| Message ID | 20190215184202.5537-1-smayhew@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | sunrpc: fix 4 more call sites that were using stack memory with a scatterlist | expand |
Thanks! Applying for 5.0 and stable. --b. On Fri, Feb 15, 2019 at 01:42:02PM -0500, Scott Mayhew wrote: > While trying to reproduce a reported kernel panic on arm64, I discovered > that AUTH_GSS basically doesn't work at all with older enctypes on arm64 > systems with CONFIG_VMAP_STACK enabled. It turns out there still a few > places using stack memory with scatterlists, causing krb5_encrypt() and > krb5_decrypt() to produce incorrect results (or a BUG if CONFIG_DEBUG_SG > is enabled). > > Tested with cthon on v4.0/v4.1/v4.2 with krb5/krb5i/krb5p using > des3-cbc-sha1 and arcfour-hmac-md5. > > Signed-off-by: Scott Mayhew <smayhew@redhat.com> > --- > net/sunrpc/auth_gss/gss_krb5_seqnum.c | 49 +++++++++++++++++++++------ > 1 file changed, 38 insertions(+), 11 deletions(-) > > diff --git a/net/sunrpc/auth_gss/gss_krb5_seqnum.c b/net/sunrpc/auth_gss/gss_krb5_seqnum.c > index fb6656295204..507105127095 100644 > --- a/net/sunrpc/auth_gss/gss_krb5_seqnum.c > +++ b/net/sunrpc/auth_gss/gss_krb5_seqnum.c > @@ -44,7 +44,7 @@ krb5_make_rc4_seq_num(struct krb5_ctx *kctx, int direction, s32 seqnum, > unsigned char *cksum, unsigned char *buf) > { > struct crypto_sync_skcipher *cipher; > - unsigned char plain[8]; > + unsigned char *plain; > s32 code; > > dprintk("RPC: %s:\n", __func__); > @@ -52,6 +52,10 @@ krb5_make_rc4_seq_num(struct krb5_ctx *kctx, int direction, s32 seqnum, > if (IS_ERR(cipher)) > return PTR_ERR(cipher); > > + plain = kmalloc(8, GFP_NOFS); > + if (!plain) > + return -ENOMEM; > + > plain[0] = (unsigned char) ((seqnum >> 24) & 0xff); > plain[1] = (unsigned char) ((seqnum >> 16) & 0xff); > plain[2] = (unsigned char) ((seqnum >> 8) & 0xff); > @@ -67,6 +71,7 @@ krb5_make_rc4_seq_num(struct krb5_ctx *kctx, int direction, s32 seqnum, > > code = krb5_encrypt(cipher, cksum, plain, buf, 8); > out: > + kfree(plain); > crypto_free_sync_skcipher(cipher); > return code; > } > @@ -77,12 +82,17 @@ krb5_make_seq_num(struct krb5_ctx *kctx, > u32 seqnum, > unsigned char *cksum, unsigned char *buf) > { > - unsigned char plain[8]; > + unsigned char *plain; > + s32 code; > > if (kctx->enctype == ENCTYPE_ARCFOUR_HMAC) > return krb5_make_rc4_seq_num(kctx, direction, seqnum, > cksum, buf); > > + plain = kmalloc(8, GFP_NOFS); > + if (!plain) > + return -ENOMEM; > + > plain[0] = (unsigned char) (seqnum & 0xff); > plain[1] = (unsigned char) ((seqnum >> 8) & 0xff); > plain[2] = (unsigned char) ((seqnum >> 16) & 0xff); > @@ -93,7 +103,9 @@ krb5_make_seq_num(struct krb5_ctx *kctx, > plain[6] = direction; > plain[7] = direction; > > - return krb5_encrypt(key, cksum, plain, buf, 8); > + code = krb5_encrypt(key, cksum, plain, buf, 8); > + kfree(plain); > + return code; > } > > static s32 > @@ -101,7 +113,7 @@ krb5_get_rc4_seq_num(struct krb5_ctx *kctx, unsigned char *cksum, > unsigned char *buf, int *direction, s32 *seqnum) > { > struct crypto_sync_skcipher *cipher; > - unsigned char plain[8]; > + unsigned char *plain; > s32 code; > > dprintk("RPC: %s:\n", __func__); > @@ -113,20 +125,28 @@ krb5_get_rc4_seq_num(struct krb5_ctx *kctx, unsigned char *cksum, > if (code) > goto out; > > + plain = kmalloc(8, GFP_NOFS); > + if (!plain) { > + code = -ENOMEM; > + goto out; > + } > + > code = krb5_decrypt(cipher, cksum, buf, plain, 8); > if (code) > - goto out; > + goto out_plain; > > if ((plain[4] != plain[5]) || (plain[4] != plain[6]) > || (plain[4] != plain[7])) { > code = (s32)KG_BAD_SEQ; > - goto out; > + goto out_plain; > } > > *direction = plain[4]; > > *seqnum = ((plain[0] << 24) | (plain[1] << 16) | > (plain[2] << 8) | (plain[3])); > +out_plain: > + kfree(plain); > out: > crypto_free_sync_skcipher(cipher); > return code; > @@ -139,7 +159,7 @@ krb5_get_seq_num(struct krb5_ctx *kctx, > int *direction, u32 *seqnum) > { > s32 code; > - unsigned char plain[8]; > + unsigned char *plain; > struct crypto_sync_skcipher *key = kctx->seq; > > dprintk("RPC: krb5_get_seq_num:\n"); > @@ -147,18 +167,25 @@ krb5_get_seq_num(struct krb5_ctx *kctx, > if (kctx->enctype == ENCTYPE_ARCFOUR_HMAC) > return krb5_get_rc4_seq_num(kctx, cksum, buf, > direction, seqnum); > + plain = kmalloc(8, GFP_NOFS); > + if (!plain) > + return -ENOMEM; > > if ((code = krb5_decrypt(key, cksum, buf, plain, 8))) > - return code; > + goto out; > > if ((plain[4] != plain[5]) || (plain[4] != plain[6]) || > - (plain[4] != plain[7])) > - return (s32)KG_BAD_SEQ; > + (plain[4] != plain[7])) { > + code = (s32)KG_BAD_SEQ; > + goto out; > + } > > *direction = plain[4]; > > *seqnum = ((plain[0]) | > (plain[1] << 8) | (plain[2] << 16) | (plain[3] << 24)); > > - return 0; > +out: > + kfree(plain); > + return code; > } > -- > 2.17.2
diff --git a/net/sunrpc/auth_gss/gss_krb5_seqnum.c b/net/sunrpc/auth_gss/gss_krb5_seqnum.c index fb6656295204..507105127095 100644 --- a/net/sunrpc/auth_gss/gss_krb5_seqnum.c +++ b/net/sunrpc/auth_gss/gss_krb5_seqnum.c @@ -44,7 +44,7 @@ krb5_make_rc4_seq_num(struct krb5_ctx *kctx, int direction, s32 seqnum, unsigned char *cksum, unsigned char *buf) { struct crypto_sync_skcipher *cipher; - unsigned char plain[8]; + unsigned char *plain; s32 code; dprintk("RPC: %s:\n", __func__); @@ -52,6 +52,10 @@ krb5_make_rc4_seq_num(struct krb5_ctx *kctx, int direction, s32 seqnum, if (IS_ERR(cipher)) return PTR_ERR(cipher); + plain = kmalloc(8, GFP_NOFS); + if (!plain) + return -ENOMEM; + plain[0] = (unsigned char) ((seqnum >> 24) & 0xff); plain[1] = (unsigned char) ((seqnum >> 16) & 0xff); plain[2] = (unsigned char) ((seqnum >> 8) & 0xff); @@ -67,6 +71,7 @@ krb5_make_rc4_seq_num(struct krb5_ctx *kctx, int direction, s32 seqnum, code = krb5_encrypt(cipher, cksum, plain, buf, 8); out: + kfree(plain); crypto_free_sync_skcipher(cipher); return code; } @@ -77,12 +82,17 @@ krb5_make_seq_num(struct krb5_ctx *kctx, u32 seqnum, unsigned char *cksum, unsigned char *buf) { - unsigned char