Commit 2b2f7548 authored by Steve French's avatar Steve French
Browse files

SMB3.1.1: Add GCM crypto to the encrypt and decrypt functions 



SMB3.1.1 GCM performs much better than the older CCM default:
more than twice as fast in the write patch (copy to the Samba
server on localhost for example) and 80% faster on the read
patch (copy from the server).

Signed-off-by: default avatarSteve French <stfrench@microsoft.com>
Reviewed-by: default avatarRonnie Sahlberg <lsahlber@redhat.com>
Reviewed-by: default avatarPavel Shilovsky <pshilov@microsoft.com>
parent 9ac63ec7

fs/cifs/smb2ops.c

+13 −5
Original line number Diff line number Diff line
@@ -3367,7 +3367,7 @@ smb2_dir_needs_close(struct cifsFileInfo *cfile) 


static void

fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, unsigned int orig_len,

		   struct smb_rqst *old_rq)

		   struct smb_rqst *old_rq, __le16 cipher_type)

{

	struct smb2_sync_hdr *shdr =

			(struct smb2_sync_hdr *)old_rq->rq_iov[0].iov_base;
@@ -3376,6 +3376,9 @@ fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, unsigned int orig_len, 
	tr_hdr->ProtocolId = SMB2_TRANSFORM_PROTO_NUM;

	tr_hdr->OriginalMessageSize = cpu_to_le32(orig_len);

	tr_hdr->Flags = cpu_to_le16(0x01);

	if (cipher_type == SMB2_ENCRYPTION_AES128_GCM)

		get_random_bytes(&tr_hdr->Nonce, SMB3_AES128GCM_NONCE);

	else

		get_random_bytes(&tr_hdr->Nonce, SMB3_AES128CCM_NONCE);

	memcpy(&tr_hdr->SessionId, &shdr->SessionId, 8);

}
@@ -3534,8 +3537,13 @@ crypt_message(struct TCP_Server_Info *server, int num_rqst, 
		rc = -ENOMEM;

		goto free_sg;

	}



	if (server->cipher_type == SMB2_ENCRYPTION_AES128_GCM)

		memcpy(iv, (char *)tr_hdr->Nonce, SMB3_AES128GCM_NONCE);

	else {

		iv[0] = 3;

		memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES128CCM_NONCE);

	}



	aead_request_set_crypt(req, sg, sg, crypt_len, iv);

	aead_request_set_ad(req, assoc_data_len);
@@ -3635,7 +3643,7 @@ smb3_init_transform_rq(struct TCP_Server_Info *server, int num_rqst, 
	}



	/* fill the 1st iov with a transform header */

	fill_transform_hdr(tr_hdr, orig_len, old_rq);

	fill_transform_hdr(tr_hdr, orig_len, old_rq, server->cipher_type);



	rc = crypt_message(server, num_rqst, new_rq, 1);

	cifs_dbg(FYI, "Encrypt message returned %d\n", rc);

fs/cifs/smb2transport.c

+8 −2
Original line number Diff line number Diff line
@@ -734,6 +734,9 @@ smb3_crypto_aead_allocate(struct TCP_Server_Info *server) 
	struct crypto_aead *tfm;



	if (!server->secmech.ccmaesencrypt) {

		if (server->cipher_type == SMB2_ENCRYPTION_AES128_GCM)

			tfm = crypto_alloc_aead("gcm(aes)", 0, 0);

		else

			tfm = crypto_alloc_aead("ccm(aes)", 0, 0);

		if (IS_ERR(tfm)) {

			cifs_dbg(VFS, "%s: Failed to alloc encrypt aead\n",
@@ -744,6 +747,9 @@ smb3_crypto_aead_allocate(struct TCP_Server_Info *server) 
	}



	if (!server->secmech.ccmaesdecrypt) {

		if (server->cipher_type == SMB2_ENCRYPTION_AES128_GCM)

			tfm = crypto_alloc_aead("gcm(aes)", 0, 0);

		else

			tfm = crypto_alloc_aead("ccm(aes)", 0, 0);

		if (IS_ERR(tfm)) {

			crypto_free_aead(server->secmech.ccmaesencrypt);

CRA Git | Maintained and supported by SUSTech CRA and CCSE