[PATCH net-next] crypto/krb5: Fix change to use SG miter to use offset

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH net-next] crypto/krb5: Fix change to use SG miter to use offset
@ 2025-04-28 10:22 David Howells
  2025-04-28 11:19 ` Herbert Xu
  2025-04-29 19:10 ` patchwork-bot+netdevbpf
  0 siblings, 2 replies; 3+ messages in thread
From: David Howells @ 2025-04-28 10:22 UTC (permalink / raw)
  To: netdev, Herbert Xu
  Cc: dhowells, Marc Dionne, Jakub Kicinski, David S. Miller,
	Chuck Lever, Eric Dumazet, Paolo Abeni, Simon Horman, linux-afs,
	linux-nfs, linux-crypto, linux-kernel

[Note: Nothing in linus/master uses the krb5lib, though the bug is there,
 but it is used by AF_RXRPC's RxGK implementation in net-next, so can it go
 through the net-next tree rather than directly to Linus or through
 crypto?]

The recent patch to make the rfc3961 simplified code use sg_miter rather
than manually walking the scatterlist to hash the contents of a buffer
described by that scatterlist failed to take the starting offset into
account.

This is indicated by the selftests reporting:

    krb5: Running aes128-cts-hmac-sha256-128 mic
    krb5: !!! TESTFAIL crypto/krb5/selftest.c:446
    krb5: MIC mismatch

Fix this by calling sg_miter_skip() before doing the loop to advance by the
offset.

This only affects packet signing modes and not full encryption in RxGK
because, for full encryption, the message digest is handled inside the
authenc and krb5enc drivers.

Fixes: da6f9bf40ac2 ("crypto: krb5 - Use SG miter instead of doing it by hand")
Reported-by: Marc Dionne <marc.dionne@auristor.com>
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Herbert Xu <herbert@gondor.apana.org.au>
cc: "David S. Miller" <davem@davemloft.net>
cc: Chuck Lever <chuck.lever@oracle.com>
cc: Eric Dumazet <edumazet@google.com>
cc: Jakub Kicinski <kuba@kernel.org>
cc: Paolo Abeni <pabeni@redhat.com>
cc: Simon Horman <horms@kernel.org>
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
---
 crypto/krb5/rfc3961_simplified.c |    1 +
 1 file changed, 1 insertion(+)

diff --git a/crypto/krb5/rfc3961_simplified.c b/crypto/krb5/rfc3961_simplified.c
index 79180d28baa9..e49cbdec7c40 100644
--- a/crypto/krb5/rfc3961_simplified.c
+++ b/crypto/krb5/rfc3961_simplified.c
@@ -89,6 +89,7 @@ int crypto_shash_update_sg(struct shash_desc *desc, struct scatterlist *sg,
 
 	sg_miter_start(&miter, sg, sg_nents(sg),
 		       SG_MITER_FROM_SG | SG_MITER_LOCAL);
+	sg_miter_skip(&miter, offset);
 	for (i = 0; i < len; i += n) {
 		sg_miter_next(&miter);
 		n = min(miter.length, len - i);


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH net-next] crypto/krb5: Fix change to use SG miter to use offset
  2025-04-28 10:22 [PATCH net-next] crypto/krb5: Fix change to use SG miter to use offset David Howells
@ 2025-04-28 11:19 ` Herbert Xu
  2025-04-29 19:10 ` patchwork-bot+netdevbpf
  1 sibling, 0 replies; 3+ messages in thread
From: Herbert Xu @ 2025-04-28 11:19 UTC (permalink / raw)
  To: David Howells
  Cc: netdev, Marc Dionne, Jakub Kicinski, David S. Miller, Chuck Lever,
	Eric Dumazet, Paolo Abeni, Simon Horman, linux-afs, linux-nfs,
	linux-crypto, linux-kernel

On Mon, Apr 28, 2025 at 11:22:06AM +0100, David Howells wrote:
> [Note: Nothing in linus/master uses the krb5lib, though the bug is there,
>  but it is used by AF_RXRPC's RxGK implementation in net-next, so can it go
>  through the net-next tree rather than directly to Linus or through
>  crypto?]

