drop queue-5.15/ksmbd-compare-macs-in-constant-time.patch

diff --git a/queue-5.15/ksmbd-compare-macs-in-constant-time.patch b/queue-5.15/ksmbd-compare-macs-in-constant-time.patch
deleted file mode 100644 (file)
index 16501b9..0000000
--- a/queue-5.15/ksmbd-compare-macs-in-constant-time.patch
+++ /dev/null
@@ -1,83 +0,0 @@
-From c5794709bc9105935dbedef8b9cf9c06f2b559fa Mon Sep 17 00:00:00 2001
-From: Eric Biggers <ebiggers@kernel.org>
-Date: Tue, 17 Feb 2026 20:28:29 -0800
-Subject: ksmbd: Compare MACs in constant time
-
-From: Eric Biggers <ebiggers@kernel.org>
-
-commit c5794709bc9105935dbedef8b9cf9c06f2b559fa upstream.
-
-To prevent timing attacks, MAC comparisons need to be constant-time.
-Replace the memcmp() with the correct function, crypto_memneq().
-
-Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
-Cc: stable@vger.kernel.org
-Signed-off-by: Eric Biggers <ebiggers@kernel.org>
-Acked-by: Namjae Jeon <linkinjeon@kernel.org>
-Signed-off-by: Steve French <stfrench@microsoft.com>
-Signed-off-by: Rajani Kantha <681739313@139.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- fs/ksmbd/Kconfig   |    1 +
- fs/ksmbd/auth.c    |    4 +++-
- fs/ksmbd/smb2pdu.c |    5 +++--
- 3 files changed, 7 insertions(+), 3 deletions(-)
-
---- a/fs/ksmbd/Kconfig
-+++ b/fs/ksmbd/Kconfig
-@@ -10,6 +10,7 @@ config SMB_SERVER
-       select CRYPTO_HMAC
-       select CRYPTO_ECB
-       select CRYPTO_LIB_DES
-+      select CRYPTO_LIB_UTILS
-       select CRYPTO_SHA256
-       select CRYPTO_CMAC
-       select CRYPTO_SHA512
---- a/fs/ksmbd/auth.c
-+++ b/fs/ksmbd/auth.c
-@@ -13,6 +13,7 @@
- #include <linux/xattr.h>
- #include <crypto/hash.h>
- #include <crypto/aead.h>
-+#include <crypto/utils.h>
- #include <linux/random.h>
- #include <linux/scatterlist.h>
- 
-@@ -281,7 +282,8 @@ int ksmbd_auth_ntlmv2(struct ksmbd_conn
-               goto out;
-       }
- 
--      if (memcmp(ntlmv2->ntlmv2_hash, ntlmv2_rsp, CIFS_HMAC_MD5_HASH_SIZE) != 0)
-+      if (crypto_memneq(ntlmv2->ntlmv2_hash, ntlmv2_rsp,
-+                        CIFS_HMAC_MD5_HASH_SIZE))
-               rc = -EINVAL;
- out:
-       if (ctx)
---- a/fs/ksmbd/smb2pdu.c
-+++ b/fs/ksmbd/smb2pdu.c
-@@ -4,6 +4,7 @@
-  *   Copyright (C) 2018 Samsung Electronics Co., Ltd.
-  */
- 
-+#include <crypto/utils.h>
- #include <linux/inetdevice.h>
- #include <net/addrconf.h>
- #include <linux/syscalls.h>
-@@ -8440,7 +8441,7 @@ int smb2_check_sign_req(struct ksmbd_wor
-                               signature))
-               return 0;
- 
--      if (memcmp(signature, signature_req, SMB2_SIGNATURE_SIZE)) {
-+      if (crypto_memneq(signature, signature_req, SMB2_SIGNATURE_SIZE)) {
-               pr_err("bad smb2 signature\n");
-               return 0;
-       }
-@@ -8528,7 +8529,7 @@ int smb3_check_sign_req(struct ksmbd_wor
-       if (ksmbd_sign_smb3_pdu(conn, signing_key, iov, 1, signature))
-               return 0;
- 
--      if (memcmp(signature, signature_req, SMB2_SIGNATURE_SIZE)) {
-+      if (crypto_memneq(signature, signature_req, SMB2_SIGNATURE_SIZE)) {
-               pr_err("bad smb2 signature\n");
-               return 0;
-       }

diff --git a/queue-5.15/series b/queue-5.15/series
index 37f6671c6d3edfa6b36415acf12fe1d87aa6b498..8a93d35375e0aba84592a49afb91b3cc7b2c5dcb 100644 (file)
--- a/queue-5.15/series
+++ b/queue-5.15/series
@@ -247,7 +247,6 @@ fs-fcntl-fix-softirq-unsafe-lock-order-in-fasync-signaling.patch
 mm-damon-ops-common-call-folio_test_lru-after-folio_.patch
 io_uring-poll-fix-signed-comparison-in-io_poll_get_ownership.patch
 net-tcp-md5-fix-mac-comparison-to-be-constant-time.patch
-ksmbd-compare-macs-in-constant-time.patch
 lib-crypto-mpi-fix-integer-underflow-in-mpi_read_raw_from_sgl.patch
 f2fs-fix-to-do-sanity-check-on-dcc-discard_cmd_cnt-conditionally.patch
 f2fs-fix-uaf-caused-by-decrementing-sbi-nr_pages-in-f2fs_write_end_io.patch