From: Arnd Bergmann <arnd@arndb.de>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Kees Cook <keescook@chromium.org>,
Herbert Xu <herbert@gondor.apana.org.au>,
Eric Biggers <ebiggers@google.com>,
Giovanni Cabiddu <giovanni.cabiddu@intel.com>,
Alasdair Kergon <agk@redhat.com>,
Mike Snitzer <snitzer@redhat.com>,
Tudor Ambarus <tudor.ambarus@microchip.com>,
Andrew Morton <akpm@linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
Geert Uytterhoeven <geert@linux-m68k.org>,
Will Deacon <will.deacon@arm.com>,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
David Woodhouse <dwmw@amazon.co.uk>,
Matthew Wilcox <willy@infradead.org>,
David Miller <davem@davemloft.net>,
"Gustavo A. R. Silva" <gustavo@embeddedor.com>,
"open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
<linux-crypto@vger.kernel.org>,
dm-devel@redhat.com, qat-linux@i
Subject: Re: [PATCH v8 7/9] crypto: qat: Remove VLA usage
Date: Wed, 26 Sep 2018 10:53:42 +0200 [thread overview]
Message-ID: <CAK8P3a3=_uQihMw0GwEbvDnbvrxzq-em6rccW-so+qmkXk8btQ@mail.gmail.com> (raw)
In-Reply-To: <CAKv+Gu-dGbWsQu0NgOWVFy7Sca3yBD0pLzEMwmkG3mg9LFPpkA@mail.gmail.com>
On Wed, Sep 26, 2018 at 10:44 AM Ard Biesheuvel
<ard.biesheuvel@linaro.org> wrote:
>
> On Tue, 25 Sep 2018 at 18:12, Arnd Bergmann <arnd@arndb.de> wrote:
> >
> > On Tue, Aug 7, 2018 at 11:18 PM Kees Cook <keescook@chromium.org> wrote:
> > >
> > > In the quest to remove all stack VLA usage from the kernel[1], this uses
> > > the new upper bound for the stack buffer. Also adds a sanity check.
> > >
> > > [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com
> > >
> > > Signed-off-by: Kees Cook <keescook@chromium.org>
> >
> > After rebasing to linux-next, I now get a warning about this file:
> >
> > drivers/crypto/qat/qat_common/qat_algs.c: In function 'qat_alg_do_precomputes':
> > drivers/crypto/qat/qat_common/qat_algs.c:257:1: error: the frame size
> > of 1112 bytes is larger than 1024 bytes [-Werror=frame-larger-than=]
> >
> > I assume it was already possible to get into that state with the VLA,
> > but it seems bad enough that I think we need to do something
> > about it.
> >
> > The large stack variables add up to 1084 bytes, which fully explains
> > how we got here:
> >
> > SHASH_DESC_ON_STACK(shash, ctx->hash_tfm); /* 360 */
> > struct sha1_state sha1; /* 92 */
> > struct sha256_state sha256; /* 104 */
> > struct sha512_state sha512; /* 208 */
> > char ipad[MAX_ALGAPI_BLOCKSIZE]; /* 160 */
> > char opad[MAX_ALGAPI_BLOCKSIZE]; /* 160 */
> >
> > The question is what we can do about it. One simple step I've tried
> > is to move the sha1/sha256/sha512 into a union, which saves around
> > 200 bytes and should bring us (slightly) below the warning
> > limit, but I suspect we can do better than that. Any ideas?
> >
>
> All the processing takes place in the context of a setkey() operation,
> which means only one such operation should be in flight per tfm at any
> given time. So we could move all these pieces into the tfm context
> struct instead. Something like the below [untested] (whitespace
> mangling courtesy of Gmail)
Ah, right, this is what I was hoping for. I assume we already guarantee
that this context is never put on the stack somewhere else, right?
Arnd
WARNING: multiple messages have this Message-ID (diff)
From: Arnd Bergmann <arnd@arndb.de>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Kees Cook <keescook@chromium.org>,
Herbert Xu <herbert@gondor.apana.org.au>,
Eric Biggers <ebiggers@google.com>,
Giovanni Cabiddu <giovanni.cabiddu@intel.com>,
Alasdair Kergon <agk@redhat.com>,
Mike Snitzer <snitzer@redhat.com>,
Tudor Ambarus <tudor.ambarus@microchip.com>,
Andrew Morton <akpm@linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
Geert Uytterhoeven <geert@linux-m68k.org>,
Will Deacon <will.deacon@arm.com>,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
David Woodhouse <dwmw@amazon.co.uk>,
Matthew Wilcox <willy@infradead.org>,
David Miller <davem@davemloft.net>,
"Gustavo A. R. Silva" <gustavo@embeddedor.com>,
"open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
<linux-crypto@vger.kernel.org>,
dm-devel@redhat.com, qat-linux@intel.com,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v8 7/9] crypto: qat: Remove VLA usage
Date: Wed, 26 Sep 2018 10:53:42 +0200 [thread overview]
Message-ID: <CAK8P3a3=_uQihMw0GwEbvDnbvrxzq-em6rccW-so+qmkXk8btQ@mail.gmail.com> (raw)
In-Reply-To: <CAKv+Gu-dGbWsQu0NgOWVFy7Sca3yBD0pLzEMwmkG3mg9LFPpkA@mail.gmail.com>
On Wed, Sep 26, 2018 at 10:44 AM Ard Biesheuvel
<ard.biesheuvel@linaro.org> wrote:
>
> On Tue, 25 Sep 2018 at 18:12, Arnd Bergmann <arnd@arndb.de> wrote:
> >
> > On Tue, Aug 7, 2018 at 11:18 PM Kees Cook <keescook@chromium.org> wrote:
> > >
> > > In the quest to remove all stack VLA usage from the kernel[1], this uses
> > > the new upper bound for the stack buffer. Also adds a sanity check.
