diff options
Diffstat (limited to 'net/rxrpc/rxkad.c')
-rw-r--r-- | net/rxrpc/rxkad.c | 66 |
1 files changed, 33 insertions, 33 deletions
diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index ac3cabdca78c..eebefb6ef139 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c | |||
@@ -135,9 +135,8 @@ static void rxkad_prime_packet_security(struct rxrpc_connection *conn) | |||
135 | tmpbuf.x[2] = 0; | 135 | tmpbuf.x[2] = 0; |
136 | tmpbuf.x[3] = htonl(conn->security_ix); | 136 | tmpbuf.x[3] = htonl(conn->security_ix); |
137 | 137 | ||
138 | memset(sg, 0, sizeof(sg)); | 138 | sg_init_one(&sg[0], &tmpbuf, sizeof(tmpbuf)); |
139 | sg_set_buf(&sg[0], &tmpbuf, sizeof(tmpbuf)); | 139 | sg_init_one(&sg[1], &tmpbuf, sizeof(tmpbuf)); |
140 | sg_set_buf(&sg[1], &tmpbuf, sizeof(tmpbuf)); | ||
141 | crypto_blkcipher_encrypt_iv(&desc, &sg[0], &sg[1], sizeof(tmpbuf)); | 140 | crypto_blkcipher_encrypt_iv(&desc, &sg[0], &sg[1], sizeof(tmpbuf)); |
142 | 141 | ||
143 | memcpy(&conn->csum_iv, &tmpbuf.x[2], sizeof(conn->csum_iv)); | 142 | memcpy(&conn->csum_iv, &tmpbuf.x[2], sizeof(conn->csum_iv)); |
@@ -180,9 +179,8 @@ static int rxkad_secure_packet_auth(const struct rxrpc_call *call, | |||
180 | desc.info = iv.x; | 179 | desc.info = iv.x; |
181 | desc.flags = 0; | 180 | desc.flags = 0; |
182 | 181 | ||
183 | memset(sg, 0, sizeof(sg)); | 182 | sg_init_one(&sg[0], &tmpbuf, sizeof(tmpbuf)); |
184 | sg_set_buf(&sg[0], &tmpbuf, sizeof(tmpbuf)); | 183 | sg_init_one(&sg[1], &tmpbuf, sizeof(tmpbuf)); |
185 | sg_set_buf(&sg[1], &tmpbuf, sizeof(tmpbuf)); | ||
186 | crypto_blkcipher_encrypt_iv(&desc, &sg[0], &sg[1], sizeof(tmpbuf)); | 184 | crypto_blkcipher_encrypt_iv(&desc, &sg[0], &sg[1], sizeof(tmpbuf)); |
187 | 185 | ||
188 | memcpy(sechdr, &tmpbuf, sizeof(tmpbuf)); | 186 | memcpy(sechdr, &tmpbuf, sizeof(tmpbuf)); |
@@ -227,9 +225,8 @@ static int rxkad_secure_packet_encrypt(const struct rxrpc_call *call, | |||
227 | desc.info = iv.x; | 225 | desc.info = iv.x; |
228 | desc.flags = 0; | 226 | desc.flags = 0; |
229 | 227 | ||
230 | memset(sg, 0, sizeof(sg[0]) * 2); | 228 | sg_init_one(&sg[0], sechdr, sizeof(rxkhdr)); |
231 | sg_set_buf(&sg[0], sechdr, sizeof(rxkhdr)); | 229 | sg_init_one(&sg[1], &rxkhdr, sizeof(rxkhdr)); |
232 | sg_set_buf(&sg[1], &rxkhdr, sizeof(rxkhdr)); | ||
233 | crypto_blkcipher_encrypt_iv(&desc, &sg[0], &sg[1], sizeof(rxkhdr)); | 230 | crypto_blkcipher_encrypt_iv(&desc, &sg[0], &sg[1], sizeof(rxkhdr)); |
234 | 231 | ||
235 | /* we want to encrypt the skbuff in-place */ | 232 | /* we want to encrypt the skbuff in-place */ |
@@ -240,7 +237,7 @@ static int rxkad_secure_packet_encrypt(const struct rxrpc_call *call, | |||
240 | len = data_size + call->conn->size_align - 1; | 237 | len = data_size + call->conn->size_align - 1; |
