From: Greg Kroah-Hartman Date: Mon, 29 Mar 2021 05:46:44 +0000 (+0200) Subject: 5.11-stable patches X-Git-Tag: v5.11.11~34 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e6ec1a20170315629df9c3c6ebac842d0168922d;p=thirdparty%2Fkernel%2Fstable-queue.git 5.11-stable patches added patches: cifs-adjust-key-sizes-and-key-generation-routines-for-aes256-encryption.patch locking-mutex-fix-non-debug-version-of-mutex_lock_io_nested.patch smb3-fix-cached-file-size-problems-in-duplicate-extents-reflink.patch x86-mem_encrypt-correct-physical-address-calculation-in-__set_clr_pte_enc.patch --- diff --git a/queue-5.11/cifs-adjust-key-sizes-and-key-generation-routines-for-aes256-encryption.patch b/queue-5.11/cifs-adjust-key-sizes-and-key-generation-routines-for-aes256-encryption.patch new file mode 100644 index 00000000000..24523ab015e --- /dev/null +++ b/queue-5.11/cifs-adjust-key-sizes-and-key-generation-routines-for-aes256-encryption.patch @@ -0,0 +1,183 @@ +From 45a4546c6167a2da348a31ca439d8a8ff773b6ea Mon Sep 17 00:00:00 2001 +From: Shyam Prasad N +Date: Thu, 25 Mar 2021 12:34:54 +0000 +Subject: cifs: Adjust key sizes and key generation routines for AES256 encryption + +From: Shyam Prasad N + +commit 45a4546c6167a2da348a31ca439d8a8ff773b6ea upstream. + +For AES256 encryption (GCM and CCM), we need to adjust the size of a few +fields to 32 bytes instead of 16 to accommodate the larger keys. + +Also, the L value supplied to the key generator needs to be changed from +to 256 when these algorithms are used. + +Keeping the ioctl struct for dumping keys of the same size for now. +Will send out a different patch for that one. + +Signed-off-by: Shyam Prasad N +Reviewed-by: Ronnie Sahlberg +CC: # v5.10+ +Signed-off-by: Steve French +Signed-off-by: Greg Kroah-Hartman +--- + fs/cifs/cifsglob.h | 4 ++-- + fs/cifs/cifspdu.h | 5 +++++ + fs/cifs/smb2glob.h | 1 + + fs/cifs/smb2ops.c | 9 +++++---- + fs/cifs/smb2transport.c | 37 ++++++++++++++++++++++++++++--------- + 5 files changed, 41 insertions(+), 15 deletions(-) + +--- a/fs/cifs/cifsglob.h ++++ b/fs/cifs/cifsglob.h +@@ -915,8 +915,8 @@ struct cifs_ses { + bool binding:1; /* are we binding the session? */ + __u16 session_flags; + __u8 smb3signingkey[SMB3_SIGN_KEY_SIZE]; +- __u8 smb3encryptionkey[SMB3_SIGN_KEY_SIZE]; +- __u8 smb3decryptionkey[SMB3_SIGN_KEY_SIZE]; ++ __u8 smb3encryptionkey[SMB3_ENC_DEC_KEY_SIZE]; ++ __u8 smb3decryptionkey[SMB3_ENC_DEC_KEY_SIZE]; + __u8 preauth_sha_hash[SMB2_PREAUTH_HASH_SIZE]; + + __u8 binding_preauth_sha_hash[SMB2_PREAUTH_HASH_SIZE]; +--- a/fs/cifs/cifspdu.h ++++ b/fs/cifs/cifspdu.h +@@ -147,6 +147,11 @@ + */ + #define SMB3_SIGN_KEY_SIZE (16) + ++/* ++ * Size of the smb3 encryption/decryption keys ++ */ ++#define SMB3_ENC_DEC_KEY_SIZE (32) ++ + #define CIFS_CLIENT_CHALLENGE_SIZE (8) + #define CIFS_SERVER_CHALLENGE_SIZE (8) + #define CIFS_HMAC_MD5_HASH_SIZE (16) +--- a/fs/cifs/smb2glob.h ++++ b/fs/cifs/smb2glob.h +@@ -58,6 +58,7 @@ + #define SMB2_HMACSHA256_SIZE (32) + #define SMB2_CMACAES_SIZE (16) + #define SMB3_SIGNKEY_SIZE (16) ++#define SMB3_GCM128_CRYPTKEY_SIZE (16) + #define SMB3_GCM256_CRYPTKEY_SIZE (32) + + /* Maximum buffer size value we can send with 1 credit */ +--- a/fs/cifs/smb2ops.c ++++ b/fs/cifs/smb2ops.c +@@ -4109,7 +4109,7 @@ smb2_get_enc_key(struct TCP_Server_Info + if (ses->Suid == ses_id) { + ses_enc_key = enc ? ses->smb3encryptionkey : + ses->smb3decryptionkey; +- memcpy(key, ses_enc_key, SMB3_SIGN_KEY_SIZE); ++ memcpy(key, ses_enc_key, SMB3_ENC_DEC_KEY_SIZE); + spin_unlock(&cifs_tcp_ses_lock); + return 0; + } +@@ -4136,7 +4136,7 @@ crypt_message(struct