From 5378683bcdd113b35137d49c89b8dff50c3d652c Mon Sep 17 00:00:00 2001
From: Miaoqian Lin <linmq006@gmail.com>
Date: Thu, 24 Apr 2025 14:47:41 +0800
Subject: [PATCH] ksmbd: use aead_request_free to match aead_request_alloc

mainline inclusion
from mainline-v6.15-rc1
commit 6171063e9d046ffa46f51579b2ca4a43caef581a
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/IC2CBV
CVE: CVE-2025-38575

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6171063e9d046ffa46f51579b2ca4a43caef581a

--------------------------------

Use aead_request_free() instead of kfree() to properly free memory
allocated by aead_request_alloc(). This ensures sensitive crypto data
is zeroed before being freed.

Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Signed-off-by: Miaoqian Lin <linmq006@gmail.com>
Acked-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Wang Zhaolong <wangzhaolong1@huawei.com>
---
 fs/smb/server/auth.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/smb/server/auth.c b/fs/smb/server/auth.c
index 58380a986af5..c3baf6537fad 100644
--- a/fs/smb/server/auth.c
+++ b/fs/smb/server/auth.c
@@ -1213,7 +1213,7 @@ int ksmbd_crypt_message(struct ksmbd_work *work, struct kvec *iov,
 free_sg:
 	kfree(sg);
 free_req:
-	kfree(req);
+	aead_request_free(req);
 free_ctx:
 	ksmbd_release_crypto_ctx(ctx);
 	return rc;
-- 
Gitee