summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChuck Lever <chuck.lever@oracle.com>2023-01-15 12:21:01 -0500
committerChuck Lever <chuck.lever@oracle.com>2023-02-20 09:20:35 -0500
commit9f0b49f933ab1ec5e7140a43eec72b0c5181cabf (patch)
tree5e879ca65898408acee11c6b3903b515a7f144ef
parent7989a4f4ab5437ec82b0b59984594f848f12b36a (diff)
downloadlinux-9f0b49f933ab1ec5e7140a43eec72b0c5181cabf.tar.gz
linux-9f0b49f933ab1ec5e7140a43eec72b0c5181cabf.tar.bz2
linux-9f0b49f933ab1ec5e7140a43eec72b0c5181cabf.zip
SUNRPC: Obscure Kerberos encryption keys
The encryption subkeys are not used after the cipher transforms have been allocated and keyed. There is no need to retain them in struct krb5_ctx. Tested-by: Scott Mayhew <smayhew@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Diffstat
-rw-r--r--include/linux/sunrpc/gss_krb5.h2
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_mech.c43
2 files changed, 26 insertions, 19 deletions
diff --git a/include/linux/sunrpc/gss_krb5.h b/include/linux/sunrpc/gss_krb5.h
index 34d54714c6a3..46eaa2ee9c21 100644
--- a/include/linux/sunrpc/gss_krb5.h
+++ b/include/linux/sunrpc/gss_krb5.h
@@ -110,8 +110,6 @@ struct krb5_ctx {
struct xdr_netobj mech_used;
u8 initiator_sign[GSS_KRB5_MAX_KEYLEN];
u8 acceptor_sign[GSS_KRB5_MAX_KEYLEN];
- u8 initiator_seal[GSS_KRB5_MAX_KEYLEN];
- u8 acceptor_seal[GSS_KRB5_MAX_KEYLEN];
u8 initiator_integ[GSS_KRB5_MAX_KEYLEN];
u8 acceptor_integ[GSS_KRB5_MAX_KEYLEN];
};
diff --git a/net/sunrpc/auth_gss/gss_krb5_mech.c b/net/sunrpc/auth_gss/gss_krb5_mech.c
index afa6a692ccdd..8bc24c0684cb 100644
--- a/net/sunrpc/auth_gss/gss_krb5_mech.c
+++ b/net/sunrpc/auth_gss/gss_krb5_mech.c
@@ -350,42 +350,49 @@ out_err:
static int
context_derive_keys_new(struct krb5_ctx *ctx, gfp_t gfp_mask)
{
- struct xdr_netobj c, keyin, keyout;
u8 cdata[GSS_KRB5_K5CLENGTH];
+ struct xdr_netobj c = {
+ .len = sizeof(cdata),
+ .data = cdata,
+ };
+ struct xdr_netobj keyin = {
+ .len = ctx->gk5e->keylength,
+ .data = ctx->Ksess,
+ };
+ struct xdr_netobj keyout;
+ int ret = -EINVAL;
+ void *subkey;
u32 err;
- c.len = GSS_KRB5_K5CLENGTH;
- c.data = cdata;
-
- keyin.data = ctx->Ksess;
- keyin.len = ctx->gk5e->keylength;
+ subkey = kmalloc(ctx->gk5e->keylength, gfp_mask);
+ if (!subkey)
+ return -ENOMEM;
keyout.len = ctx->gk5e->keylength;
+ keyout.data = subkey;
/* initiator seal encryption */
set_cdata(cdata, KG_USAGE_INITIATOR_SEAL, KEY_USAGE_SEED_ENCRYPTION);
- keyout.data = ctx->initiator_seal;
err = krb5_derive_key(ctx->gk5e, &keyin, &keyout, &c, gfp_mask);
if (err) {
dprintk("%s: Error %d deriving initiator_seal key\n",
__func__, err);
- goto out_err;
+ goto out;
}
ctx->initiator_enc = context_v2_alloc_cipher(ctx,
ctx->gk5e->encrypt_name,
- ctx->initiator_seal);
+ subkey);
if (ctx->initiator_enc == NULL)
- goto out_err;
+ goto out;
if (ctx->gk5e->aux_cipher) {
ctx->initiator_enc_aux =
context_v2_alloc_cipher(ctx, ctx->gk5e->aux_cipher,
- ctx->initiator_seal);
+ subkey);
if (ctx->initiator_enc_aux == NULL)
goto out_free;
}
/* acceptor seal encryption */
set_cdata(cdata, KG_USAGE_ACCEPTOR_SEAL, KEY_USAGE_SEED_ENCRYPTION);
- keyout.data = ctx->acceptor_seal;
err = krb5_derive_key(ctx->gk5e, &keyin, &keyout, &c, gfp_mask);
if (err) {
dprintk("%s: Error %d deriving acceptor_seal key\n",
@@ -394,13 +401,13 @@ context_derive_keys_new(struct krb5_ctx *ctx, gfp_t gfp_mask)
}
ctx->acceptor_enc = context_v2_alloc_cipher(ctx,
ctx->gk5e->encrypt_name,
- ctx->acceptor_seal);
+ subkey);
if (ctx->acceptor_enc == NULL)
goto out_free;
if (ctx->gk5e->aux_cipher) {
ctx->acceptor_enc_aux =
context_v2_alloc_cipher(ctx, ctx->gk5e->aux_cipher,
- ctx->acceptor_seal);
+ subkey);
if (ctx->acceptor_enc_aux == NULL)
goto out_free;
}
@@ -445,15 +452,17 @@ context_derive_keys_new(struct krb5_ctx *ctx, gfp_t gfp_mask)
goto out_free;
}
- return 0;
+ ret = 0;
+out:
+ kfree_sensitive(subkey);
+ return ret;
out_free:
crypto_free_sync_skcipher(ctx->acceptor_enc_aux);
crypto_free_sync_skcipher(ctx->acceptor_enc);
crypto_free_sync_skcipher(ctx->initiator_enc_aux);
crypto_free_sync_skcipher(ctx->initiator_enc);
-out_err:
- return -EINVAL;
+ goto out;
}
static int
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-17 17:20:55 +0000