From: Greg Kroah-Hartman Date: Thu, 19 Mar 2026 06:52:12 +0000 (+0100) Subject: 6.12-stable patches X-Git-Tag: v6.18.19~19 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6152439fb859a1d572a9b600b0abe81ee7613fe9;p=thirdparty%2Fkernel%2Fstable-queue.git 6.12-stable patches added patches: ksmbd-compare-macs-in-constant-time.patch net-tcp-md5-fix-mac-comparison-to-be-constant-time.patch smb-client-compare-macs-in-constant-time.patch --- diff --git a/queue-6.12/ksmbd-compare-macs-in-constant-time.patch b/queue-6.12/ksmbd-compare-macs-in-constant-time.patch new file mode 100644 index 0000000000..070e34db73 --- /dev/null +++ b/queue-6.12/ksmbd-compare-macs-in-constant-time.patch @@ -0,0 +1,85 @@ +From stable+bounces-224560-greg=kroah.com@vger.kernel.org Tue Mar 10 20:52:59 2026 +From: Eric Biggers +Date: Tue, 10 Mar 2026 12:52:51 -0700 +Subject: ksmbd: Compare MACs in constant time +To: stable@vger.kernel.org +Cc: linux-crypto@vger.kernel.org, linux-cifs@vger.kernel.org, Eric Biggers , Namjae Jeon , Steve French +Message-ID: <20260310195251.70880-1-ebiggers@kernel.org> + +From: Eric Biggers + +commit c5794709bc9105935dbedef8b9cf9c06f2b559fa upstream. + +To prevent timing attacks, MAC comparisons need to be constant-time. +Replace the memcmp() with the correct function, crypto_memneq(). + +Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3") +Cc: stable@vger.kernel.org +Signed-off-by: Eric Biggers +Acked-by: Namjae Jeon +Signed-off-by: Steve French +Signed-off-by: Greg Kroah-Hartman +--- + fs/smb/server/Kconfig | 1 + + fs/smb/server/auth.c | 4 +++- + fs/smb/server/smb2pdu.c | 5 +++-- + 3 files changed, 7 insertions(+), 3 deletions(-) + +--- a/fs/smb/server/Kconfig ++++ b/fs/smb/server/Kconfig +@@ -11,6 +11,7 @@ config SMB_SERVER + select CRYPTO_HMAC + select CRYPTO_ECB + select CRYPTO_LIB_DES ++ select CRYPTO_LIB_UTILS + select CRYPTO_SHA256 + select CRYPTO_CMAC + select CRYPTO_SHA512 +--- a/fs/smb/server/auth.c ++++ b/fs/smb/server/auth.c +@@ -13,6 +13,7 @@ + #include + #include + #include ++#include + #include + #include + +@@ -283,7 +284,8 @@ int ksmbd_auth_ntlmv2(struct ksmbd_conn + goto out; + } + +- if (memcmp(ntlmv2->ntlmv2_hash, ntlmv2_rsp, CIFS_HMAC_MD5_HASH_SIZE) != 0) ++ if (crypto_memneq(ntlmv2->ntlmv2_hash, ntlmv2_rsp, ++ CIFS_HMAC_MD5_HASH_SIZE)) + rc = -EINVAL; + out: + if (ctx) +--- a/fs/smb/server/smb2pdu.c ++++ b/fs/smb/server/smb2pdu.c +@@ -4,6 +4,7 @@ + * Copyright (C) 2018 Samsung Electronics Co., Ltd. + */ + ++#include + #include + #include + #include +@@ -8825,7 +8826,7 @@ int smb2_check_sign_req(struct ksmbd_wor + signature)) + return 0; + +- if (memcmp(signature, signature_req, SMB2_SIGNATURE_SIZE)) { ++ if (crypto_memneq(signature, signature_req, SMB2_SIGNATURE_SIZE)) { + pr_err("bad smb2 signature\n"); + return 0; + } +@@ -8913,7 +8914,7 @@ int smb3_check_sign_req(struct ksmbd_wor + if (ksmbd_sign_smb3_pdu(conn, signing_key, iov, 1, signature)) + return 0; + +- if (memcmp(signature, signature_req, SMB2_SIGNATURE_SIZE)) { ++ if (crypto_memneq(signature, signature_req, SMB2_SIGNATURE_SIZE)) { + pr_err("bad smb2 signature\n"); + return 0; + } diff --git a/queue-6.12/net-tcp-md5-fix-mac-comparison-to-be-constant-time.patch b/queue-6.12/net-tcp-md5-fix-mac-comparison-to-be-constant-time.patch new file mode 100644 index 0000000000..2ae48b129a --- /dev/null +++ b/queue-6.12/net-tcp-md5-fix-mac-comparison-to-be-constant-time.patch @@ -0,0 +1,85 @@ +From stable+bounces-224566-greg=kroah.com@vger.kernel.org Tue Mar 10 21:17:26 2026 +From: Eric Biggers +Date: Tue, 10 Mar 2026 13:16:57 -0700 +Subject: net/tcp-md5: Fix MAC comparison to be constant-time +To: stable@vger.kernel.org +Cc: linux-crypto@vger.kernel.org, netdev@vger.kernel.org, Dmitry Safonov <0x7f454c46@gmail.com>, Eric Biggers , Jakub Kicinski +Message-ID: <20260310201657.119992-1-ebiggers@kernel.org> + +From: Eric Biggers + +commit 46d0d6f50dab706637f4c18a470aac20a21900d3 upstream. + +To prevent timing attacks, MACs need to be compared in constant +time. Use the appropriate helper function for this. + +Fixes: cfb6eeb4c860 ("[TCP]: MD5 Signature Option (RFC2385) support.") +Fixes: 658ddaaf6694 ("tcp: md5: RST: getting md5 key from listener") +Cc: stable@vger.kernel.org +Signed-off-by: Eric Biggers +Link: https://patch.msgid.link/20260302203409.13388-1-ebiggers@kernel.org +Signed-off-by: Jakub Kicinski +Signed-off-by: Greg Kroah-Hartman +--- + net/ipv4/tcp.c | 3 ++- + net/ipv4/tcp_ipv4.c | 3 ++- + net/ipv6/tcp_ipv6.c | 3 ++- + 3 files changed, 6 insertions(+), 3 deletions(-) + +--- a/net/ipv4/tcp.c ++++ b/net/ipv4/tcp.c +@@ -244,6 +244,7 @@ + #define pr_fmt(fmt) "TCP: " fmt + + #include ++#include + #include + #include + #include +@@ -4783,7 +4784,7 @@ tcp_inbound_md5_hash(const struct sock * + else + genhash = tp->af_specific->calc_md5_hash(newhash, key, + NULL, skb); +- if (genhash || memcmp(hash_location, newhash, 16) != 0) { ++ if (genhash || crypto_memneq(hash_location, newhash, 16)) { + NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5FAILURE); + trace_tcp_hash_md5_mismatch(sk, skb); + return SKB_DROP_REASON_TCP_MD5FAILURE; +--- a/net/ipv4/tcp_ipv4.c ++++ b/net/ipv4/tcp_ipv4.c +@@ -82,6 +82,7 @@ + #include + + #include ++#include + #include + + #include +@@ -839,7 +840,7 @@ static void tcp_v4_send_reset(const stru + + + genhash = tcp_v4_md5_hash_skb(newhash, key, NULL, skb); +- if (genhash || memcmp(md5_hash_location, newhash, 16) != 0) ++ if (genhash || crypto_memneq(md5_hash_location, newhash, 16)) + goto out; + + } +--- a/net/ipv6/tcp_ipv6.c ++++ b/net/ipv6/tcp_ipv6.c +@@ -66,6 +66,7 @@ + #include + + #include ++#include + #include + + #include +@@ -1084,7 +1085,7 @@ static void tcp_v6_send_reset(const stru + key.type = TCP_KEY_MD5; + + genhash = tcp_v6_md5_hash_skb(newhash, key.md5_key, NULL, skb); +- if (genhash || memcmp(md5_hash_location, newhash, 16) != 0) ++ if (genhash || crypto_memneq(md5_hash_location, newhash, 16)) + goto out; + } + #endif diff --git a/queue-6.12/series