tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Eliminate sparse warning - bad constant expression

Eliminiate sparse warning during usage of crypto_shash_* APIs
error: bad constant expression

Allocate memory for shash descriptors once, so that we do not kmalloc/kfree it
for every signature generation (shash descriptor for md5 hash).

From ed7538619817777decc44b5660b52268077b74f3 Mon Sep 17 00:00:00 2001
From: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Date: Tue, 24 Aug 2010 11:47:43 -0500
Subject: [PATCH] eliminate sparse warnings during crypto_shash_* APis usage

Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>

authored by shirishpargaonkar@gmail.com and committed by Steve French 2d20ca83 24e6cf92

+128 -72
unified split
+121 -72
fs/cifs/cifsencrypt.c
··· 45 45 static int cifs_calculate_signature(const struct smb_hdr *cifs_pdu, 46 46 struct TCP_Server_Info *server, char *signature) 47 47 { 48 - int rc = 0; 49 - struct { 50 - struct shash_desc shash; 51 - char ctx[crypto_shash_descsize(server->ntlmssp.md5)]; 52 - } sdesc; 48 + int rc; 53 49 54 50 if (cifs_pdu == NULL || server == NULL || signature == NULL) 55 51 return -EINVAL; 56 52 57 - sdesc.shash.tfm = server->ntlmssp.md5; 58 - sdesc.shash.flags = 0x0; 53 + if (!server->ntlmssp.sdescmd5) { 54 + cERROR(1, 55 + "cifs_calculate_signature: can't generate signature\n"); 56 + return -1; 57 + } 59 58 60 - rc = crypto_shash_init(&sdesc.shash); 59 + rc = crypto_shash_init(&server->ntlmssp.sdescmd5->shash); 61 60 if (rc) { 62 - cERROR(1, "could not initialize master crypto API hmacmd5\n"); 61 + cERROR(1, "cifs_calculate_signature: oould not init md5\n"); 63 62 return rc; 64 63 } 65 64 66 65 if (server->secType == RawNTLMSSP) 67 - crypto_shash_update(&sdesc.shash, 66 + crypto_shash_update(&server->ntlmssp.sdescmd5->shash, 68 67 server->session_key.data.ntlmv2.key, 69 68 CIFS_NTLMV2_SESSKEY_SIZE); 70 69 else 71 - crypto_shash_update(&sdesc.shash, 70 + crypto_shash_update(&server->ntlmssp.sdescmd5->shash, 72 71 (char *)&server->session_key.data, 73 72 server->session_key.len); 74 73 75 - crypto_shash_update(&sdesc.shash, 74 + crypto_shash_update(&server->ntlmssp.sdescmd5->shash, 76 75 cifs_pdu->Protocol, cifs_pdu->smb_buf_length); 77 76 78 - rc = crypto_shash_final(&sdesc.shash, signature); 77 + rc = crypto_shash_final(&server->ntlmssp.sdescmd5->shash, signature); 79 78 80 - return 0; 79 + return rc; 81 80 } 82 81 83 82 ··· 114 115 struct TCP_Server_Info *server, char *signature) 115 116 { 116 117 int i; 117 - int rc = 0; 118 - struct { 119 - struct shash_desc shash; 120 - char ctx[crypto_shash_descsize(server->ntlmssp.md5)]; 121 - } sdesc; 118 + int rc; 122 119 123 120 if (iov == NULL || server == NULL || signature == NULL) 124 121 return -EINVAL; 125 122 126 - sdesc.shash.tfm = server->ntlmssp.md5; 127 - sdesc.shash.flags = 0x0; 123 + if (!server->ntlmssp.sdescmd5) { 124 + cERROR(1, "cifs_calc_signature2: can't generate signature\n"); 125 + return -1; 126 + } 128 127 129 - rc = crypto_shash_init(&sdesc.shash); 128 + rc = crypto_shash_init(&server->ntlmssp.sdescmd5->shash); 130 129 if (rc) { 131 - cERROR(1, "could not initialize master crypto API hmacmd5\n"); 130 + cERROR(1, "cifs_calc_signature2: oould not init md5\n"); 132 131 return rc; 133 132 } 134 133 135 134 if (server->secType == RawNTLMSSP) 136 - crypto_shash_update(&sdesc.shash, 135 + crypto_shash_update(&server->ntlmssp.sdescmd5->shash, 137 136 server->session_key.data.ntlmv2.key, 138 137 CIFS_NTLMV2_SESSKEY_SIZE); 139 138 else 140 - crypto_shash_update(&sdesc.shash, 139 + crypto_shash_update(&server->ntlmssp.sdescmd5->shash, 141 140 (char *)&server->session_key.data, 142 141 server->session_key.len); 143 142 ··· 143 146 if (iov[i].iov_len == 0) 144 147 continue; 145 148 if (iov[i].iov_base == NULL) { 146 - cERROR(1, "null iovec entry"); 149 + cERROR(1, "cifs_calc_signature2: null iovec entry"); 147 150 return -EIO; 148 151 } 149 152 /* The first entry includes a length field (which does not get ··· 151 154 if (i == 0) { 152 155 if (iov[0].iov_len <= 8) /* cmd field at offset 9 */ 153 156 break; /* nothing to sign or corrupt header */ 154 - crypto_shash_update(&sdesc.shash, 157 + crypto_shash_update(&server->ntlmssp.sdescmd5->shash, 155 158 iov[i].iov_base + 4, iov[i].iov_len - 4); 156 159 } else 157 - crypto_shash_update(&sdesc.shash, 160 + crypto_shash_update(&server->ntlmssp.sdescmd5->shash, 158 161 iov[i].iov_base, iov[i].iov_len); 159 162 } 160 163 161 - rc = crypto_shash_final(&sdesc.shash, signature); 164 + rc = crypto_shash_final(&server->ntlmssp.sdescmd5->shash, signature); 162 165 163 - return 0; 166 + return rc; 164 167 } 165 168 166 169 int cifs_sign_smb2(struct kvec *iov, int n_vec, struct TCP_Server_Info *server, ··· 310 313 wchar_t *user; 311 314 wchar_t *domain; 312 315 wchar_t *server; 313 - struct { 314 - struct shash_desc shash; 315 - char ctx[crypto_shash_descsize(ses->server->ntlmssp.hmacmd5)]; 316 - } sdesc; 316 + 317 + if (!ses->server->ntlmssp.sdeschmacmd5) { 318 + cERROR(1, "calc_ntlmv2_hash: can't generate ntlmv2 hash\n"); 319 + return -1; 320 + } 317 321 318 322 /* calculate md4 hash of password */ 319 323 E_md4hash(ses->password, nt_hash); 320 324 321 - sdesc.shash.tfm = ses->server->ntlmssp.hmacmd5; 322 - sdesc.shash.flags = 0x0; 323 - 324 325 crypto_shash_setkey(ses->server->ntlmssp.hmacmd5, nt_hash, 325 326 CIFS_NTHASH_SIZE); 326 327 327 - rc = crypto_shash_init(&sdesc.shash); 328 + rc = crypto_shash_init(&ses->server->ntlmssp.sdeschmacmd5->shash); 328 329 if (rc) { 329 - cERROR(1, "could not initialize master crypto API hmacmd5\n"); 330 + cERROR(1, "calc_ntlmv2_hash: could not init hmacmd5\n"); 330 331 return rc; 331 332 } 332 333 333 334 /* convert ses->userName to unicode and uppercase */ 334 335 len = strlen(ses->userName); 335 336 user = kmalloc(2 + (len * 2), GFP_KERNEL); 336 - if (user == NULL) 337 + if (user == NULL) { 338 + cERROR(1, "calc_ntlmv2_hash: user mem alloc failure\n"); 339 + rc = -ENOMEM; 337 340 goto calc_exit_2; 341 + } 338 342 len = cifs_strtoUCS((__le16 *)user, ses->userName, len, nls_cp); 339 343 UniStrupr(user); 340 344 341 - crypto_shash_update(&sdesc.shash, (char *)user, 2 * len); 345 + crypto_shash_update(&ses->server->ntlmssp.sdeschmacmd5->shash, 346 + (char *)user, 2 * len); 342 347 343 348 /* convert ses->domainName to unicode and uppercase */ 344 349 if (ses->domainName) { 345 350 len = strlen(ses->domainName); 346 351 347 352 domain = kmalloc(2 + (len * 2), GFP_KERNEL); 348 - if (domain == NULL) 353 + if (domain == NULL) { 354 + cERROR(1, "calc_ntlmv2_hash: domain mem alloc failure"); 355 + rc = -ENOMEM; 349 356 goto calc_exit_1; 357 + } 350 358 len = cifs_strtoUCS((__le16 *)domain, ses->domainName, len, 351 359 nls_cp); 352 360 /* the following line was removed since it didn't work well ··· 359 357 Maybe converting the domain name earlier makes sense */ 360 358 /* UniStrupr(domain); */ 361 359 362 - crypto_shash_update(&sdesc.shash, (char *)domain, 2 * len); 360 + crypto_shash_update(&ses->server->ntlmssp.sdeschmacmd5->shash, 