241 | len &= ~(call->conn->size_align - 1); | 238 | len &= ~(call->conn->size_align - 1); |
242 | 239 | ||
243 | skb_to_sgvec(skb, sg, 0, len); | 240 | sg_init_table(sg, skb_to_sgvec(skb, sg, 0, len)); |
244 | crypto_blkcipher_encrypt_iv(&desc, sg, sg, len); | 241 | crypto_blkcipher_encrypt_iv(&desc, sg, sg, len); |
245 | 242 | ||
246 | _leave(" = 0"); | 243 | _leave(" = 0"); |
@@ -290,9 +287,8 @@ static int rxkad_secure_packet(const struct rxrpc_call *call, | |||
290 | tmpbuf.x[0] = sp->hdr.callNumber; | 287 | tmpbuf.x[0] = sp->hdr.callNumber; |
291 | tmpbuf.x[1] = x; | 288 | tmpbuf.x[1] = x; |
292 | 289 | ||
293 | memset(&sg, 0, sizeof(sg)); | 290 | sg_init_one(&sg[0], &tmpbuf, sizeof(tmpbuf)); |
294 | sg_set_buf(&sg[0], &tmpbuf, sizeof(tmpbuf)); | 291 | sg_init_one(&sg[1], &tmpbuf, sizeof(tmpbuf)); |
295 | sg_set_buf(&sg[1], &tmpbuf, sizeof(tmpbuf)); | ||
296 | crypto_blkcipher_encrypt_iv(&desc, &sg[0], &sg[1], sizeof(tmpbuf)); | 292 | crypto_blkcipher_encrypt_iv(&desc, &sg[0], &sg[1], sizeof(tmpbuf)); |
297 | 293 | ||
298 | x = ntohl(tmpbuf.x[1]); | 294 | x = ntohl(tmpbuf.x[1]); |
@@ -332,20 +328,23 @@ static int rxkad_verify_packet_auth(const struct rxrpc_call *call, | |||
332 | struct rxrpc_skb_priv *sp; | 328 | struct rxrpc_skb_priv *sp; |
333 | struct blkcipher_desc desc; | 329 | struct blkcipher_desc desc; |
334 | struct rxrpc_crypt iv; | 330 | struct rxrpc_crypt iv; |
335 | struct scatterlist sg[2]; | 331 | struct scatterlist sg[16]; |
336 | struct sk_buff *trailer; | 332 | struct sk_buff *trailer; |
337 | u32 data_size, buf; | 333 | u32 data_size, buf; |
338 | u16 check; | 334 | u16 check; |
335 | int nsg; | ||
339 | 336 | ||
340 | _enter(""); | 337 | _enter(""); |
341 | 338 | ||
342 | sp = rxrpc_skb(skb); | 339 | sp = rxrpc_skb(skb); |
343 | 340 | ||
344 | /* we want to decrypt the skbuff in-place */ | 341 | /* we want to decrypt the skbuff in-place */ |
345 | if (skb_cow_data(skb, 0, &trailer) < 0) | 342 | nsg = skb_cow_data(skb, 0, &trailer); |
343 | if (nsg < 0 || nsg > 16) | ||
346 | goto nomem; | 344 | goto nomem; |
347 | 345 | ||
348 | skb_to_sgvec(skb, sg, 0, 8); | 346 | sg_init_table(sg, nsg); |
347 | sg_mark_end(sg, skb_to_sgvec(skb, sg, 0, 8)); | ||
349 | 348 | ||
350 | /* start the decryption afresh */ | 349 | /* start the decryption afresh */ |
351 | memset(&iv, 0, sizeof(iv)); | 350 | memset(&iv, 0, sizeof(iv)); |
@@ -426,7 +425,8 @@ static int rxkad_verify_packet_encrypt(const struct rxrpc_call *call, | |||
426 | goto nomem; | 425 | goto nomem; |
427 | } | 426 | } |
428 | 427 | ||
429 | skb_to_sgvec(skb, sg, 0, skb->len); | 428 | sg_init_table(sg, nsg); |
429 | sg_mark_end(sg, skb_to_sgvec(skb, sg, 0, skb->len)); | ||
430 | 430 | ||