> > >
> > > [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com
> > >
> > > Signed-off-by: Kees Cook <keescook@chromium.org>
> >
> > After rebasing to linux-next, I now get a warning about this file:
> >
> > drivers/crypto/qat/qat_common/qat_algs.c: In function 'qat_alg_do_precomputes':
> > drivers/crypto/qat/qat_common/qat_algs.c:257:1: error: the frame size
> > of 1112 bytes is larger than 1024 bytes [-Werror=frame-larger-than=]
> >
> > I assume it was already possible to get into that state with the VLA,
> > but it seems bad enough that I think we need to do something
> > about it.
> >
> > The large stack variables add up to 1084 bytes, which fully explains
> > how we got here:
> >
> > SHASH_DESC_ON_STACK(shash, ctx->hash_tfm); /* 360 */
> > struct sha1_state sha1; /* 92 */
> > struct sha256_state sha256; /* 104 */
> > struct sha512_state sha512; /* 208 */
> > char ipad[MAX_ALGAPI_BLOCKSIZE]; /* 160 */
> > char opad[MAX_ALGAPI_BLOCKSIZE]; /* 160 */
> >
> > The question is what we can do about it. One simple step I've tried
> > is to move the sha1/sha256/sha512 into a union, which saves around
> > 200 bytes and should bring us (slightly) below the warning
> > limit, but I suspect we can do better than that. Any ideas?
> >
>
> All the processing takes place in the context of a setkey() operation,
> which means only one such operation should be in flight per tfm at any
> given time. So we could move all these pieces into the tfm context
> struct instead. Something like the below [untested] (whitespace
> mangling courtesy of Gmail)
Ah, right, this is what I was hoping for. I assume we already guarantee
that this context is never put on the stack somewhere else, right?
Arnd
next prev parent reply other threads:[~2018-09-26 8:53 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-07 21:18 [PATCH v8 0/9] crypto: Remove VLA usage Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` [PATCH v8 1/9] crypto: xcbc: " Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` [PATCH v8 2/9] crypto: cbc: " Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` [PATCH v8 3/9] crypto: ccm: " Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` [PATCH v8 4/9] crypto: hash: " Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` [PATCH v8 5/9] dm: Remove VLA usage from hashes Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-09-04 3:13 ` Herbert Xu
2018-09-13 16:41 ` Kees Cook
2018-09-13 16:41 ` Kees Cook
2018-09-13 17:54 ` Mike Snitzer
2018-09-14 6:10 ` Herbert Xu
2018-08-07 21:18 ` [PATCH v8 6/9] crypto alg: Introduce generic max blocksize and alignmask Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` [PATCH v8 7/9] crypto: qat: Remove VLA usage Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-09-25 16:12 ` Arnd Bergmann
2018-09-25 16:12 ` Arnd Bergmann
2018-09-26 8:44 ` Ard Biesheuvel
2018-09-26 8:44 ` Ard Biesheuvel
2018-09-26 8:44 ` Ard Biesheuvel
2018-09-26 8:53 ` Arnd Bergmann [this message]
2018-09-26 8:53 ` Arnd Bergmann
2018-09-26 8:55 ` Ard Biesheuvel
2018-09-26 8:55 ` Ard Biesheuvel
2018-09-26 8:55 ` Ard Biesheuvel
2018-08-07 21:18 ` [PATCH v8 8/9] crypto: shash: Remove VLA usage in unaligned hashing Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` [PATCH v8 9/9] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-08-07 21:18 ` Kees Cook
2018-09-04 3:15 ` Herbert Xu
2018-09-04 5:19 ` [PATCH v8 0/9] crypto: Remove VLA usage Herbert Xu
2018-09-04 5:50 ` Kees Cook
2018-09-04 5:50 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAK8P3a3=_uQihMw0GwEbvDnbvrxzq-em6rccW-so+qmkXk8btQ@mail.gmail.com' \
--to=arnd@arndb.de \
--cc=agk@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=ard.biesheuvel@linaro.org \
--cc=davem@davemloft.net \
--cc=dm-devel@redhat.com \
--cc=dwmw@amazon.co.uk \
--cc=ebiggers@google.com \
--cc=geert@linux-m68k.org \
--cc=giovanni.cabiddu@intel.com \
--cc=gustavo@embeddedor.com \
--cc=herbert@gondor.apana.org.au \
--cc=keescook@chromium.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux@rasmusvillemoes.dk \
--cc=qat-linux@i \
--cc=snitzer@redhat.com \
--cc=tglx@linutronix.de \
--cc=tudor.ambarus@microchip.com \
--cc=will.deacon@arm.com \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.