From: Kees Cook <keescook@chromium.org>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Kees Cook <keescook@chromium.org>,
Jamie Iles <jamie@jamieiles.com>,
linux-arm-kernel@lists.infradead.org,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Eric Biggers <ebiggers@google.com>,
linux-crypto <linux-crypto@vger.kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: [PATCH crypto-next 22/23] crypto: picoxcell - Remove VLA usage of skcipher
Date: Tue, 18 Sep 2018 19:10:59 -0700 [thread overview]
Message-ID: <20180919021100.3380-23-keescook@chromium.org> (raw)
In-Reply-To: <20180919021100.3380-1-keescook@chromium.org>
In the quest to remove all stack VLA usage from the kernel[1], this
replaces struct crypto_skcipher and SKCIPHER_REQUEST_ON_STACK() usage
with struct crypto_sync_skcipher and SYNC_SKCIPHER_REQUEST_ON_STACK(),
which uses a fixed stack size.
[1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com
Cc: Jamie Iles <jamie@jamieiles.com>
Cc: linux-arm-kernel@lists.infradead.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
drivers/crypto/picoxcell_crypto.c | 21 ++++++++++-----------
1 file changed, 10 insertions(+), 11 deletions(-)
diff --git a/drivers/crypto/picoxcell_crypto.c b/drivers/crypto/picoxcell_crypto.c
index 321d5e2ac833..a28f1d18fe01 100644
--- a/drivers/crypto/picoxcell_crypto.c
+++ b/drivers/crypto/picoxcell_crypto.c
@@ -171,7 +171,7 @@ struct spacc_ablk_ctx {
* The fallback cipher. If the operation can't be done in hardware,
* fallback to a software version.
*/
- struct crypto_skcipher *sw_cipher;
+ struct crypto_sync_skcipher *sw_cipher;
};
/* AEAD cipher context. */
@@ -799,17 +799,17 @@ static int spacc_aes_setkey(struct crypto_ablkcipher *cipher, const u8 *key,
* Set the fallback transform to use the same request flags as
* the hardware transform.
*/
- crypto_skcipher_clear_flags(ctx->sw_cipher,
+ crypto_sync_skcipher_clear_flags(ctx->sw_cipher,
CRYPTO_TFM_REQ_MASK);
- crypto_skcipher_set_flags(ctx->sw_cipher,
+ crypto_sync_skcipher_set_flags(ctx->sw_cipher,
cipher->base.crt_flags &
CRYPTO_TFM_REQ_MASK);
- err = crypto_skcipher_setkey(ctx->sw_cipher, key, len);
+ err = crypto_sync_skcipher_setkey(ctx->sw_cipher, key, len);
tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK;
tfm->crt_flags |=
- crypto_skcipher_get_flags(ctx->sw_cipher) &
+ crypto_sync_skcipher_get_flags(ctx->sw_cipher) &
CRYPTO_TFM_RES_MASK;
if (err)
@@ -914,7 +914,7 @@ static int spacc_ablk_do_fallback(struct ablkcipher_request *req,
struct crypto_tfm *old_tfm =
crypto_ablkcipher_tfm(crypto_ablkcipher_reqtfm(req));
struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(old_tfm);
- SKCIPHER_REQUEST_ON_STACK(subreq, ctx->sw_cipher);
+ SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->sw_cipher);
int err;
/*
@@ -922,7 +922,7 @@ static int spacc_ablk_do_fallback(struct ablkcipher_request *req,
* the ciphering has completed, put the old transform back into the
* request.
*/
- skcipher_request_set_tfm(subreq, ctx->sw_cipher);
+ skcipher_request_set_sync_tfm(subreq, ctx->sw_cipher);
skcipher_request_set_callback(subreq, req->base.flags, NULL, NULL);
skcipher_request_set_crypt(subreq, req->src, req->dst,
req->nbytes, req->info);
@@ -1020,9 +1020,8 @@ static int spacc_ablk_cra_init(struct crypto_tfm *tfm)
ctx->generic.flags = spacc_alg->type;
ctx->generic.engine = engine;
if (alg->cra_flags & CRYPTO_ALG_NEED_FALLBACK) {
- ctx->sw_cipher = crypto_alloc_skcipher(
- alg->cra_name, 0, CRYPTO_ALG_ASYNC |
- CRYPTO_ALG_NEED_FALLBACK);
+ ctx->sw_cipher = crypto_alloc_sync_skcipher(
+ alg->cra_name, 0, CRYPTO_ALG_NEED_FALLBACK);
if (IS_ERR(ctx->sw_cipher)) {
dev_warn(engine->dev, "failed to allocate fallback for %s\n",
alg->cra_name);
@@ -1041,7 +1040,7 @@ static void spacc_ablk_cra_exit(struct crypto_tfm *tfm)
{
struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);
- crypto_free_skcipher(ctx->sw_cipher);
+ crypto_free_sync_skcipher(ctx->sw_cipher);
}
static int spacc_ablk_encrypt(struct ablkcipher_request *req)
--
2.17.1
WARNING: multiple messages have this Message-ID (diff)
From: keescook@chromium.org (Kees Cook)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH crypto-next 22/23] crypto: picoxcell - Remove VLA usage of skcipher
Date: Tue, 18 Sep 2018 19:10:59 -0700 [thread overview]
Message-ID: <20180919021100.3380-23-keescook@chromium.org> (raw)
In-Reply-To: <20180919021100.3380-1-keescook@chromium.org>
In the quest to remove all stack VLA usage from the kernel[1], this
replaces struct crypto_skcipher and SKCIPHER_REQUEST_ON_STACK() usage
with struct crypto_sync_skcipher and SYNC_SKCIPHER_REQUEST_ON_STACK(),
which uses a fixed stack size.
