From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pj1-f50.google.com (mail-pj1-f50.google.com [209.85.216.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 241843E6DED for ; Thu, 7 May 2026 16:52:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.50 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1778172744; cv=none; b=mothEMttRjkh8sbRb8IHNKQ6QeR/77F/OFeR5mcNAaZO9TjsEo3Dl3W0zrdqx7AasdN81ZKoyJkzogibZYA+jXBnNRVVI36zYLPRrrBIcMiD6gI+Cadhi/EZ86+l3O4PtaR1+SvzQTvr0H+zXiC2NNDvNSHuYQ7480DcDuCJDbk= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1778172744; c=relaxed/simple; bh=QhvtuPuYuRikxrXlvfGt1GYpisVF2O1XfkkjalC53Gw=; h=From:Subject:Date:Message-Id:MIME-Version:Content-Type:To:Cc; b=SchTgqI29oJ+TjKB0/jxOKGWXVaMjMgQ7d+slW0/oJ/pwjSlNzgH6CHig0o9TRsOAAz84QcqiaOGnCIHFbT44n8PeId0O7LLUE8AYaN7Do3AjW/q59LusNBLknkgWfOFKJHsd9ZlFh2u1i6HxYU97wgoJkGySZankaZxmbLIzH0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=IZ8vnqbX; arc=none smtp.client-ip=209.85.216.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="IZ8vnqbX" Received: by mail-pj1-f50.google.com with SMTP id 98e67ed59e1d1-35fb0bb27e7so879118a91.1 for ; Thu, 07 May 2026 09:52:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1778172742; x=1778777542; darn=vger.kernel.org; h=cc:to:content-transfer-encoding:mime-version:message-id:date :subject:from:from:to:cc:subject:date:message-id:reply-to; bh=gHS86kLfvSZEt6u0DRNxMP3AK+yT0cLfftthW3UK2M0=; b=IZ8vnqbX0ySDjCyZnYCi2oTYizpZSy/rVnU90FHeNnXCe/lG4H5VguUR5szRgmVgnn hOI55m1zbS7oJMLKoKeD5HQRxElDZgU3TPDjDfdZTgKIWV8d5Ryuj/8k+5YxhxyV5rZi kPLSokG9f3YNwpKfrrldIUtgixlmT/8s0FScal0JniyqyrkWd8iTp0I5Z0hd1vZo5txc JhP1XByDbBoH3tzyjwpBv+nQW66tIzxjWZ/cMekvkuwQ2saiOdYAWF126Ko3Vv39Kk40 Gf+ygIXEWk7xdvXlGUPQb9QV972j5vx+b/3DWMPVafy1RM3YIWYaEn9d4ms9O44jEfed lERw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1778172742; x=1778777542; h=cc:to:content-transfer-encoding:mime-version:message-id:date :subject:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=gHS86kLfvSZEt6u0DRNxMP3AK+yT0cLfftthW3UK2M0=; b=c2g+0Y7yR7QL/PSoLJjylLncQB/JxwSeK1UWcby8rq52f9S/xPVVzuw3Pnfjgb6VAT TysnBxCD+VVYrITwscVTVI+DLNJ/NBdzKRiGeGIiud1pFxcfarA+dxrnf9iXEM/oW8ok N7vjyhBLCmLXnIpG2j3qRvqts4YhLmaWksDhU7oeKNPNQw6gaUdVf6/ednRQsY0kFgJY PA88n26jqQzTWjOWaZt5XcVkbO1/RCw88zG9qMPihPLszcAHIGQFh3C57VPmfQVindQY sv/VRroQqf0RpLqOnP58emyUpzeMXCWA0b5rLr+Yo4PXz6ovDNu4vBuHHzS6XIl8xTRA 4OYg== X-Forwarded-Encrypted: i=1; AFNElJ9ydMp7zxh3csL2UJTjdlWsnB7nzGXJsN6M1q1ZPOR0tLaN1aFEd3ezptULwpZ5uc8HSnpyiQKOofXQQng=@vger.kernel.org X-Gm-Message-State: AOJu0YyvQY/ilhnc9YXKGprLM1NLWfKgxYdTh8MfzLXCZXfxHkOJwJvi FtCwDyLYwfkKuFB5W8qUL5aV7yMayk/he2SvlHFWr7ADNic70o+9viu0 X-Gm-Gg: AeBDiesDfZqgVLyNVoT6plYN8Z75c9WN62ku/+Nc/cNFTTHxGkZkSuZlhplHN32BjEW SwYZWRI6iZOGq+oPqMe0t/+Z+BYzodypRTU3AfOsTGzcUXz5fg7PH6sPddenEtPSExqaRLnjm/w QCTV0Ox4yOBK/mjSAI7Wx/LeoaJgxbZDNSrisXTQdtuo5lN58tEwIegSQGIjKQFShyQtfOH3c4v HkNJzGoKqS71lGJw1MeGHDRZWkNBpMDgaOXLmbZULcPuIn8EKRdErlPdvUAxViqdhA84zALxVrN 8iFHCWgsIoH/e4xAkl3sgAjjB2frQls0NTSGKrc9Y6aEJ+3uFfCub9bFiK0g+FrtY7syZ1LVL+f 8Qh68GmTm4UsApq/gUZ3/I44mMnwrDqX7L16vc6J+UWiQ2jcItSfVgXnD7eLsFHi8zjlK0f7uIS 0Bbj/RCGtuSUZZIBNiJTZ+yjE3OLkATQIsSrk0c9eGEuOCNcFhRA== X-Received: by 2002:a17:90b:3ecd:b0:366:3517:1a98 with SMTP id 98e67ed59e1d1-36635171b07mr1354381a91.0.1778172742408; Thu, 07 May 2026 09:52:22 -0700 (PDT) Received: from localhost ([49.207.150.30]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-365b4bd67b1sm9638608a91.1.2026.05.07.09.52.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 07 May 2026 09:52:21 -0700 (PDT) From: Piyush Sachdeva X-Google-Original-From: Piyush Sachdeva Subject: [PATCH v3 0/2] smb: client: Spec-compliance fixes for Kerberos key derivation Date: Thu, 07 May 2026 22:22:12 +0530 Message-Id: <20260507-kerbmi-v3-0-397ebbb53eff@microsoft.