TCP_Server_Info *se + int rc = 0; + struct scatterlist *sg; + u8 sign[SMB2_SIGNATURE_SIZE] = {}; +- u8 key[SMB3_SIGN_KEY_SIZE]; ++ u8 key[SMB3_ENC_DEC_KEY_SIZE]; + struct aead_request *req; + char *iv; + unsigned int iv_len; +@@ -4160,10 +4160,11 @@ crypt_message(struct TCP_Server_Info *se + tfm = enc ? server->secmech.ccmaesencrypt : + server->secmech.ccmaesdecrypt; + +- if (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM) ++ if ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) || ++ (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) + rc = crypto_aead_setkey(tfm, key, SMB3_GCM256_CRYPTKEY_SIZE); + else +- rc = crypto_aead_setkey(tfm, key, SMB3_SIGN_KEY_SIZE); ++ rc = crypto_aead_setkey(tfm, key, SMB3_GCM128_CRYPTKEY_SIZE); + + if (rc) { + cifs_server_dbg(VFS, "%s: Failed to set aead key %d\n", __func__, rc); +--- a/fs/cifs/smb2transport.c ++++ b/fs/cifs/smb2transport.c +@@ -298,7 +298,8 @@ static int generate_key(struct cifs_ses + { + unsigned char zero = 0x0; + __u8 i[4] = {0, 0, 0, 1}; +- __u8 L[4] = {0, 0, 0, 128}; ++ __u8 L128[4] = {0, 0, 0, 128}; ++ __u8 L256[4] = {0, 0, 1, 0}; + int rc = 0; + unsigned char prfhash[SMB2_HMACSHA256_SIZE]; + unsigned char *hashptr = prfhash; +@@ -354,8 +355,14 @@ static int generate_key(struct cifs_ses + goto smb3signkey_ret; + } + +- rc = crypto_shash_update(&server->secmech.sdeschmacsha256->shash, +- L, 4); ++ if ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) || ++ (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) { ++ rc = crypto_shash_update(&server->secmech.sdeschmacsha256->shash, ++ L256, 4); ++ } else { ++ rc = crypto_shash_update(&server->secmech.sdeschmacsha256->shash, ++ L128, 4); ++ } + if (rc) { + cifs_server_dbg(VFS, "%s: Could not update with L\n", __func__); + goto smb3signkey_ret; +@@ -390,6 +397,9 @@ generate_smb3signingkey(struct cifs_ses + const struct derivation_triplet *ptriplet) + { + int rc; ++#ifdef CONFIG_CIFS_DEBUG_DUMP_KEYS ++ struct TCP_Server_Info *server = ses->server; ++#endif + + /* + * All channels use the same encryption/decryption keys but +@@ -422,11 +432,11 @@ generate_smb3signingkey(struct cifs_ses + rc = generate_key(ses, ptriplet->encryption.label, + ptriplet->encryption.context, + ses->smb3encryptionkey, +- SMB3_SIGN_KEY_SIZE); ++ SMB3_ENC_DEC_KEY_SIZE); + rc = generate_key(ses, ptriplet->decryption.label, + ptriplet->decryption.context, + ses->smb3decryptionkey, +- SMB3_SIGN_KEY_SIZE); ++ SMB3_ENC_DEC_KEY_SIZE); + if (rc) + return rc; + } +@@ -442,14 +452,23 @@ generate_smb3signingkey(struct cifs_ses + */ + cifs_dbg(VFS, "Session Id %*ph\n", (int)sizeof(ses->Suid), + &ses->Suid); ++ cifs_dbg(VFS, "Cipher type %d\n", server->cipher_type); + cifs_dbg(VFS, "Session Key %*ph\n", + SMB2_NTLMV2_SESSKEY_SIZE, ses->auth_key.response); + cifs_dbg(VFS, "Signing Key %*ph\n", + SMB3_SIGN_KEY_SIZE, ses->smb3signingkey); +- cifs_dbg(VFS, "ServerIn Key %*ph\n", +- SMB3_SIGN_KEY_SIZE, ses->smb3encryptionkey); +- cifs_dbg(VFS, "ServerOut Key %*ph\n", +- SMB3_SIGN_KEY_SIZE, ses->smb3decryptionkey); ++ if ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) || ++ (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) { ++ cifs_dbg(VFS, "ServerIn Key %*ph\n", ++ SMB3_GCM256_CRYPTKEY_SIZE, ses->smb3encryptionkey); ++ cifs_dbg(VFS, "ServerOut Key %*ph\n", ++ SMB3_GCM256_CRYPTKEY_SIZE, ses->smb3decryptionkey); ++ } else { ++ cifs_dbg(VFS, "ServerIn Key %*ph\n", ++ SMB3_GCM128_CRYPTKEY_SIZE, ses->smb3encryptionkey); ++ cifs_dbg(VFS, "ServerOut Key %*ph\n", ++ SMB3_GCM128_CRYPTKEY_SIZE, ses->smb3decryptionkey); ++ } + #endif + return