[1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA at mail.gmail.com
Cc: Jamie Iles <jamie@jamieiles.com>
Cc: linux-arm-kernel at lists.infradead.org
Signed-off-by: Kees Cook <keescook@chromium.org>
---
drivers/crypto/picoxcell_crypto.c | 21 ++++++++++-----------
1 file changed, 10 insertions(+), 11 deletions(-)
diff --git a/drivers/crypto/picoxcell_crypto.c b/drivers/crypto/picoxcell_crypto.c
index 321d5e2ac833..a28f1d18fe01 100644
--- a/drivers/crypto/picoxcell_crypto.c
+++ b/drivers/crypto/picoxcell_crypto.c
@@ -171,7 +171,7 @@ struct spacc_ablk_ctx {
* The fallback cipher. If the operation can't be done in hardware,
* fallback to a software version.
*/
- struct crypto_skcipher *sw_cipher;
+ struct crypto_sync_skcipher *sw_cipher;
};
/* AEAD cipher context. */
@@ -799,17 +799,17 @@ static int spacc_aes_setkey(struct crypto_ablkcipher *cipher, const u8 *key,
* Set the fallback transform to use the same request flags as
* the hardware transform.
*/
- crypto_skcipher_clear_flags(ctx->sw_cipher,
+ crypto_sync_skcipher_clear_flags(ctx->sw_cipher,
CRYPTO_TFM_REQ_MASK);
- crypto_skcipher_set_flags(ctx->sw_cipher,
+ crypto_sync_skcipher_set_flags(ctx->sw_cipher,
cipher->base.crt_flags &
CRYPTO_TFM_REQ_MASK);
- err = crypto_skcipher_setkey(ctx->sw_cipher, key, len);
+ err = crypto_sync_skcipher_setkey(ctx->sw_cipher, key, len);
tfm->crt_flags &= ~CRYPTO_TFM_RES_MASK;
tfm->crt_flags |=
- crypto_skcipher_get_flags(ctx->sw_cipher) &
+ crypto_sync_skcipher_get_flags(ctx->sw_cipher) &
CRYPTO_TFM_RES_MASK;
if (err)
@@ -914,7 +914,7 @@ static int spacc_ablk_do_fallback(struct ablkcipher_request *req,
struct crypto_tfm *old_tfm =
crypto_ablkcipher_tfm(crypto_ablkcipher_reqtfm(req));
struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(old_tfm);
- SKCIPHER_REQUEST_ON_STACK(subreq, ctx->sw_cipher);
+ SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->sw_cipher);
int err;
/*
@@ -922,7 +922,7 @@ static int spacc_ablk_do_fallback(struct ablkcipher_request *req,
* the ciphering has completed, put the old transform back into the
* request.
