From: Kees Cook <keescook@chromium.org>
To: Arnd Bergmann <arnd@arndb.de>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
"Gustavo A. R. Silva" <gustavo@embeddedor.com>,
Eric Biggers <ebiggers@google.com>,
Alasdair Kergon <agk@redhat.com>,
Giovanni Cabiddu <giovanni.cabiddu@intel.com>,
Lars Persson <larper@axis.com>, Mike Snitzer <snitzer@redhat.com>,
Rabin Vincent <rabinv@axis.com>,
Tim Chen <tim.c.chen@linux.intel.com>,
"David S. Miller" <davem@davemloft.net>,
Masahiro Yamada <yamada.masahiro@socionext.com>,
"open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
<linux-crypto@vger.kernel.org>,
qat-linux@intel.com, dm-devel@redhat.com,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
David Howells <dhowells@redhat.com>
Subject: Re: [PATCH v4 13/14] rxrpc: Prepare to remove VLA usage for SKCIPHER_REQUEST_ON_STACK
Date: Thu, 12 Jul 2018 13:30:33 -0700 [thread overview]
Message-ID: <CAGXu5jK7iRv1HE7JgW95vTgg5vhye4dxjfoQyN3G7HZzp7nZhA@mail.gmail.com> (raw)
In-Reply-To: <CAGXu5jLUME9cjntUUed9EYukzEaODDzqRmtGht=uu7YVAG2WWg@mail.gmail.com>
On Thu, Jul 12, 2018 at 1:23 PM, Kees Cook <keescook@chromium.org> wrote:
> On Thu, Jul 12, 2018 at 8:11 AM, Arnd Bergmann <arnd@arndb.de> wrote:
>> On Wed, Jul 11, 2018 at 10:36 PM, Kees Cook <keescook@chromium.org> wrote:
>>> Two uses of SKCIPHER_REQUEST_ON_STACK() will trigger FRAME_WARN warnings
>>> (when less than 2048) once the VLA is no longer hidden from the check:
>>>
>>> net/rxrpc/rxkad.c:398:1: warning: the frame size of 1152 bytes is larger than 1024 bytes [-Wframe-larger-than=]
>>> net/rxrpc/rxkad.c:242:1: warning: the frame size of 1152 bytes is larger than 1024 bytes [-Wframe-larger-than=]
>>>
>>> This bumps the affected objects by 20% to silence the warnings while
>>> still providing coverage is anything grows even more.
>>>
>>> Signed-off-by: Kees Cook <keescook@chromium.org>
>>
>> (adding David Howells to cc)
>>
>> I don't think these are in a fast path, it should be possible to just use
>> skcipher_alloc_req() instead of SKCIPHER_REQUEST_ON_STACK() here.
>> From what I can tell, neither of the two are called in atomic context, so
>> you should be able to use a GFP_KERNEL allocation.
>
> Sure, I can do that instead.
Actually, I think this can actually be adjusted to just re-use the
stack allocation, since rxkad_verify_packet() finishes one before
doing another in rxkad_verify_packet_1():
diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c
index 278ac0807a60..d6a2e7cab384 100644
--- a/net/rxrpc/rxkad.c
+++ b/net/rxrpc/rxkad.c
@@ -316,10 +316,10 @@ static int rxkad_secure_packet(struct rxrpc_call *call,
*/
static int rxkad_verify_packet_1(struct rxrpc_call *call, struct sk_buff *skb,
unsigned int offset, unsigned int len,
- rxrpc_seq_t seq)
+ rxrpc_seq_t seq,
+ struct skcipher_request *req)
{
struct rxkad_level1_hdr sechdr;
- SKCIPHER_REQUEST_ON_STACK(req, call->conn->cipher);
struct rxrpc_crypt iv;
struct scatterlist sg[16];
struct sk_buff *trailer;
@@ -549,7 +549,7 @@ static int rxkad_verify_packet(struct rxrpc_call
*call, struct sk_buff *skb,
case RXRPC_SECURITY_PLAIN:
return 0;
case RXRPC_SECURITY_AUTH:
- return rxkad_verify_packet_1(call, skb, offset, len, seq);
+ return rxkad_verify_packet_1(call, skb, offset, len, seq, req);