plain[8]; + unsigned char *plain; + s32 code; if (kctx->enctype == ENCTYPE_ARCFOUR_HMAC) return krb5_make_rc4_seq_num(kctx, direction, seqnum, cksum, buf); + plain = kmalloc(8, GFP_NOFS); + if (!plain) + return -ENOMEM; + plain[0] = (unsigned char) (seqnum & 0xff); plain[1] = (unsigned char) ((seqnum >> 8) & 0xff); plain[2] = (unsigned char) ((seqnum >> 16) & 0xff); @@ -93,7 +103,9 @@ krb5_make_seq_num(struct krb5_ctx *kctx, plain[6] = direction; plain[7] = direction; - return krb5_encrypt(key, cksum, plain, buf, 8); + code = krb5_encrypt(key, cksum, plain, buf, 8); + kfree(plain); + return code; } static s32 @@ -101,7 +113,7 @@ krb5_get_rc4_seq_num(struct krb5_ctx *kctx, unsigned char *cksum, unsigned char *buf, int *direction, s32 *seqnum) { struct crypto_sync_skcipher *cipher; - unsigned char plain[8]; + unsigned char *plain; s32 code; dprintk("RPC: %s:\n", __func__); @@ -113,20 +125,28 @@ krb5_get_rc4_seq_num(struct krb5_ctx *kctx, unsigned char *cksum, if (code) goto out; + plain = kmalloc(8, GFP_NOFS); + if (!plain) { + code = -ENOMEM; + goto out; + } + code = krb5_decrypt(cipher, cksum, buf, plain, 8); if (code) - goto out; + goto out_plain; if ((plain[4] != plain[5]) || (plain[4] != plain[6]) || (plain[4] != plain[7])) { code = (s32)KG_BAD_SEQ; - goto out; + goto out_plain; } *direction = plain[4]; *seqnum = ((plain[0] << 24) | (plain[1] << 16) | (plain[2] << 8) | (plain[3])); +out_plain: + kfree(plain); out: crypto_free_sync_skcipher(cipher); return code; @@ -139,7 +159,7 @@ krb5_get_seq_num(struct krb5_ctx *kctx, int *direction, u32 *seqnum) { s32 code; - unsigned char plain[8]; + unsigned char *plain; struct crypto_sync_skcipher *key = kctx->seq; dprintk("RPC: krb5_get_seq_num:\n"); @@ -147,18 +167,25 @@ krb5_get_seq_num(struct krb5_ctx *kctx, if (kctx->enctype == ENCTYPE_ARCFOUR_HMAC) return krb5_get_rc4_seq_num(kctx, cksum, buf, direction, seqnum); + plain = kmalloc(8, GFP_NOFS); + if (!plain) + return -ENOMEM; if ((code = krb5_decrypt(key, cksum, buf, plain, 8))) - return code; + goto out; if ((plain[4] != plain[5]) || (plain[4] != plain[6]) || - (plain[4] != plain[7])) - return (s32)KG_BAD_SEQ; + (plain[4] != plain[7])) { + code = (s32)KG_BAD_SEQ; + goto out; + } *direction = plain[4]; *seqnum = ((plain[0]) | (plain[1] << 8) | (plain[2] << 16) | (plain[3] << 24)); - return 0; +out: + kfree(plain); + return code; }
While trying to reproduce a reported kernel panic on arm64, I discovered that AUTH_GSS basically doesn't work at all with older enctypes on arm64 systems with CONFIG_VMAP_STACK enabled. It turns out there still a few places using stack memory with scatterlists, causing krb5_encrypt() and krb5_decrypt() to produce incorrect results (or a BUG if CONFIG_DEBUG_SG is enabled). Tested with cthon on v4.0/v4.1/v4.2 with krb5/krb5i/krb5p using des3-cbc-sha1 and arcfour-hmac-md5. Signed-off-by: Scott Mayhew <smayhew@redhat.com> --- net/sunrpc/auth_gss/gss_krb5_seqnum.c | 49 +++++++++++++++++++++------ 1 file changed, 38 insertions(+), 11 deletions(-)