Commit c7aac00c authored by Eric Biggers's avatar Eric Biggers Committed by Ilya Dryomov
Browse files

libceph: Remove obsolete session key alignment logic 



Since the call to crypto_shash_setkey() was replaced with
hmac_sha256_preparekey() which doesn't allocate memory regardless of the
alignment of the input key, remove the session key alignment logic from
process_auth_done().  Also remove the inclusion of crypto/hash.h, which
is no longer needed since crypto_shash is no longer used.

[ idryomov: rewrap comment ]

Signed-off-by: default avatarEric Biggers <ebiggers@kernel.org>
Reviewed-by: default avatarIlya Dryomov <idryomov@gmail.com>
Signed-off-by: default avatarIlya Dryomov <idryomov@gmail.com>
parent a0d9555b

net/ceph/messenger_v2.c

+5 −8
Original line number Diff line number Diff line
@@ -8,7 +8,6 @@ 
#include <linux/ceph/ceph_debug.h>



#include <crypto/aead.h>

#include <crypto/hash.h>

#include <crypto/sha2.h>

#include <crypto/utils.h>

#include <linux/bvec.h>
@@ -2352,16 +2351,14 @@ static int process_auth_reply_more(struct ceph_connection *con, 
}



/*

 * Align session_key and con_secret to avoid GFP_ATOMIC allocation

 * inside crypto_shash_setkey() and crypto_aead_setkey() called from

 * setup_crypto().  __aligned(16) isn't guaranteed to work for stack

 * objects, so do it by hand.

 * Align con_secret to avoid GFP_ATOMIC allocation inside

 * crypto_aead_setkey() called from setup_crypto().  __aligned(16)

 * isn't guaranteed to work for stack objects, so do it by hand.

 */

static int process_auth_done(struct ceph_connection *con, void *p, void *end)

{

	u8 session_key_buf[CEPH_MAX_KEY_LEN + 16];

	u8 session_key[CEPH_MAX_KEY_LEN];

	u8 con_secret_buf[CEPH_MAX_CON_SECRET_LEN + 16];

	u8 *session_key = PTR_ALIGN(&session_key_buf[0], 16);

	u8 *con_secret = PTR_ALIGN(&con_secret_buf[0], 16);

	int session_key_len, con_secret_len;

	int payload_len;
@@ -2415,7 +2412,7 @@ static int process_auth_done(struct ceph_connection *con, void *p, void *end) 
	con->state = CEPH_CON_S_V2_AUTH_SIGNATURE;



out:

	memzero_explicit(session_key_buf, sizeof(session_key_buf));

	memzero_explicit(session_key, sizeof(session_key));

	memzero_explicit(con_secret_buf, sizeof(con_secret_buf));

	return ret;