Received: by 2002:a05:6a10:8a4d:0:0:0:0 with SMTP id dn13csp416735pxb;
        Thu, 12 Aug 2021 20:35:00 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwxHTAvA0YmM8leIC4KS1CAnre/qCoiAHxNt0OLAQkML+vmqSTmcNT0bPw+/oUaP7totqGg
X-Received: by 2002:a02:cb45:: with SMTP id k5mr221869jap.112.1628825700655;
        Thu, 12 Aug 2021 20:35:00 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1628825700; cv=none;
        d=google.com; s=arc-20160816;
        b=wORB7PWzJNO757oaWU3ZSn3WZD3ORxlB3i2QVzfUgRQy7DEyFATghpx3maB8nAXinK
         0TPwUdNbVSSuLZ7YvJRT6jrm1/DpTWMxJPz75HVZjQ7onTOZxG0iINTsk/Fn9yvBmZCK
         xoWbDfv9tySxtUH+FZwD30XLZMcoOTRDU7OJGglEiTQ9CJj5pD3o/6U40ia/3R/xeRk3
         K5XPeMzYUEQeQ/8rT5mYs6I65LWTFrg5ASBHaJL+/U3APOIKIKkN4/zr/7N3JnX8e3Bk
         U0hpoflQ+AlUHBZV1Ko8qFi2NHia+79hJhbhPRE466G2hIp9vXyfuLYm6NbKcVRXS2by
         AcwA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-disposition:mime-version:message-id
         :subject:cc:to:from:date:dkim-signature;
        bh=jJ3CMpYcKY0RpG0pfGoKts0QK+hx3LT1VEVudKX1NOU=;
        b=KJnrwVSXiBMTLR2FWkHKcPXakMDSqmQjleZ5A7b2ACWyRaH7DfghF3oPLnf1T2fv+k
         Es7Jc1DTWgwzWnQxxP8oUt3JjqXO1nRixabMGVaFQA3vj/4ATg+KeNyTtCAGKAUDKGmV
         IMyqMrYFsD9yThH+pn9zAbnnd07hYk/BnaA0CzSGbhPfOIXKFDAbDa3wF+fRfLnCj14G
         jxiecvOI9IppSgSnIAJlSEPfVboXb7rZQRsqzpLzf9LkC4CD/8fPtuzupgUFXlkFYj22
         h019jCTa29uBS8XL9U9M5Nlw3DexJ/xheBD5HNEm2ntDT+DzPWTnI7RT0UMbK97i1GGu
         N5IA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=BzPhJ7Jr;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id n3si149106ioh.98.2021.08.12.20.34.40;
        Thu, 12 Aug 2021 20:35:00 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=BzPhJ7Jr;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236862AbhHMDYM (ORCPT <rfc822;will.sands.v@gmail.com>
        + 99 others); Thu, 12 Aug 2021 23:24:12 -0400
Received: from mail.kernel.org ([198.145.29.99]:56658 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S234337AbhHMDYM (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
        Thu, 12 Aug 2021 23:24:12 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id 9B7E760FBF;
        Fri, 13 Aug 2021 03:23:45 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1628825025;
        bh=AwT0XFgBaJlBrijTTYjpKGhqHHFKKuByMomK7FOOMo4=;
        h=Date:From:To:Cc:Subject:From;
        b=BzPhJ7JrzY9EjJkAl2szj9CnaReu9rn9+wXPHRJFL63bVlx9IFPcrWT8ZzL4ZgtUv
         yayNE4wbzaAoEMQZduYp7VAJJV5A8Q2u74qHtRhto3/UgqQucd6/RNIADjZSmU6vsN
         +ArrYYUqHOoSh9c4VsFNgCNbwyCH8+jOmuQoOYH1YXjKUytv1zPtxcjUyEhyhwgq1F
         rt/mhV6fiRDv3BTPHsTFoOJHcFpvGAH3B7caA0JGWI2yY6u03PWBh34D4rGtiiSeOz
         MeWprl6sLTbwfDoijxEjhQSAcnGHQcSZd1vd90Y3LJvmaRtmFlkxjLte0Aj0LwXps8
         im6ql+iUyVtGw==
Date:   Thu, 12 Aug 2021 20:23:44 -0700
From:   Eric Biggers <ebiggers@kernel.org>
To:     linux-cifs@vger.kernel.org, Steve French <sfrench@samba.org>
Cc:     samba-technical@lists.samba.org, linux-crypto@vger.kernel.org
Subject: Building cifs.ko without any support for insecure crypto?
Message-ID: <YRXlwDBfQql36wJx@sol.localdomain>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

Hi!

We should be working to eliminate any uses of insecure crypto algorithms (e.g.
DES, ARC4, MD4, MD5) from the kernel.  In particular, it should be possible to
build a kernel for a modern system without including any such algorithms.

Currently, CONFIG_CIFS is problematic because it selects all these algorithms
(kconfig options: CONFIG_CRYPTO_LIB_DES, CONFIG_CRYPTO_LIB_ARC4,
CONFIG_CRYPTO_MD4, CONFIG_CRYPTO_MD5).

It looks like these algorithms might only be used by SMB2.0 and earlier, and the
more modern SMB versions don't use them.  Is that the case?  It mostly looks
like that, but there's one case I'm not sure about -- there's a call chain which
appears to use ARC4 and HMAC-MD5 even with the most recent SMB version:

    smb311_operations.sess_setup()
      SMB2_sess_setup()
        SMB2_sess_auth_rawntlmssp_authenticate()
          build_ntlmssp_auth_blob()
            setup_ntlmv2_rsp()

Also, there's already an option CONFIG_CIFS_ALLOW_INSECURE_LEGACY=n which
disables support for SMB2.0 and earlier.  However, it doesn't actually compile
out the code but rather just prevents it from being used.  That means that the
DES and ARC4 library interfaces are still depended on at link time, so they
can't be omitted.  Have there been any considerations towards making
CONFIG_CIFS_ALLOW_INSECURE_LEGACY=n compile out the code for SMB2.0 and earlier?

- Eric