361 + (char *)domain, 2 * len); 363 362 364 363 kfree(domain); 365 364 } else if (ses->serverName) { 366 365 len = strlen(ses->serverName); 367 366 368 367 server = kmalloc(2 + (len * 2), GFP_KERNEL); 369 - if (server == NULL) 368 + if (server == NULL) { 369 + cERROR(1, "calc_ntlmv2_hash: server mem alloc failure"); 370 + rc = -ENOMEM; 370 371 goto calc_exit_1; 372 + } 371 373 len = cifs_strtoUCS((__le16 *)server, ses->serverName, len, 372 374 nls_cp); 373 375 /* the following line was removed since it didn't work well ··· 379 373 Maybe converting the domain name earlier makes sense */ 380 374 /* UniStrupr(domain); */ 381 375 382 - crypto_shash_update(&sdesc.shash, (char *)server, 2 * len); 376 + crypto_shash_update(&ses->server->ntlmssp.sdeschmacmd5->shash, 377 + (char *)server, 2 * len); 383 378 384 379 kfree(server); 385 380 } 381 + 382 + rc = crypto_shash_final(&ses->server->ntlmssp.sdeschmacmd5->shash, 383 + ses->server->ntlmv2_hash); 384 + 386 385 calc_exit_1: 387 386 kfree(user); 388 387 calc_exit_2: 389 388 /* BB FIXME what about bytes 24 through 40 of the signing key? 390 389 compare with the NTLM example */ 391 - rc = crypto_shash_final(&sdesc.shash, ses->server->ntlmv2_hash); 392 390 393 391 return rc; 394 392 } ··· 452 442 char *v2_session_response) 453 443 { 454 444 int rc; 455 - struct { 456 - struct shash_desc shash; 457 - char ctx[crypto_shash_descsize(server->ntlmssp.hmacmd5)]; 458 - } sdesc; 459 445 460 - sdesc.shash.tfm = server->ntlmssp.hmacmd5; 461 - sdesc.shash.flags = 0x0; 446 + if (!server->ntlmssp.sdeschmacmd5) { 447 + cERROR(1, "calc_ntlmv2_hash: can't generate ntlmv2 hash\n"); 448 + return -1; 449 + } 462 450 463 451 crypto_shash_setkey(server->ntlmssp.hmacmd5, server->ntlmv2_hash, 464 452 CIFS_HMAC_MD5_HASH_SIZE); 465 453 466 - rc = crypto_shash_init(&sdesc.shash); 454 + rc = crypto_shash_init(&server->ntlmssp.sdeschmacmd5->shash); 467 455 if (rc) { 468 - cERROR(1, "could not initialize master crypto API hmacmd5\n"); 456 + cERROR(1, "CalcNTLMv2_response: could not init hmacmd5"); 469 457 return rc; 470 458 } 471 459 472 460 memcpy(v2_session_response + CIFS_SERVER_CHALLENGE_SIZE, 473 461 server->cryptKey, CIFS_SERVER_CHALLENGE_SIZE); 474 - crypto_shash_update(&sdesc.shash, 462 + crypto_shash_update(&server->ntlmssp.sdeschmacmd5->shash, 475 463 v2_session_response + CIFS_SERVER_CHALLENGE_SIZE, 476 464 sizeof(struct ntlmv2_resp) - CIFS_SERVER_CHALLENGE_SIZE); 477 465 478 466 if (server->tilen) 479 - crypto_shash_update(&sdesc.shash, 467 + crypto_shash_update(&server->ntlmssp.sdeschmacmd5->shash, 480 468 server->tiblob, server->tilen); 481 469 482 - rc = crypto_shash_final(&sdesc.shash, v2_session_response); 470 + rc = crypto_shash_final(&server->ntlmssp.sdeschmacmd5->shash, 471 + v2_session_response); 483 472 484 473 return rc; 485 474 } ··· 489 480 { 490 481 int rc = 0; 491 482 struct ntlmv2_resp *buf = (struct ntlmv2_resp *)resp_buf; 492 - struct { 493 - struct shash_desc shash; 494 - char ctx[crypto_shash_descsize(ses->server->ntlmssp.hmacmd5)]; 495 - } sdesc; 496 483 497 484 buf->blob_signature = cpu_to_le32(0x00000101); 498 485 buf->reserved = 0; ··· 516 511 return rc; 517 512 } 518 513 514 + if (!ses->server->ntlmssp.sdeschmacmd5) { 515 + cERROR(1, "calc_ntlmv2_hash: can't generate ntlmv2 hash\n"); 516 + return -1; 517 + } 518 + 519 519 crypto_shash_setkey(ses->server->ntlmssp.hmacmd5, 520 520 ses->server->ntlmv2_hash, CIFS_HMAC_MD5_HASH_SIZE); 521 521 522 - sdesc.shash.tfm = ses->server->ntlmssp.hmacmd5; 523 - sdesc.shash.flags = 