Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755936AbdC1WD3 (ORCPT ); Tue, 28 Mar 2017 18:03:29 -0400 Received: from youngberry.canonical.com ([91.189.89.112]:46855 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752325AbdC1WD0 (ORCPT ); Tue, 28 Mar 2017 18:03:26 -0400 Subject: Re: [PATCH 1/1] apparmor: use SHASH_DESC_ON_STACK To: Nicolas Iooss , James Morris , "Serge E. Hallyn" , linux-security-module@vger.kernel.org References: <20170305143058.2554-1-nicolas.iooss_linux@m4x.org> Cc: linux-kernel@vger.kernel.org From: John Johansen Organization: Canonical Message-ID: Date: Tue, 28 Mar 2017 15:02:47 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0 MIME-Version: 1.0 In-Reply-To: <20170305143058.2554-1-nicolas.iooss_linux@m4x.org> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 3320 Lines: 102 On 03/05/2017 06:30 AM, Nicolas Iooss wrote: > When building the kernel with clang, the compiler fails to build > security/apparmor/crypto.c with the following error: > > security/apparmor/crypto.c:36:8: error: fields must have a constant > size: 'variable length array in structure' extension will never be > supported > char ctx[crypto_shash_descsize(apparmor_tfm)]; > ^ > > Since commit a0a77af14117 ("crypto: LLVMLinux: Add macro to remove use > of VLAIS in crypto code"), include/crypto/hash.h defines > SHASH_DESC_ON_STACK to work around this issue. Use it in aa_calc_hash() > and aa_calc_profile_hash(). > > Signed-off-by: Nicolas Iooss Acked-by: John Johansen I'll pull it into my tree and send it up this week > --- > security/apparmor/crypto.c | 32 +++++++++++++------------------- > 1 file changed, 13 insertions(+), 19 deletions(-) > > diff --git a/security/apparmor/crypto.c b/security/apparmor/crypto.c > index de8dc78b6144..136f2a047836 100644 > --- a/security/apparmor/crypto.c > +++ b/security/apparmor/crypto.c > @@ -31,10 +31,7 @@ unsigned int aa_hash_size(void) > > char *aa_calc_hash(void *data, size_t len) > { > - struct { > - struct shash_desc shash; > - char ctx[crypto_shash_descsize(apparmor_tfm)]; > - } desc; > + SHASH_DESC_ON_STACK(desc, apparmor_tfm); > char *hash = NULL; > int error = -ENOMEM; > > @@ -45,16 +42,16 @@ char *aa_calc_hash(void *data, size_t len) > if (!hash) > goto fail; > > - desc.shash.tfm = apparmor_tfm; > - desc.shash.flags = 0; > + desc->tfm = apparmor_tfm; > + desc->flags = 0; > > - error = crypto_shash_init(&desc.shash); > + error = crypto_shash_init(desc); > if (error) > goto fail; > - error = crypto_shash_update(&desc.shash, (u8 *) data, len); > + error = crypto_shash_update(desc, (u8 *) data, len); > if (error) > goto fail; > - error = crypto_shash_final(&desc.shash, hash); > + error = crypto_shash_final(desc, hash); > if (error) > goto fail; > > @@ -69,10 +66,7 @@ char *aa_calc_hash(void *data, size_t len) > int aa_calc_profile_hash(struct aa_profile *profile, u32 version, void *start, > size_t len) > { > - struct { > - struct shash_desc shash; > - char ctx[crypto_shash_descsize(apparmor_tfm)]; > - } desc; > + SHASH_DESC_ON_STACK(desc, apparmor_tfm); > int error = -ENOMEM; > __le32 le32_version = cpu_to_le32(version); > > @@ -86,19 +80,19 @@ int aa_calc_profile_hash(struct aa_profile *profile, u32 version, void *start, > if (!profile->hash) > goto fail; > > - desc.shash.tfm = apparmor_tfm; > - desc.shash.flags = 0; > + desc->tfm = apparmor_tfm; > + desc->flags = 0; > > - error = crypto_shash_init(&desc.shash); > + error = crypto_shash_init(desc); > if (error) > goto fail; > - error = crypto_shash_update(&desc.shash, (u8 *) &le32_version, 4); > + error = crypto_shash_update(desc, (u8 *) &le32_version, 4); > if (error) > goto fail; > - error = crypto_shash_update(&desc.shash, (u8 *) start, len); > + error = crypto_shash_update(desc, (u8 *) start, len); > if (error) > goto fail; > - error = crypto_shash_final(&desc.shash, profile->hash); > + error = crypto_shash_final(desc, profile->hash); > if (error) > goto fail; > >