Received: by 10.213.65.68 with SMTP id h4csp1177594imn;
        Sat, 7 Apr 2018 20:20:16 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4/Jp6cNFkoeEvtBnpjg5MlPEY1DdOlw+a+9uJWMuCNFleeblDS43ib3yxoqsO1t1N+HZELh
X-Received: by 2002:a17:902:108a:: with SMTP id c10-v6mr33685195pla.22.1523157616789;
        Sat, 07 Apr 2018 20:20:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1523157616; cv=none;
        d=google.com; s=arc-20160816;
        b=KDXSxaIBPg7aSRglWJQ/gyDkxlT9ExK+LZSo77ccMnBMrKMaZWaLAArP2WvWlzPXK9
         oTzUPh9lppv0W/KfQvcNXJP2DNpvzJFAbOUnk+JIwkSUdo7FJxKIF/cYyJD4qz53liKl
         tV6sVkOmyAJWLzIqKmQCwc4NSlY0TrgbJFXiPfWqP9lt91FgKMs/Ecumagi6jgjVPlU8
         3myxRHjLr6eV4So9y5s7WBWaqhGCxF6nb6AFK0sp7TgVUy7xfc5AKtvlxZVFKTdf6UfF
         Vi3jxZu7EuIdmbZzMZnwTYPb9kGYrdkZnmzdvBvdeqBTnCJKWTE53BZdSNBqe6B2fatm
         pHUA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:arc-authentication-results;
        bh=BCklTb1ilLtiiibpZEmX1ZzWKMK5NdnLVRkDECek0Os=;
        b=0dGpPFQYpdo0O1JO+n/2BS01VyAnGuGFg1ced7ULmmp74dgdYipanO844jOtyBW2hx
         sGeeicAmPQjl2WF2Di/+w80FDNgARzWKWvR6CkW3jJml0u/Muym0vbV543BVL/VMxM50
         gTdGds6x4K1Fp/9YFs+E7uYnOXrGUTXhTwNfAK9EuZ8jr4ry7H0YkZWi74stT/IF9ucQ
         z42d0iRQJEEGPFWU/Tp+/nOGzKML5Iz/+IeTlKfdsB69aWuopNHBssPxJ7thmx4oww0O
         dBScyKt3IkFM2kBuGMrmvaG1dEQ4z6+UkHLxV3REyAuu8z6T7ELeTzlczwN/lmd1pSZF
         yaJQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id i128si10453637pfg.343.2018.04.07.20.19.40;
        Sat, 07 Apr 2018 20:20:16 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752774AbeDHDQz (ORCPT <rfc822;kkoh.linux@gmail.com>
        + 99 others); Sat, 7 Apr 2018 23:16:55 -0400
Received: from orcrist.hmeau.com ([104.223.48.154]:57176 "EHLO
        deadmen.hmeau.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752594AbeDHDQx (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 7 Apr 2018 23:16:53 -0400
Received: from gondobar.mordor.me.apana.org.au ([192.168.128.4] helo=gondobar)
        by deadmen.hmeau.com with esmtps (Exim 4.89 #2 (Debian))
        id 1f50p1-0006HH-HE; Sun, 08 Apr 2018 11:16:51 +0800
Received: from herbert by gondobar with local (Exim 4.84_2)
        (envelope-from <herbert@gondor.apana.org.au>)
        id 1f50oW-0006a2-2n; Sun, 08 Apr 2018 11:16:20 +0800
Date:   Sun, 8 Apr 2018 11:16:20 +0800
From:   Herbert Xu <herbert@gondor.apana.org.au>
To:     Salvatore Mesoraca <s.mesoraca16@gmail.com>
Cc:     linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com,
        linux-crypto@vger.kernel.org,
        "David S. Miller" <davem@davemloft.net>,
        Kees Cook <keescook@chromium.org>,
        Eric Biggers <ebiggers3@gmail.com>,
        Laura Abbott <labbott@redhat.com>
Subject: Re: [PATCH 3/6] crypto: api - avoid VLA use
Message-ID: <20180408031619.GB25197@gondor.apana.org.au>
References: <1523126303-23205-1-git-send-email-s.mesoraca16@gmail.com>
 <1523126303-23205-4-git-send-email-s.mesoraca16@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1523126303-23205-4-git-send-email-s.mesoraca16@gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sat, Apr 07, 2018 at 08:38:20PM +0200, Salvatore Mesoraca wrote:
>
>  int crypto_init_cipher_ops(struct crypto_tfm *tfm)
>  {
> +	const unsigned long alignmask = crypto_tfm_alg_alignmask(tfm);
> +	const unsigned int size = crypto_tfm_alg_blocksize(tfm);
>  	struct cipher_tfm *ops = &tfm->crt_cipher;
>  	struct cipher_alg *cipher = &tfm->__crt_alg->cra_cipher;
>  
> +	if (size > MAX_BLOCKSIZE || alignmask > MAX_ALIGNMASK)
> +		return -EINVAL;
> +

This check should be done when the algorithm is registered.  Perhaps
crypto_check_alg.

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt