--- /dev/null
+From 45a4546c6167a2da348a31ca439d8a8ff773b6ea Mon Sep 17 00:00:00 2001
+From: Shyam Prasad N <sprasad@microsoft.com>
+Date: Thu, 25 Mar 2021 12:34:54 +0000
+Subject: cifs: Adjust key sizes and key generation routines for AES256 encryption
+
+From: Shyam Prasad N <sprasad@microsoft.com>
+
+commit 45a4546c6167a2da348a31ca439d8a8ff773b6ea upstream.
+
+For AES256 encryption (GCM and CCM), we need to adjust the size of a few
+fields to 32 bytes instead of 16 to accommodate the larger keys.
+
+Also, the L value supplied to the key generator needs to be changed from
+to 256 when these algorithms are used.
+
+Keeping the ioctl struct for dumping keys of the same size for now.
+Will send out a different patch for that one.
+
+Signed-off-by: Shyam Prasad N <sprasad@microsoft.com>
+Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
+CC: <stable@vger.kernel.org> # v5.10+
+Signed-off-by: Steve French <stfrench@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/cifs/cifsglob.h | 4 ++--
+ fs/cifs/cifspdu.h | 5 +++++
+ fs/cifs/smb2glob.h | 1 +
+ fs/cifs/smb2ops.c | 9 +++++----
+ fs/cifs/smb2transport.c | 37 ++++++++++++++++++++++++++++---------
+ 5 files changed, 41 insertions(+), 15 deletions(-)
+
+--- a/fs/cifs/cifsglob.h
++++ b/fs/cifs/cifsglob.h
+@@ -915,8 +915,8 @@ struct cifs_ses {
+ bool binding:1; /* are we binding the session? */
+ __u16 session_flags;
+ __u8 smb3signingkey[SMB3_SIGN_KEY_SIZE];
+- __u8 smb3encryptionkey[SMB3_SIGN_KEY_SIZE];
+- __u8 smb3decryptionkey[SMB3_SIGN_KEY_SIZE];
++ __u8 smb3encryptionkey[SMB3_ENC_DEC_KEY_SIZE];
++ __u8 smb3decryptionkey[SMB3_ENC_DEC_KEY_SIZE];
+ __u8 preauth_sha_hash[SMB2_PREAUTH_HASH_SIZE];
+
+ __u8 binding_preauth_sha_hash[SMB2_PREAUTH_HASH_SIZE];
+--- a/fs/cifs/cifspdu.h
++++ b/fs/cifs/cifspdu.h
+@@ -147,6 +147,11 @@
+ */
+ #define SMB3_SIGN_KEY_SIZE (16)
+
++/*
++ * Size of the smb3 encryption/decryption keys
++ */
++#define SMB3_ENC_DEC_KEY_SIZE (32)
++
+ #define CIFS_CLIENT_CHALLENGE_SIZE (8)
+ #define CIFS_SERVER_CHALLENGE_SIZE (8)
+ #define CIFS_HMAC_MD5_HASH_SIZE (16)
+--- a/fs/cifs/smb2glob.h
++++ b/fs/cifs/smb2glob.h
+@@ -58,6 +58,7 @@
+ #define SMB2_HMACSHA256_SIZE (32)
+ #define SMB2_CMACAES_SIZE (16)
+ #define SMB3_SIGNKEY_SIZE (16)
++#define SMB3_GCM128_CRYPTKEY_SIZE (16)
+ #define SMB3_GCM256_CRYPTKEY_SIZE (32)
+
+ /* Maximum buffer size value we can send with 1 credit */
+--- a/fs/cifs/smb2ops.c
++++ b/fs/cifs/smb2ops.c
+@@ -4109,7 +4109,7 @@ smb2_get_enc_key(struct TCP_Server_Info
+ if (ses->Suid == ses_id) {
+ ses_enc_key = enc ? ses->smb3encryptionkey :
+ ses->smb3decryptionkey;
+- memcpy(key, ses_enc_key, SMB3_SIGN_KEY_SIZE);
++ memcpy(key, ses_enc_key, SMB3_ENC_DEC_KEY_SIZE);
+ spin_unlock(&cifs_tcp_ses_lock);
+ return 0;
+ }
+@@ -4136,7 +4136,7 @@ crypt_message(struct TCP_Server_Info *se
+ int rc = 0;
+ struct scatterlist *sg;
+ u8 sign[SMB2_SIGNATURE_SIZE] = {};
+- u8 key[SMB3_SIGN_KEY_SIZE];
++ u8 key[SMB3_ENC_DEC_KEY_SIZE];