*/
- skcipher_request_set_tfm(subreq, ctx->sw_cipher);
+ skcipher_request_set_sync_tfm(subreq, ctx->sw_cipher);
skcipher_request_set_callback(subreq, req->base.flags, NULL, NULL);
skcipher_request_set_crypt(subreq, req->src, req->dst,
req->nbytes, req->info);
@@ -1020,9 +1020,8 @@ static int spacc_ablk_cra_init(struct crypto_tfm *tfm)
ctx->generic.flags = spacc_alg->type;
ctx->generic.engine = engine;
if (alg->cra_flags & CRYPTO_ALG_NEED_FALLBACK) {
- ctx->sw_cipher = crypto_alloc_skcipher(
- alg->cra_name, 0, CRYPTO_ALG_ASYNC |
- CRYPTO_ALG_NEED_FALLBACK);
+ ctx->sw_cipher = crypto_alloc_sync_skcipher(
+ alg->cra_name, 0, CRYPTO_ALG_NEED_FALLBACK);
if (IS_ERR(ctx->sw_cipher)) {
dev_warn(engine->dev, "failed to allocate fallback for %s\n",
alg->cra_name);
@@ -1041,7 +1040,7 @@ static void spacc_ablk_cra_exit(struct crypto_tfm *tfm)
{
struct spacc_ablk_ctx *ctx = crypto_tfm_ctx(tfm);
- crypto_free_skcipher(ctx->sw_cipher);
+ crypto_free_sync_skcipher(ctx->sw_cipher);
}
static int spacc_ablk_encrypt(struct ablkcipher_request *req)
--
2.17.1
next prev parent reply other threads:[~2018-09-19 2:10 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-19 2:10 [PATCH crypto-next 00/23] crypto: skcipher - Remove VLA usage Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 01/23] crypto: skcipher - Introduce crypto_sync_skcipher Kees Cook
2018-09-24 11:48 ` Ard Biesheuvel
2018-09-24 11:48 ` Ard Biesheuvel
2018-09-19 2:10 ` [PATCH crypto-next 02/23] gss_krb5: Remove VLA usage of skcipher Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 03/23] lib80211: " Kees Cook
2018-09-19 20:37 ` Johannes Berg
2018-09-19 2:10 ` [PATCH crypto-next 04/23] mac802154: " Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 05/23] s390/crypto: " Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 06/23] x86/fpu: " Kees Cook
2018-09-24 11:45 ` Ard Biesheuvel
2018-09-24 11:45 ` Ard Biesheuvel
2018-09-24 17:35 ` Kees Cook
2018-09-24 17:35 ` Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 07/23] block: cryptoloop: " Kees Cook
2018-09-24 11:52 ` Ard Biesheuvel
2018-09-24 11:52 ` Ard Biesheuvel
2018-09-24 17:53 ` Kees Cook
2018-09-24 17:53 ` Kees Cook
2018-09-25 9:25 ` Ard Biesheuvel
2018-09-25 9:25 ` Ard Biesheuvel
2018-09-25 16:03 ` Jens Axboe
2018-09-25 16:03 ` Jens Axboe
2018-09-25 16:16 ` Ard Biesheuvel
2018-09-25 16:16 ` Ard Biesheuvel
2018-09-25 16:32 ` Jens Axboe
2018-09-25 16:32 ` Jens Axboe
2018-09-26 8:19 ` Ard Biesheuvel
2018-09-26 8:19 ` Ard Biesheuvel
2018-09-19 2:10 ` [PATCH crypto-next 08/23] libceph: " Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 09/23] ppp: mppe: " Kees Cook
2018-09-19 2:10 ` Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 10/23] rxrpc: " Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 11/23] wusb: " Kees Cook
2018-09-19 2:10 ` [crypto-next,11/23] " Kees Cook
2018-09-20 10:39 ` [PATCH crypto-next 11/23] " Greg Kroah-Hartman
2018-09-20 10:39 ` [crypto-next,11/23] " Greg Kroah-Hartman
2018-09-19 2:10 ` [PATCH crypto-next 12/23] crypto: ccp - " Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 13/23] crypto: vmx " Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 14/23] crypto: null " Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 15/23] crypto: cryptd " Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 16/23] crypto: sahara " Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 17/23] crypto: qce " Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 18/23] crypto: artpec6 " Kees Cook
2018-09-23 12:13 ` Lars Persson
2018-09-19 2:10 ` [PATCH crypto-next 19/23] crypto: chelsio " Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 20/23] crypto: mxs-dcp " Kees Cook
2018-09-19 2:10 ` [PATCH crypto-next 21/23] crypto: omap-aes " Kees Cook
2018-09-19 2:10 ` Kees Cook [this message]
2018-09-19 2:10 ` [PATCH crypto-next 22/23] crypto: picoxcell " Kees Cook
2018-09-19 2:11 ` [PATCH crypto-next 23/23] crypto: skcipher - Remove SKCIPHER_REQUEST_ON_STACK() Kees Cook
2018-09-25 0:49 ` [PATCH crypto-next 00/23] crypto: skcipher - Remove VLA usage Kees Cook
2018-09-25 4:49 ` Herbert Xu
2018-09-25 15:39 ` Kees Cook
2018-09-28 5:08 ` Herbert Xu
2018-09-28 16:13 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180919021100.3380-23-keescook@chromium.org \
--to=keescook@chromium.org \
--cc=ard.biesheuvel@linaro.org \
--cc=ebiggers@google.com \
--cc=herbert@gondor.apana.org.au \
--cc=jamie@jamieiles.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.