rc; + } diff --git a/queue-5.11/locking-mutex-fix-non-debug-version-of-mutex_lock_io_nested.patch b/queue-5.11/locking-mutex-fix-non-debug-version-of-mutex_lock_io_nested.patch new file mode 100644 index 00000000000..af890329c45 --- /dev/null +++ b/queue-5.11/locking-mutex-fix-non-debug-version-of-mutex_lock_io_nested.patch @@ -0,0 +1,37 @@ +From 291da9d4a9eb3a1cb0610b7f4480f5b52b1825e7 Mon Sep 17 00:00:00 2001 +From: Thomas Gleixner +Date: Mon, 22 Mar 2021 09:46:13 +0100 +Subject: locking/mutex: Fix non debug version of mutex_lock_io_nested() + +From: Thomas Gleixner + +commit 291da9d4a9eb3a1cb0610b7f4480f5b52b1825e7 upstream. + +If CONFIG_DEBUG_LOCK_ALLOC=n then mutex_lock_io_nested() maps to +mutex_lock() which is clearly wrong because mutex_lock() lacks the +io_schedule_prepare()/finish() invocations. + +Map it to mutex_lock_io(). + +Fixes: f21860bac05b ("locking/mutex, sched/wait: Fix the mutex_lock_io_nested() define") +Signed-off-by: Thomas Gleixner +Signed-off-by: Peter Zijlstra (Intel) +Signed-off-by: Ingo Molnar +Cc: stable@vger.kernel.org +Link: https://lkml.kernel.org/r/878s6fshii.fsf@nanos.tec.linutronix.de +Signed-off-by: Greg Kroah-Hartman +--- + include/linux/mutex.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/include/linux/mutex.h ++++ b/include/linux/mutex.h +@@ -185,7 +185,7 @@ extern void mutex_lock_io(struct mutex * + # define mutex_lock_interruptible_nested(lock, subclass) mutex_lock_interruptible(lock) + # define mutex_lock_killable_nested(lock, subclass) mutex_lock_killable(lock) + # define mutex_lock_nest_lock(lock, nest_lock) mutex_lock(lock) +-# define mutex_lock_io_nested(lock, subclass) mutex_lock(lock) ++# define mutex_lock_io_nested(lock, subclass) mutex_lock_io(lock) + #endif + + /* diff --git a/queue-5.11/series b/queue-5.11/series index 7f4c977ba50..6e555f91ae5 100644 --- a/queue-5.11/series +++ b/queue-5.11/series @@ -236,3 +236,7 @@ block-recalculate-segment-count-for-multi-segment-di.patch scsi-revert-qla2xxx-make-sure-that-aborted-commands-.patch scsi-qedi-fix-error-return-code-of-qedi_alloc_global.patch scsi-mpt3sas-fix-error-return-code-of-mpt3sas_base_a.patch +smb3-fix-cached-file-size-problems-in-duplicate-extents-reflink.patch +cifs-adjust-key-sizes-and-key-generation-routines-for-aes256-encryption.patch +locking-mutex-fix-non-debug-version-of-mutex_lock_io_nested.patch +x86-mem_encrypt-correct-physical-address-calculation-in-__set_clr_pte_enc.patch diff --git a/queue-5.11/smb3-fix-cached-file-size-problems-in-duplicate-extents-reflink.patch b/queue-5.11/smb3-fix-cached-file-size-problems-in-duplicate-extents-reflink.patch new file mode 100644 index 00000000000..088682b2492 --- /dev/null +++ b/queue-5.11/smb3-fix-cached-file-size-problems-in-duplicate-extents-reflink.patch @@ -0,0 +1,63 @@ +From cfc63fc8126a93cbf95379bc4cad79a7b15b6ece Mon Sep 17 00:00:00 2001 +From: Steve French +Date: Fri, 26 Mar 2021 18:41:55 -0500 +Subject: smb3: fix cached file size problems in duplicate extents (reflink) + +From: Steve French + +commit cfc63fc8126a93cbf95379bc4cad79a7b15b6ece upstream. + +There were two problems (one of which could cause data corruption) +that were noticed with duplicate extents (ie reflink) +when debugging why various xfstests were being incorrectly skipped +(e.g. generic/138, generic/140, generic/142). First, we were not +updating the file size locally in the cache when extending a +file due to reflink (it would refresh after actimeo expires) +but xfstest was checking the size immediately which was still +0 so caused the test to be skipped. Second, we were setting +the target file