+ struct aead_request *req;
+ char *iv;
+ unsigned int iv_len;
+@@ -4160,10 +4160,11 @@ crypt_message(struct TCP_Server_Info *se
+ tfm = enc ? server->secmech.ccmaesencrypt :
+ server->secmech.ccmaesdecrypt;
+
+- if (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)
++ if ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) ||
++ (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM))
+ rc = crypto_aead_setkey(tfm, key, SMB3_GCM256_CRYPTKEY_SIZE);
+ else
+- rc = crypto_aead_setkey(tfm, key, SMB3_SIGN_KEY_SIZE);
++ rc = crypto_aead_setkey(tfm, key, SMB3_GCM128_CRYPTKEY_SIZE);
+
+ if (rc) {
+ cifs_server_dbg(VFS, "%s: Failed to set aead key %d\n", __func__, rc);
+--- a/fs/cifs/smb2transport.c
++++ b/fs/cifs/smb2transport.c
+@@ -298,7 +298,8 @@ static int generate_key(struct cifs_ses
+ {
+ unsigned char zero = 0x0;
+ __u8 i[4] = {0, 0, 0, 1};
+- __u8 L[4] = {0, 0, 0, 128};
++ __u8 L128[4] = {0, 0, 0, 128};
++ __u8 L256[4] = {0, 0, 1, 0};
+ int rc = 0;
+ unsigned char prfhash[SMB2_HMACSHA256_SIZE];
+ unsigned char *hashptr = prfhash;
+@@ -354,8 +355,14 @@ static int generate_key(struct cifs_ses
+ goto smb3signkey_ret;
+ }
+
+- rc = crypto_shash_update(&server->secmech.sdeschmacsha256->shash,
+- L, 4);
++ if ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) ||
++ (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) {
++ rc = crypto_shash_update(&server->secmech.sdeschmacsha256->shash,
++ L256, 4);
++ } else {
++ rc = crypto_shash_update(&server->secmech.sdeschmacsha256->shash,
++ L128, 4);
++ }
+ if (rc) {
+ cifs_server_dbg(VFS, "%s: Could not update with L\n", __func__);
+ goto smb3signkey_ret;
+@@ -390,6 +397,9 @@ generate_smb3signingkey(struct cifs_ses
+ const struct derivation_triplet *ptriplet)
+ {
+ int rc;
++#ifdef CONFIG_CIFS_DEBUG_DUMP_KEYS
++ struct TCP_Server_Info *server = ses->server;
++#endif
+
+ /*
+ * All channels use the same encryption/decryption keys but
+@@ -422,11 +432,11 @@ generate_smb3signingkey(struct cifs_ses
+ rc = generate_key(ses, ptriplet->encryption.label,
+ ptriplet->encryption.context,
+ ses->smb3encryptionkey,
+- SMB3_SIGN_KEY_SIZE);
++ SMB3_ENC_DEC_KEY_SIZE);
+ rc = generate_key(ses, ptriplet->decryption.label,
+ ptriplet->decryption.context,
+ ses->smb3decryptionkey,
+- SMB3_SIGN_KEY_SIZE);
++ SMB3_ENC_DEC_KEY_SIZE);
+ if (rc)
+ return rc;
+ }
+@@ -442,14 +452,23 @@ generate_smb3signingkey(struct cifs_ses
+ */
+ cifs_dbg(VFS, "Session Id %*ph\n", (int)sizeof(ses->Suid),
+ &ses->Suid);
++ cifs_dbg(VFS, "Cipher type %d\n", server->cipher_type);
+ cifs_dbg(VFS, "Session Key %*ph\n",
+ SMB2_NTLMV2_SESSKEY_SIZE, ses->auth_key.response);
+ cifs_dbg(VFS, "Signing Key %*ph\n",
+ SMB3_SIGN_KEY_SIZE, ses->smb3signingkey);
+- cifs_dbg(VFS, "ServerIn Key %*ph\n",
+- SMB3_SIGN_KEY_SIZE, ses->smb3encryptionkey);
+- cifs_dbg(VFS, "ServerOut Key %*ph\n",
+- SMB3_SIGN_KEY_SIZE, ses->smb3decryptionkey);
++ if ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) ||