0x0; 524 - 525 - rc = crypto_shash_init(&sdesc.shash); 522 + rc = crypto_shash_init(&ses->server->ntlmssp.sdeschmacmd5->shash); 526 523 if (rc) { 527 - cERROR(1, "could not initialize master crypto API hmacmd5\n"); 524 + cERROR(1, "setup_ntlmv2_rsp: could not init hmacmd5\n"); 528 525 return rc; 529 526 } 530 527 531 - crypto_shash_update(&sdesc.shash, resp_buf, CIFS_HMAC_MD5_HASH_SIZE); 528 + crypto_shash_update(&ses->server->ntlmssp.sdeschmacmd5->shash, 529 + resp_buf, CIFS_HMAC_MD5_HASH_SIZE); 532 530 533 - rc = crypto_shash_final(&sdesc.shash, 531 + rc = crypto_shash_final(&ses->server->ntlmssp.sdeschmacmd5->shash, 534 532 ses->server->session_key.data.ntlmv2.key); 535 533 536 534 memcpy(&ses->server->session_key.data.ntlmv2.resp, resp_buf, ··· 586 578 587 579 if (server->ntlmssp.hmacmd5) 588 580 crypto_free_shash(server->ntlmssp.hmacmd5); 581 + 582 + kfree(server->ntlmssp.sdeschmacmd5); 583 + 584 + kfree(server->ntlmssp.sdescmd5); 589 585 } 590 586 591 587 int 592 588 cifs_crypto_shash_allocate(struct TCP_Server_Info *server) 593 589 { 590 + int rc; 591 + unsigned int size; 592 + 594 593 server->ntlmssp.hmacmd5 = crypto_alloc_shash("hmac(md5)", 0, 0); 595 594 if (!server->ntlmssp.hmacmd5 || 596 595 IS_ERR(server->ntlmssp.hmacmd5)) { 597 - cERROR(1, "could not allocate master crypto API hmacmd5\n"); 596 + cERROR(1, "could not allocate crypto hmacmd5\n"); 598 597 return 1; 599 598 } 600 599 601 600 server->ntlmssp.md5 = crypto_alloc_shash("md5", 0, 0); 602 601 if (!server->ntlmssp.md5 || IS_ERR(server->ntlmssp.md5)) { 603 - crypto_free_shash(server->ntlmssp.hmacmd5); 604 - cERROR(1, "could not allocate master crypto API md5\n"); 605 - return 1; 602 + cERROR(1, "could not allocate crypto md5\n"); 603 + rc = 1; 604 + goto cifs_crypto_shash_allocate_ret1; 606 605 } 607 606 607 + size = sizeof(struct shash_desc) + 608 + crypto_shash_descsize(server->ntlmssp.hmacmd5); 609 + server->ntlmssp.sdeschmacmd5 = kmalloc(size, GFP_KERNEL); 610 + if (!server->ntlmssp.sdeschmacmd5) { 611 + cERROR(1, "cifs_crypto_shash_allocate: can't alloc hmacmd5\n"); 612 + rc = -ENOMEM; 613 + goto cifs_crypto_shash_allocate_ret2; 614 + } 615 + server->ntlmssp.sdeschmacmd5->shash.tfm = server->ntlmssp.hmacmd5; 616 + server->ntlmssp.sdeschmacmd5->shash.flags = 0x0; 617 + 618 + 619 + size = sizeof(struct shash_desc) + 620 + crypto_shash_descsize(server->ntlmssp.md5); 621 + server->ntlmssp.sdescmd5 = kmalloc(size, GFP_KERNEL); 622 + if (!server->ntlmssp.sdescmd5) { 623 + cERROR(1, "cifs_crypto_shash_allocate: can't alloc md5\n"); 624 + rc = -ENOMEM; 625 + goto cifs_crypto_shash_allocate_ret3; 626 + } 627 + server->ntlmssp.sdescmd5->shash.tfm = server->ntlmssp.md5; 628 + server->ntlmssp.sdescmd5->shash.flags = 0x0; 629 + 608 630 return 0; 631 + 632 + cifs_crypto_shash_allocate_ret3: 633 + kfree(server->ntlmssp.sdeschmacmd5); 634 + 635 + cifs_crypto_shash_allocate_ret2: 636 + crypto_free_shash(server->ntlmssp.md5); 637 + 638 + cifs_crypto_shash_allocate_ret1: 639 + crypto_free_shash(server->ntlmssp.hmacmd5); 640 + 641 + return rc; 609 642 }
+7
fs/cifs/cifsglob.h
··· 123 123 struct cifs_ace *aces; 124 124 }; 125 125 126 + struct sdesc { 127 + struct shash_desc shash; 128 + char ctx[]; 129 + }; 130 + 126 131 struct ntlmssp_auth { 127 132 __u32 client_flags; 128 133 __u32 server_flags; 129 134 unsigned char ciphertext[CIFS_CPHTXT_SIZE]; 130 135 struct crypto_shash *hmacmd5; 131 136 struct crypto_shash *md5; 137 + struct sdesc *sdeschmacmd5; 138 + struct sdesc *sdescmd5; 132 139 }; 133 140 134 141 /*