644\n--- a/fs/smb/server/server.c\n+++ b/fs/smb/server/server.c\n@@ -629,11 +629,10 @@ static void __exit ksmbd_server_exit(void)\n MODULE_AUTHOR(\"Namjae Jeon \");\n MODULE_DESCRIPTION(\"Linux kernel CIFS/SMB SERVER\");\n MODULE_LICENSE(\"GPL\");\n MODULE_SOFTDEP(\"pre: nls\");\n MODULE_SOFTDEP(\"pre: aes\");\n-MODULE_SOFTDEP(\"pre: cmac\");\n MODULE_SOFTDEP(\"pre: aead2\");\n MODULE_SOFTDEP(\"pre: ccm\");\n MODULE_SOFTDEP(\"pre: gcm\");\n module_init(ksmbd_server_init)\n module_exit(ksmbd_server_exit)\ndiff --git a/fs/smb/server/smb2pdu.c b/fs/smb/server/smb2pdu.c\nindex ee32e61b6d3c7..4ec83d094b3b9 100644\n--- a/fs/smb/server/smb2pdu.c\n+++ b/fs/smb/server/smb2pdu.c\n@@ -9065,12 +9065,11 @@ int smb3_check_sign_req(struct ksmbd_work *work)\n \tmemcpy(signature_req, hdr->Signature, SMB2_SIGNATURE_SIZE);\n \tmemset(hdr->Signature, 0, SMB2_SIGNATURE_SIZE);\n \tiov[0].iov_base = (char *)&hdr->ProtocolId;\n \tiov[0].iov_len = len;\n \n-\tif (ksmbd_sign_smb3_pdu(conn, signing_key, iov, 1, signature))\n-\t\treturn 0;\n+\tksmbd_sign_smb3_pdu(conn, signing_key, iov, 1, signature);\n \n \tif (crypto_memneq(signature, signature_req, SMB2_SIGNATURE_SIZE)) {\n \t\tpr_err(\"bad smb2 signature\\n\");\n \t\treturn 0;\n \t}\n@@ -9117,13 +9116,12 @@ void smb3_set_sign_rsp(struct ksmbd_work *work)\n \t\tn_vec++;\n \t} else {\n \t\tiov = &work->iov[work->iov_idx];\n \t}\n \n-\tif (!ksmbd_sign_smb3_pdu(conn, signing_key, iov, n_vec,\n-\t\t\t\t signature))\n-\t\tmemcpy(hdr->Signature, signature, SMB2_SIGNATURE_SIZE);\n+\tksmbd_sign_smb3_pdu(conn, signing_key, iov, n_vec, signature);\n+\tmemcpy(hdr->Signature, signature, SMB2_SIGNATURE_SIZE);\n }\n \n /**\n * smb3_preauth_hash_rsp() - handler for computing preauth hash on response\n * @work: smb work containing response buffer\n","prefixes":["v2"]}