++ (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) {
++ cifs_dbg(VFS, "ServerIn Key %*ph\n",
++ SMB3_GCM256_CRYPTKEY_SIZE, ses->smb3encryptionkey);
++ cifs_dbg(VFS, "ServerOut Key %*ph\n",
++ SMB3_GCM256_CRYPTKEY_SIZE, ses->smb3decryptionkey);
++ } else {
++ cifs_dbg(VFS, "ServerIn Key %*ph\n",
++ SMB3_GCM128_CRYPTKEY_SIZE, ses->smb3encryptionkey);
++ cifs_dbg(VFS, "ServerOut Key %*ph\n",
++ SMB3_GCM128_CRYPTKEY_SIZE, ses->smb3decryptionkey);
++ }
+ #endif
+ return rc;
+ }
--- /dev/null
+From 291da9d4a9eb3a1cb0610b7f4480f5b52b1825e7 Mon Sep 17 00:00:00 2001
+From: Thomas Gleixner <tglx@linutronix.de>
+Date: Mon, 22 Mar 2021 09:46:13 +0100
+Subject: locking/mutex: Fix non debug version of mutex_lock_io_nested()
+
+From: Thomas Gleixner <tglx@linutronix.de>
+
+commit 291da9d4a9eb3a1cb0610b7f4480f5b52b1825e7 upstream.
+
+If CONFIG_DEBUG_LOCK_ALLOC=n then mutex_lock_io_nested() maps to
+mutex_lock() which is clearly wrong because mutex_lock() lacks the
+io_schedule_prepare()/finish() invocations.
+
+Map it to mutex_lock_io().
+
+Fixes: f21860bac05b ("locking/mutex, sched/wait: Fix the mutex_lock_io_nested() define")
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Cc: stable@vger.kernel.org
+Link: https://lkml.kernel.org/r/878s6fshii.fsf@nanos.tec.linutronix.de
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ include/linux/mutex.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/include/linux/mutex.h
++++ b/include/linux/mutex.h
+@@ -185,7 +185,7 @@ extern void mutex_lock_io(struct mutex *
+ # define mutex_lock_interruptible_nested(lock, subclass) mutex_lock_interruptible(lock)
+ # define mutex_lock_killable_nested(lock, subclass) mutex_lock_killable(lock)
+ # define mutex_lock_nest_lock(lock, nest_lock) mutex_lock(lock)
+-# define mutex_lock_io_nested(lock, subclass) mutex_lock(lock)
++# define mutex_lock_io_nested(lock, subclass) mutex_lock_io(lock)
+ #endif
+
+ /*
--- /dev/null
+From cfc63fc8126a93cbf95379bc4cad79a7b15b6ece Mon Sep 17 00:00:00 2001
+From: Steve French <stfrench@microsoft.com>
+Date: Fri, 26 Mar 2021 18:41:55 -0500
+Subject: smb3: fix cached file size problems in duplicate extents (reflink)
+
+From: Steve French <stfrench@microsoft.com>
+
+commit cfc63fc8126a93cbf95379bc4cad79a7b15b6ece upstream.
+
+There were two problems (one of which could cause data corruption)
+that were noticed with duplicate extents (ie reflink)
+when debugging why various xfstests were being incorrectly skipped
+(e.g. generic/138, generic/140, generic/142). First, we were not
+updating the file size locally in the cache when extending a
+file due to reflink (it would refresh after actimeo expires)
+but xfstest was checking the size immediately which was still
+0 so caused the test to be skipped. Second, we were setting
+the target file size (which could shrink the file) in all cases
+to the end of the reflinked range rather than only setting the
+target file size when reflink would extend the file.