431 | /* decrypt from the session key */ | 431 | /* decrypt from the session key */ |
432 | payload = call->conn->key->payload.data; | 432 | payload = call->conn->key->payload.data; |
@@ -521,9 +521,8 @@ static int rxkad_verify_packet(const struct rxrpc_call *call, | |||
521 | tmpbuf.x[0] = call->call_id; | 521 | tmpbuf.x[0] = call->call_id; |
522 | tmpbuf.x[1] = x; | 522 | tmpbuf.x[1] = x; |
523 | 523 | ||
524 | memset(&sg, 0, sizeof(sg)); | 524 | sg_init_one(&sg[0], &tmpbuf, sizeof(tmpbuf)); |
525 | sg_set_buf(&sg[0], &tmpbuf, sizeof(tmpbuf)); | 525 | sg_init_one(&sg[1], &tmpbuf, sizeof(tmpbuf)); |
526 | sg_set_buf(&sg[1], &tmpbuf, sizeof(tmpbuf)); | ||
527 | crypto_blkcipher_encrypt_iv(&desc, &sg[0], &sg[1], sizeof(tmpbuf)); | 526 | crypto_blkcipher_encrypt_iv(&desc, &sg[0], &sg[1], sizeof(tmpbuf)); |
528 | 527 | ||
529 | x = ntohl(tmpbuf.x[1]); | 528 | x = ntohl(tmpbuf.x[1]); |
@@ -690,16 +689,20 @@ static void rxkad_calc_response_checksum(struct rxkad_response *response) | |||
690 | static void rxkad_sg_set_buf2(struct scatterlist sg[2], | 689 | static void rxkad_sg_set_buf2(struct scatterlist sg[2], |
691 | void *buf, size_t buflen) | 690 | void *buf, size_t buflen) |
692 | { | 691 | { |
692 | int nsg = 1; | ||
693 | 693 | ||
694 | memset(sg, 0, sizeof(sg)); | 694 | sg_init_table(sg, 2); |
695 | 695 | ||
696 | sg_set_buf(&sg[0], buf, buflen); | 696 | sg_set_buf(&sg[0], buf, buflen); |
697 | if (sg[0].offset + buflen > PAGE_SIZE) { | 697 | if (sg[0].offset + buflen > PAGE_SIZE) { |
698 | /* the buffer was split over two pages */ | 698 | /* the buffer was split over two pages */ |
699 | sg[0].length = PAGE_SIZE - sg[0].offset; | 699 | sg[0].length = PAGE_SIZE - sg[0].offset; |
700 | sg_set_buf(&sg[1], buf + sg[0].length, buflen - sg[0].length); | 700 | sg_set_buf(&sg[1], buf + sg[0].length, buflen - sg[0].length); |
701 | nsg++; | ||
701 | } | 702 | } |
702 | 703 | ||
704 | sg_mark_end(sg, nsg); | ||
705 | |||
703 | ASSERTCMP(sg[0].length + sg[1].length, ==, buflen); | 706 | ASSERTCMP(sg[0].length + sg[1].length, ==, buflen); |
704 | } | 707 | } |
705 | 708 | ||
@@ -712,7 +715,7 @@ static void rxkad_encrypt_response(struct rxrpc_connection *conn, | |||
712 | { | 715 | { |
713 | struct blkcipher_desc desc; | 716 | struct blkcipher_desc desc; |
714 | struct rxrpc_crypt iv; | 717 | struct rxrpc_crypt iv; |
715 | struct scatterlist ssg[2], dsg[2]; | 718 | struct scatterlist sg[2]; |
716 | 719 | ||
717 | /* continue encrypting from where we left off */ | 720 | /* continue encrypting from where we left off */ |
718 | memcpy(&iv, s2->session_key, sizeof(iv)); | 721 | memcpy(&iv, s2->session_key, sizeof(iv)); |
@@ -720,9 +723,8 @@ static void rxkad_encrypt_response(struct rxrpc_connection *conn, | |||