Sure I'm happy for this to go through net-next.

> The recent patch to make the rfc3961 simplified code use sg_miter rather
> than manually walking the scatterlist to hash the contents of a buffer
> described by that scatterlist failed to take the starting offset into
> account.
> 
> This is indicated by the selftests reporting:
> 
>     krb5: Running aes128-cts-hmac-sha256-128 mic
>     krb5: !!! TESTFAIL crypto/krb5/selftest.c:446
>     krb5: MIC mismatch
> 
> Fix this by calling sg_miter_skip() before doing the loop to advance by the
> offset.
> 
> This only affects packet signing modes and not full encryption in RxGK
> because, for full encryption, the message digest is handled inside the
> authenc and krb5enc drivers.
> 
> Fixes: da6f9bf40ac2 ("crypto: krb5 - Use SG miter instead of doing it by hand")
> Reported-by: Marc Dionne <marc.dionne@auristor.com>
> Signed-off-by: David Howells <dhowells@redhat.com>
> cc: Herbert Xu <herbert@gondor.apana.org.au>
> cc: "David S. Miller" <davem@davemloft.net>
> cc: Chuck Lever <chuck.lever@oracle.com>
> cc: Eric Dumazet <edumazet@google.com>
> cc: Jakub Kicinski <kuba@kernel.org>
> cc: Paolo Abeni <pabeni@redhat.com>
> cc: Simon Horman <horms@kernel.org>
> cc: linux-afs@lists.infradead.org
> cc: linux-nfs@vger.kernel.org
> cc: linux-crypto@vger.kernel.org
> cc: netdev@vger.kernel.org
> ---
>  crypto/krb5/rfc3961_simplified.c |    1 +
>  1 file changed, 1 insertion(+)

Acked-by: Herbert Xu <herbert@gondor.apana.org.au>

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH net-next] crypto/krb5: Fix change to use SG miter to use offset
  2025-04-28 10:22 [PATCH net-next] crypto/krb5: Fix change to use SG miter to use offset David Howells
  2025-04-28 11:19 ` Herbert Xu
@ 2025-04-29 19:10 ` patchwork-bot+netdevbpf
  1 sibling, 0 replies; 3+ messages in thread
From: patchwork-bot+netdevbpf @ 2025-04-29 19:10 UTC (permalink / raw)
  To: David Howells
  Cc: netdev, herbert, marc.dionne, kuba, davem, chuck.lever, edumazet,
	pabeni, horms, linux-afs, linux-nfs, linux-crypto, linux-kernel

Hello:

This patch was applied to netdev/net-next.git (main)
by Jakub Kicinski <kuba@kernel.org>:

On Mon, 28 Apr 2025 11:22:06 +0100 you wrote:
> [Note: Nothing in linus/master uses the krb5lib, though the bug is there,
>  but it is used by AF_RXRPC's RxGK implementation in net-next, so can it go
>  through the net-next tree rather than directly to Linus or through
>  crypto?]
> 
> The recent patch to make the rfc3961 simplified code use sg_miter rather
> than manually walking the scatterlist to hash the contents of a buffer
> described by that scatterlist failed to take the starting offset into
> account.
> 
> [...]

Here is the summary with links:
  - [net-next] crypto/krb5: Fix change to use SG miter to use offset
    https://git.kernel.org/netdev/net-next/c/eed848871c96

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html



^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2025-04-29 19:09 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-04-28 10:22 [PATCH net-next] crypto/krb5: Fix change to use SG miter to use offset David Howells
2025-04-28 11:19 ` Herbert Xu
2025-04-29 19:10 ` patchwork-bot+netdevbpf

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).