case RXRPC_SECURITY_ENCRYPT:
return rxkad_verify_packet_2(call, skb, offset, len, seq);
default:
-Kees
--
Kees Cook
Pixel Security
next prev parent reply other threads:[~2018-07-12 20:30 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-11 20:36 [PATCH v4 00/14] crypto: Remove VLA usage Kees Cook
2018-07-11 20:36 ` [PATCH v4 01/14] crypto: xcbc: " Kees Cook
2018-07-11 20:36 ` [PATCH v4 02/14] crypto: cbc: " Kees Cook
2018-07-11 20:36 ` [PATCH v4 03/14] crypto: shash: " Kees Cook
2018-07-11 20:36 ` [PATCH v4 04/14] dm integrity: " Kees Cook
2018-07-11 20:36 ` [PATCH v4 05/14] crypto: ahash: " Kees Cook
2018-07-11 20:36 ` [PATCH v4 06/14] dm verity fec: " Kees Cook
2018-07-11 20:36 ` [PATCH v4 07/14] crypto alg: Introduce generic max blocksize and alignmask Kees Cook
2018-07-11 20:36 ` [PATCH v4 08/14] crypto: qat: Remove VLA usage Kees Cook
2018-07-11 20:36 ` [PATCH v4 09/14] crypto: shash: Remove VLA usage in unaligned hashing Kees Cook
2018-07-11 20:36 ` [PATCH v4 10/14] kbuild: Introduce FRAME_WARN_BUMP_FLAG Kees Cook
2018-07-11 20:36 ` [PATCH v4 11/14] treewide: Prepare to remove VLA usage for AHASH_REQUEST_ON_STACK Kees Cook
2018-07-12 16:02 ` Arnd Bergmann
2018-07-12 20:17 ` Kees Cook
2018-07-12 21:38 ` Arnd Bergmann
2018-07-13 0:40 ` Herbert Xu
2018-07-13 3:33 ` Kees Cook
2018-07-13 3:44 ` Herbert Xu
2018-07-13 5:17 ` Kees Cook
2018-07-13 5:20 ` Herbert Xu
2018-07-13 6:00 ` Kees Cook
2018-07-13 10:14 ` Arnd Bergmann
2018-07-15 4:28 ` Kees Cook
2018-07-17 20:59 ` Arnd Bergmann
2018-07-18 14:50 ` Ard Biesheuvel
2018-07-18 15:19 ` Ard Biesheuvel
2018-07-18 15:33 ` Arnd Bergmann
2018-07-18 15:33 ` Ard Biesheuvel
2018-07-19 2:51 ` Kees Cook
2018-07-19 2:55 ` Ard Biesheuvel
2018-07-19 3:09 ` Kees Cook
2018-07-19 3:13 ` Ard Biesheuvel
2018-07-19 14:54 ` Ard Biesheuvel
2018-07-19 18:44 ` Kees Cook
2018-07-13 6:16 ` Kees Cook
2018-07-13 6:22 ` Herbert Xu
2018-07-14 3:07 ` Kees Cook
2018-07-15 2:44 ` Herbert Xu
2018-07-15 2:59 ` Kees Cook
2018-07-16 0:01 ` Herbert Xu
2018-07-16 3:39 ` Kees Cook
2018-07-16 7:24 ` Arnd Bergmann
2018-07-11 20:36 ` [PATCH v4 12/14] crypto: ahash: Remove " Kees Cook
2018-07-11 20:36 ` [PATCH v4 13/14] rxrpc: Prepare to remove VLA usage for SKCIPHER_REQUEST_ON_STACK Kees Cook
2018-07-12 15:11 ` Arnd Bergmann
2018-07-12 20:23 ` Kees Cook
2018-07-12 20:30 ` Kees Cook [this message]
2018-07-12 21:15 ` Arnd Bergmann
2018-07-12 21:38 ` Kees Cook
2018-07-12 21:28 ` David Howells
2018-07-12 21:34 ` Kees Cook
2018-07-12 22:05 ` David Howells
2018-07-11 20:36 ` [PATCH v4 14/14] crypto: skcipher: Remove " Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAGXu5jK7iRv1HE7JgW95vTgg5vhye4dxjfoQyN3G7HZzp7nZhA@mail.gmail.com \
--to=keescook@chromium.org \
--cc=agk@redhat.com \
--cc=arnd@arndb.de \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=dm-devel@redhat.com \
--cc=ebiggers@google.com \
--cc=giovanni.cabiddu@intel.com \
--cc=gustavo@embeddedor.com \
--cc=herbert@gondor.apana.org.au \
--cc=larper@axis.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=qat-linux@intel.com \
--cc=rabinv@axis.com \
--cc=snitzer@redhat.com \
--cc=tim.c.chen@linux.intel.com \
--cc=yamada.masahiro@socionext.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).