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-B4-Tracking: v=1; b=H4sIAAAAAAAC/zWNQQ6CMBBFr0JmbU0zFQOuvIdhYYepjAZKWiQa0 rtbUJcvef/9BSIH4QinYoHAs0TxQwazK4C663BjJW1mQI1HfcBaPTjYXlRLuioNtVg7giyPgZ2 8ttCl+XJ82jvTtK5Xo5M4+fDenmZcvV/U6H90RqWVtnXlGMv8Vp57oeCjd9OefA9NSukDAbn91 LIAAAA= X-Change-ID: 20260429-kerbmi-dc0853cd29fc To: Steve French , linux-cifs@vger.kernel.org, Shyam Prasad N , Bharath SM , Paulo Alcantara , Ronnie Sahlberg , Tom Talpey Cc: samba-technical@lists.samba.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org, vaibsharma@microsoft.com X-Mailer: b4 0.15.2 X-Developer-Signature: v=1; a=openpgp-sha256; l=3196; i=psachdeva@microsoft.com; h=from:subject:message-id; bh=QhvtuPuYuRikxrXlvfGt1GYpisVF2O1XfkkjalC53Gw=; b=owGbwMvMwCV29FJ3ncRHDT/G02pJDJl/Djt29ets/C4cHbakV6Ptv5ByCLPywWLreA9z4eML9 KJebz7dMZGFQYyLwVJMkWXDiTuyvPG7JOd9emIEM4eVCWSItEgDAxCwMPDlJuaVGukY6ZlqG+oZ GukY6BgzcHEKwFRrTGJkmL5nbW9+q87HpdH5Gr17C1T+v/k2eTlbEKfbJwt7td2rtzEynKn8cSI rwac1bWFr6Oy59+Q9pi9UZUgVfyW3hnt6NIc6IwA= X-Developer-Key: i=psachdeva@microsoft.com; a=openpgp; fpr=80350F71F916134953C3EB979E19C6F9839C3CFC This series fixes two MS-SMB2 section 3.2.5.3 spec violations in the Kerberos session key handling path of fs/smb/client. Patch 1/2 (resend of v1 with a small cleanup folded in) fixes the AES-256 mount failure with sec=krb5: encryption and decryption key derivation must use Session.FullSessionKey (the full Kerberos session key, typically 32 bytes for the aes256-cts-hmac-sha1-96 enctype) instead of Session.SessionKey (the first 16 bytes). Patch 2/2 closes the related corner case in the same section of the spec: when the GSS protocol returns a session key shorter than 16 bytes, the buffer must be right-padded with zero bytes. The current code copies the GSS key verbatim, which causes generate_key() to read past the end of the allocated buffer and derive keys that do not match the server. The trigger is deprecated short-key Kerberos enctypes (e.g. single-DES, 8-byte session key); modern KDCs disable these by default, so this is a latent issue rather than a reachable one, but it is still a kernel slab over-read and a literal spec violation. Verified against Azure Files (AES-256-GCM + Kerberos aes256-cts) which previously failed to mount with EAGAIN; the dmesg "Session Key" trace under CONFIG_CIFS_DEBUG_DUMP_KEYS now shows the full 32-byte session key being used for encryption/decryption KDF input. Link: https://lore.kernel.org/linux-cifs/20260409161538.3618-1-s.piyush1024@gmail.com/ Changes since v2: - Patch 1/2: cast ses->auth_key.len to int when used as field width for "%*ph" in the CONFIG_CIFS_DEBUG_DUMP_KEYS dump, fixing a -Wformat warning. Reported by Sashiko. Changes since v1: - Patch 1/2: initialize full_key_size at declaration to silence -Wmaybe-uninitialized on some toolchains, and drop the now- redundant else branch (self-review). - Patch 1/2: tighten the FullSessionKey condition to also require Connection.Dialect == "3.1.1", matching MS-SMB2 3.2.5.3.1 verbatim. - New patch 2/2: zero-pad short GSS session keys per MS-SMB2 3.2.5.3, eliminating a latent slab over-read in generate_key(). Signed-off-by: Piyush Sachdeva Signed-off-by: Piyush Sachdeva --- To: Steve French To: Paulo Alcantara To: Ronnie Sahlberg To: Shyam Prasad N To: Tom Talpey To: Bharath SM Cc: linux-cifs@vger.kernel.org Cc: stable@vger.kernel.org Cc: samba-technical@lists.samba.org Cc: linux-kernel@vger.kernel.org Cc: vaibsharma@microsoft.com --- Piyush Sachdeva (2): smb: client: Use FullSessionKey for AES-256 encryption key derivation smb: client: Zero-pad short GSS session keys per MS-SMB2 fs/smb/client/ioctl.c | 2 +- fs/smb/client/smb2pdu.c | 23 ++++++++++++++++++----- fs/smb/client/smb2transport.c | 35 ++++++++++++++++++++++++++--------- 3 files changed, 45 insertions(+), 15 deletions(-) --- base-commit: 0cbc300257d9b399491909806777f504ec687c1d change-id: 20260429-kerbmi-dc0853cd29fc Best regards, -- Piyush Sachdeva