b/queue-6.12/series index 5ef6ffe85e..825f560a0a 100644 --- a/queue-6.12/series +++ b/queue-6.12/series @@ -216,3 +216,6 @@ i3c-mipi-i3c-hci-use-etimedout-instead-of-etime-for-timeout-errors.patch i3c-mipi-i3c-hci-restart-dma-ring-correctly-after-dequeue-abort.patch i3c-mipi-i3c-hci-add-missing-tid-field-to-no-op-command-descriptor.patch drm-bridge-ti-sn65dsi86-add-support-for-displayport-mode-with-hpd.patch +net-tcp-md5-fix-mac-comparison-to-be-constant-time.patch +ksmbd-compare-macs-in-constant-time.patch +smb-client-compare-macs-in-constant-time.patch diff --git a/queue-6.12/smb-client-compare-macs-in-constant-time.patch b/queue-6.12/smb-client-compare-macs-in-constant-time.patch new file mode 100644 index 0000000000..82e789dc0a --- /dev/null +++ b/queue-6.12/smb-client-compare-macs-in-constant-time.patch @@ -0,0 +1,65 @@ +From stable+bounces-224554-greg=kroah.com@vger.kernel.org Tue Mar 10 20:51:01 2026 +From: Eric Biggers +Date: Tue, 10 Mar 2026 12:50:49 -0700 +Subject: smb: client: Compare MACs in constant time +To: stable@vger.kernel.org +Cc: linux-crypto@vger.kernel.org, linux-cifs@vger.kernel.org, Eric Biggers , "Paulo Alcantara (Red Hat)" , Steve French +Message-ID: <20260310195049.70659-1-ebiggers@kernel.org> + +From: Eric Biggers + +commit 26bc83b88bbbf054f0980a4a42047a8d1e210e4c upstream. + +To prevent timing attacks, MAC comparisons need to be constant-time. +Replace the memcmp() with the correct function, crypto_memneq(). + +Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") +Cc: stable@vger.kernel.org +Acked-by: Paulo Alcantara (Red Hat) +Signed-off-by: Eric Biggers +Signed-off-by: Steve French +Signed-off-by: Greg Kroah-Hartman +--- + fs/smb/client/cifsencrypt.c | 3 ++- + fs/smb/client/smb2transport.c | 4 +++- + 2 files changed, 5 insertions(+), 2 deletions(-) + +--- a/fs/smb/client/cifsencrypt.c ++++ b/fs/smb/client/cifsencrypt.c +@@ -24,6 +24,7 @@ + #include + #include "../common/arc4.h" + #include ++#include + + static size_t cifs_shash_step(void *iter_base, size_t progress, size_t len, + void *priv, void *priv2) +@@ -257,7 +258,7 @@ int cifs_verify_signature(struct smb_rqs + /* cifs_dump_mem("what we think it should be: ", + what_we_think_sig_should_be, 16); */ + +- if (memcmp(server_response_sig, what_we_think_sig_should_be, 8)) ++ if (crypto_memneq(server_response_sig, what_we_think_sig_should_be, 8)) + return -EACCES; + else + return 0; +--- a/fs/smb/client/smb2transport.c ++++ b/fs/smb/client/smb2transport.c +@@ -19,6 +19,7 @@ + #include + #include + #include ++#include + #include "cifsglob.h" + #include "cifsproto.h" + #include "smb2proto.h" +@@ -732,7 +733,8 @@ smb2_verify_signature(struct smb_rqst *r + if (rc) + return rc; + +- if (memcmp(server_response_sig, shdr->Signature, SMB2_SIGNATURE_SIZE)) { ++ if (crypto_memneq(server_response_sig, shdr->Signature, ++ SMB2_SIGNATURE_SIZE)) { + cifs_dbg(VFS, "sign fail cmd 0x%x message id 0x%llx\n", + shdr->Command, shdr->MessageId); + return -EACCES;