size (which could shrink the file) in all cases +to the end of the reflinked range rather than only setting the +target file size when reflink would extend the file. + +CC: +Signed-off-by: Steve French +Signed-off-by: Greg Kroah-Hartman +--- + fs/cifs/smb2ops.c | 18 +++++++++++++++--- + 1 file changed, 15 insertions(+), 3 deletions(-) + +--- a/fs/cifs/smb2ops.c ++++ b/fs/cifs/smb2ops.c +@@ -2007,6 +2007,7 @@ smb2_duplicate_extents(const unsigned in + { + int rc; + unsigned int ret_data_len; ++ struct inode *inode; + struct duplicate_extents_to_file dup_ext_buf; + struct cifs_tcon *tcon = tlink_tcon(trgtfile->tlink); + +@@ -2023,10 +2024,21 @@ smb2_duplicate_extents(const unsigned in + cifs_dbg(FYI, "Duplicate extents: src off %lld dst off %lld len %lld\n", + src_off, dest_off, len); + +- rc = smb2_set_file_size(xid, tcon, trgtfile, dest_off + len, false); +- if (rc) +- goto duplicate_extents_out; ++ inode = d_inode(trgtfile->dentry); ++ if (inode->i_size < dest_off + len) { ++ rc = smb2_set_file_size(xid, tcon, trgtfile, dest_off + len, false); ++ if (rc) ++ goto duplicate_extents_out; + ++ /* ++ * Although also could set plausible allocation size (i_blocks) ++ * here in addition to setting the file size, in reflink ++ * it is likely that the target file is sparse. Its allocation ++ * size will be queried on next revalidate, but it is important ++ * to make sure that file's cached size is updated immediately ++ */ ++ cifs_setsize(inode, dest_off + len); ++ } + rc = SMB2_ioctl(xid, tcon, trgtfile->fid.persistent_fid, + trgtfile->fid.volatile_fid, + FSCTL_DUPLICATE_EXTENTS_TO_FILE, diff --git a/queue-5.11/x86-mem_encrypt-correct-physical-address-calculation-in-__set_clr_pte_enc.patch b/queue-5.11/x86-mem_encrypt-correct-physical-address-calculation-in-__set_clr_pte_enc.patch new file mode 100644 index 00000000000..a5429815643 --- /dev/null +++ b/queue-5.11/x86-mem_encrypt-correct-physical-address-calculation-in-__set_clr_pte_enc.patch @@ -0,0 +1,46 @@ +From 8249d17d3194eac064a8ca5bc5ca0abc86feecde Mon Sep 17 00:00:00 2001 +From: Isaku Yamahata +Date: Thu, 18 Mar 2021 13:26:57 -0700 +Subject: x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc() + +From: Isaku Yamahata + +commit 8249d17d3194eac064a8ca5bc5ca0abc86feecde upstream. + +The pfn variable contains the page frame number as returned by the +pXX_pfn() functions, shifted to the right by PAGE_SHIFT to remove the +page bits. After page protection computations are done to it, it gets +shifted back to the physical address using page_level_shift(). + +That is wrong, of course, because that function determines the shift +length based on the level of the page in the page table but in all the +cases, it was shifted by PAGE_SHIFT before. + +Therefore, shift it back using PAGE_SHIFT to get the correct physical +address. + + [ bp: Rewrite commit message. ] + +Fixes: dfaaec9033b8 ("x86: Add support for changing memory encryption attribute in early boot") +Signed-off-by: Isaku Yamahata +Signed-off-by: Borislav Petkov +Reviewed-by: Kirill A. Shutemov +Reviewed-by: Tom Lendacky +Cc: +Link: https://lkml.kernel.org/r/81abbae1657053eccc535c16151f63cd049dcb97.1616098294.git.isaku.yamahata@intel.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/mm/mem_encrypt.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/x86/mm/mem_encrypt.c ++++ b/arch/x86/mm/mem_encrypt.c +@@ -262,7 +262,7 @@ static void __init __set_clr_pte_enc(pte + if (pgprot_val(old_prot) == pgprot_val(new_prot)) + return; + +- pa = pfn << page_level_shift(level); ++ pa = pfn << PAGE_SHIFT; + size = page_level_size(level); + + /*