+
+CC: <stable@vger.kernel.org>
+Signed-off-by: Steve French <stfrench@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/cifs/smb2ops.c | 18 +++++++++++++++---
+ 1 file changed, 15 insertions(+), 3 deletions(-)
+
+--- a/fs/cifs/smb2ops.c
++++ b/fs/cifs/smb2ops.c
+@@ -2007,6 +2007,7 @@ smb2_duplicate_extents(const unsigned in
+ {
+ int rc;
+ unsigned int ret_data_len;
++ struct inode *inode;
+ struct duplicate_extents_to_file dup_ext_buf;
+ struct cifs_tcon *tcon = tlink_tcon(trgtfile->tlink);
+
+@@ -2023,10 +2024,21 @@ smb2_duplicate_extents(const unsigned in
+ cifs_dbg(FYI, "Duplicate extents: src off %lld dst off %lld len %lld\n",
+ src_off, dest_off, len);
+
+- rc = smb2_set_file_size(xid, tcon, trgtfile, dest_off + len, false);
+- if (rc)
+- goto duplicate_extents_out;
++ inode = d_inode(trgtfile->dentry);
++ if (inode->i_size < dest_off + len) {
++ rc = smb2_set_file_size(xid, tcon, trgtfile, dest_off + len, false);
++ if (rc)
++ goto duplicate_extents_out;
+
++ /*
++ * Although also could set plausible allocation size (i_blocks)
++ * here in addition to setting the file size, in reflink
++ * it is likely that the target file is sparse. Its allocation
++ * size will be queried on next revalidate, but it is important
++ * to make sure that file's cached size is updated immediately
++ */
++ cifs_setsize(inode, dest_off + len);
++ }
+ rc = SMB2_ioctl(xid, tcon, trgtfile->fid.persistent_fid,
+ trgtfile->fid.volatile_fid,
+ FSCTL_DUPLICATE_EXTENTS_TO_FILE,
--- /dev/null
+From 8249d17d3194eac064a8ca5bc5ca0abc86feecde Mon Sep 17 00:00:00 2001
+From: Isaku Yamahata <isaku.yamahata@intel.com>
+Date: Thu, 18 Mar 2021 13:26:57 -0700
+Subject: x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc()
+
+From: Isaku Yamahata <isaku.yamahata@intel.com>
+
+commit 8249d17d3194eac064a8ca5bc5ca0abc86feecde upstream.
+
+The pfn variable contains the page frame number as returned by the
+pXX_pfn() functions, shifted to the right by PAGE_SHIFT to remove the
+page bits. After page protection computations are done to it, it gets
+shifted back to the physical address using page_level_shift().
+
+That is wrong, of course, because that function determines the shift
+length based on the level of the page in the page table but in all the
+cases, it was shifted by PAGE_SHIFT before.
+
+Therefore, shift it back using PAGE_SHIFT to get the correct physical
+address.
+
+ [ bp: Rewrite commit message. ]
+
+Fixes: dfaaec9033b8 ("x86: Add support for changing memory encryption attribute in early boot")
+Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
+Signed-off-by: Borislav Petkov <bp@suse.de>
+Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
+Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
+Cc: <stable@vger.kernel.org>
+Link: https://lkml.kernel.org/r/81abbae1657053eccc535c16151f63cd049dcb97.1616098294.git.isaku.yamahata@intel.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/mm/mem_encrypt.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/x86/mm/mem_encrypt.c
++++ b/arch/x86/mm/mem_encrypt.c
+@@ -262,7 +262,7 @@ static void __init __set_clr_pte_enc(pte
+ if (pgprot_val(old_prot) == pgprot_val(new_prot))
+ return;
+
+- pa = pfn << page_level_shift(level);
++ pa = pfn << PAGE_SHIFT;
+ size = page_level_size(level);
+
+ /*
projects / thirdparty / kernel / stable-queue.git / commitdiff