720 | desc.info = iv.x; | 723 | desc.info = iv.x; |
721 | desc.flags = 0; | 724 | desc.flags = 0; |
722 | 725 | ||
723 | rxkad_sg_set_buf2(ssg, &resp->encrypted, sizeof(resp->encrypted)); | 726 | rxkad_sg_set_buf2(sg, &resp->encrypted, sizeof(resp->encrypted)); |
724 | memcpy(dsg, ssg, sizeof(dsg)); | 727 | crypto_blkcipher_encrypt_iv(&desc, sg, sg, sizeof(resp->encrypted)); |
725 | crypto_blkcipher_encrypt_iv(&desc, dsg, ssg, sizeof(resp->encrypted)); | ||
726 | } | 728 | } |
727 | 729 | ||
728 | /* | 730 | /* |
@@ -817,7 +819,7 @@ static int rxkad_decrypt_ticket(struct rxrpc_connection *conn, | |||
817 | { | 819 | { |
818 | struct blkcipher_desc desc; | 820 | struct blkcipher_desc desc; |
819 | struct rxrpc_crypt iv, key; | 821 | struct rxrpc_crypt iv, key; |
820 | struct scatterlist ssg[1], dsg[1]; | 822 | struct scatterlist sg[1]; |
821 | struct in_addr addr; | 823 | struct in_addr addr; |
822 | unsigned life; | 824 | unsigned life; |
823 | time_t issue, now; | 825 | time_t issue, now; |
@@ -850,9 +852,8 @@ static int rxkad_decrypt_ticket(struct rxrpc_connection *conn, | |||
850 | desc.info = iv.x; | 852 | desc.info = iv.x; |
851 | desc.flags = 0; | 853 | desc.flags = 0; |
852 | 854 | ||
853 | sg_init_one(&ssg[0], ticket, ticket_len); | 855 | sg_init_one(&sg[0], ticket, ticket_len); |
854 | memcpy(dsg, ssg, sizeof(dsg)); | 856 | crypto_blkcipher_decrypt_iv(&desc, sg, sg, ticket_len); |
855 | crypto_blkcipher_decrypt_iv(&desc, dsg, ssg, ticket_len); | ||
856 | 857 | ||
857 | p = ticket; | 858 | p = ticket; |
858 | end = p + ticket_len; | 859 | end = p + ticket_len; |
@@ -961,7 +962,7 @@ static void rxkad_decrypt_response(struct rxrpc_connection *conn, | |||
961 | const struct rxrpc_crypt *session_key) | 962 | const struct rxrpc_crypt *session_key) |
962 | { | 963 | { |
963 | struct blkcipher_desc desc; | 964 | struct blkcipher_desc desc; |
964 | struct scatterlist ssg[2], dsg[2]; | 965 | struct scatterlist sg[2]; |
965 | struct rxrpc_crypt iv; | 966 | struct rxrpc_crypt iv; |
966 | 967 | ||
967 | _enter(",,%08x%08x", | 968 | _enter(",,%08x%08x", |
@@ -979,9 +980,8 @@ static void rxkad_decrypt_response(struct rxrpc_connection *conn, | |||
979 | desc.info = iv.x; | 980 | desc.info = iv.x; |
980 | desc.flags = 0; | 981 | desc.flags = 0; |
981 | 982 | ||
982 | rxkad_sg_set_buf2(ssg, &resp->encrypted, sizeof(resp->encrypted)); | 983 | rxkad_sg_set_buf2(sg, &resp->encrypted, sizeof(resp->encrypted)); |
983 | memcpy(dsg, ssg, sizeof(dsg)); | 984 | crypto_blkcipher_decrypt_iv(&desc, sg, sg, sizeof(resp->encrypted)); |
984 | crypto_blkcipher_decrypt_iv(&desc, dsg, ssg, sizeof(resp->encrypted)); | ||
985 | mutex_unlock(&rxkad_ci_mutex); | 985 | mutex_unlock(&rxkad_ci_mutex); |
986 | 986 | ||
987 | _leave(""); | 987 | _leave(""); |