From: Kees Cook <keescook@chromium.org>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Kees Cook <keescook@chromium.org>,
"David S. Miller" <davem@davemloft.net>,
linux-crypto@vger.kernel.org,
"Gustavo A. R. Silva" <gustavo@embeddedor.com>,
Arnd Bergmann <arnd@arndb.de>, Eric Biggers <ebiggers@google.com>,
Alasdair Kergon <agk@redhat.com>,
Giovanni Cabiddu <giovanni.cabiddu@intel.com>,
Lars Persson <larper@axis.com>, Mike Snitzer <snitzer@redhat.com>,
Rabin Vincent <rabinv@axis.com>,
Tim Chen <tim.c.chen@linux.intel.com>,
qat-linux@intel.com, dm-devel@redhat.com,
linux-kernel@vger.kernel.org
Subject: [PATCH v2 01/11] crypto: xcbc: Remove VLA usage
Date: Mon, 25 Jun 2018 14:10:16 -0700 [thread overview]
Message-ID: <20180625211026.15819-2-keescook@chromium.org> (raw)
In-Reply-To: <20180625211026.15819-1-keescook@chromium.org>
In the quest to remove all stack VLA usage from the kernel[1], this uses
the maximum blocksize and adds a sanity check. For xcbc, the blocksize
must always be 16, so use that, since it's already being enforced during
instantiation.
[1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
crypto/xcbc.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/crypto/xcbc.c b/crypto/xcbc.c
index 25c75af50d3f..7aa03beed795 100644
--- a/crypto/xcbc.c
+++ b/crypto/xcbc.c
@@ -57,6 +57,8 @@ struct xcbc_desc_ctx {
u8 ctx[];
};
+#define XCBC_BLOCKSIZE 16
+
static int crypto_xcbc_digest_setkey(struct crypto_shash *parent,
const u8 *inkey, unsigned int keylen)
{
@@ -65,7 +67,10 @@ static int crypto_xcbc_digest_setkey(struct crypto_shash *parent,
int bs = crypto_shash_blocksize(parent);
u8 *consts = PTR_ALIGN(&ctx->ctx[0], alignmask + 1);
int err = 0;
- u8 key1[bs];
+ u8 key1[XCBC_BLOCKSIZE];
+
+ if (WARN_ON(bs > sizeof(key1)))
+ return -EINVAL;
if ((err = crypto_cipher_setkey(ctx->child, inkey, keylen)))
return err;
@@ -212,7 +217,7 @@ static int xcbc_create(struct crypto_template *tmpl, struct rtattr **tb)
return PTR_ERR(alg);
switch(alg->cra_blocksize) {
- case 16:
+ case XCBC_BLOCKSIZE:
break;
default:
goto out_put_alg;
--
2.17.1
next prev parent reply other threads:[~2018-06-25 21:10 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-25 21:10 [PATCH v2 00/11] crypto: Remove VLA usage Kees Cook
2018-06-25 21:10 ` Kees Cook [this message]
2018-06-25 21:23 ` [PATCH v2 01/11] crypto: xcbc: " Joe Perches
2018-06-25 21:32 ` Kees Cook
2018-06-25 21:38 ` Joe Perches
2018-06-25 23:06 ` Kees Cook
2018-06-26 0:54 ` Gustavo A. R. Silva
2018-06-26 16:50 ` Kees Cook
2018-06-26 17:05 ` Gustavo A. R. Silva
2018-06-25 21:10 ` [PATCH v2 02/11] crypto: cbc: " Kees Cook
2018-06-25 21:10 ` [PATCH v2 03/11] crypto: shash: " Kees Cook
2018-06-25 21:10 ` [PATCH v2 04/11] dm integrity: " Kees Cook
2018-06-25 21:10 ` [PATCH v2 05/11] crypto: ahash: " Kees Cook
2018-06-25 21:10 ` [PATCH v2 06/11] dm verity fec: " Kees Cook
2018-06-25 21:10 ` [PATCH v2 07/11] crypto alg: Introduce generic max blocksize and alignmask Kees Cook
2018-06-25 21:10 ` [PATCH v2 08/11] crypto: qat: Remove VLA usage Kees Cook
2018-06-25 21:10 ` [PATCH v2 09/11] crypto: shash: Remove VLA usage in unaligned hashing Kees Cook
2018-06-25 21:10 ` [PATCH v2 10/11] crypto: ahash: Remove VLA usage for AHASH_REQUEST_ON_STACK Kees Cook
2018-06-25 22:56 ` [dm-devel] " Eric Biggers
2018-06-25 23:13 ` Kees Cook
2018-06-26 9:19 ` Herbert Xu
2018-06-26 17:02 ` Kees Cook
2018-06-27 14:34 ` Herbert Xu
2018-06-27 18:12 ` Kees Cook
2018-06-25 21:10 ` [PATCH v2 11/11] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK Kees Cook
2018-06-26 9:20 ` Herbert Xu
2018-06-26 16:45 ` Kees Cook
2018-06-27 14:36 ` Herbert Xu
2018-06-27 18:31 ` Kees Cook
2018-06-27 22:27 ` Herbert Xu
2018-06-28 0:10 ` Kees Cook
2018-07-01 6:24 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180625211026.15819-2-keescook@chromium.org \
--to=keescook@chromium.org \
--cc=agk@redhat.com \
--cc=arnd@arndb.de \
--cc=davem@davemloft.net \
--cc=dm-devel@redhat.com \
--cc=ebiggers@google.com \
--cc=giovanni.cabiddu@intel.com \
--cc=gustavo@embeddedor.com \
--cc=herbert@gondor.apana.org.au \
--cc=larper@axis.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=qat-linux@intel.com \
--cc=rabinv@axis.com \
--cc=snitzer@redhat.com \
--cc=tim.c.chen@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).