4.9-stable patches

added patches:
	sunrpc-remove-incorrect-hmac-request-initialization.patch

diff --git a/queue-4.9/series b/queue-4.9/series
index 8c8f18e72238fe93736d555f29de4094fde063f8..2b0acb575709fda862348c63e3f2dcf7505e6fc3 100644 (file)
--- a/queue-4.9/series
+++ b/queue-4.9/series
@@ -48,3 +48,4 @@ arm-arm64-smccc-make-function-identifiers-an-unsigned-quantity.patch
 arm-arm64-smccc-implement-smccc-v1.1-inline-primitive.patch
 arm64-add-arm_smccc_arch_workaround_1-bp-hardening-support.patch
 arm64-kill-psci_get_version-as-a-variant-2-workaround.patch
+sunrpc-remove-incorrect-hmac-request-initialization.patch

diff --git a/queue-4.9/sunrpc-remove-incorrect-hmac-request-initialization.patch b/queue-4.9/sunrpc-remove-incorrect-hmac-request-initialization.patch
new file mode 100644 (file)
index 0000000..e1a4ff2
--- /dev/null
+++ b/queue-4.9/sunrpc-remove-incorrect-hmac-request-initialization.patch
@@ -0,0 +1,55 @@
+From f3aefb6a7066e24bfea7fcf1b07907576de69d63 Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Wed, 28 Mar 2018 10:57:22 -0700
+Subject: sunrpc: remove incorrect HMAC request initialization
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit f3aefb6a7066e24bfea7fcf1b07907576de69d63 upstream.
+
+make_checksum_hmac_md5() is allocating an HMAC transform and doing
+crypto API calls in the following order:
+
+    crypto_ahash_init()
+    crypto_ahash_setkey()
+    crypto_ahash_digest()
+
+This is wrong because it makes no sense to init() the request before a
+key has been set, given that the initial state depends on the key.  And
+digest() is short for init() + update() + final(), so in this case
+there's no need to explicitly call init() at all.
+
+Before commit 9fa68f620041 ("crypto: hash - prevent using keyed hashes
+without setting key") the extra init() had no real effect, at least for
+the software HMAC implementation.  (There are also hardware drivers that
+implement HMAC-MD5, and it's not immediately obvious how gracefully they
+handle init() before setkey().)  But now the crypto API detects this
+incorrect initialization and returns -ENOKEY.  This is breaking NFS
+mounts in some cases.
+
+Fix it by removing the incorrect call to crypto_ahash_init().
+
+Reported-by: Michael Young <m.a.young@durham.ac.uk>
+Fixes: 9fa68f620041 ("crypto: hash - prevent using keyed hashes without setting key")
+Fixes: fffdaef2eb4a ("gss_krb5: Add support for rc4-hmac encryption")
+Cc: stable@vger.kernel.org
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: J. Bruce Fields <bfields@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/sunrpc/auth_gss/gss_krb5_crypto.c |    3 ---
+ 1 file changed, 3 deletions(-)
+
+--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
++++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
+@@ -237,9 +237,6 @@ make_checksum_hmac_md5(struct krb5_ctx *
+ 
+       ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL);
+ 
+-      err = crypto_ahash_init(req);
+-      if (err)
+-              goto out;
+       err = crypto_ahash_setkey(hmac_md5, cksumkey, kctx->gk5e->keylength);
+       if (err)
+               goto out;