Received: by 10.213.65.68 with SMTP id h4csp1403131imn; Sun, 8 Apr 2018 02:40:10 -0700 (PDT) X-Google-Smtp-Source: AIpwx49h7i8k02GLOuQuR4pFuB6kazbt2JKDUusRUA9lq2VSEw+2E3lbRTi864usxtvZDkfiLpx/ X-Received: by 2002:a17:902:228:: with SMTP id 37-v6mr34415656plc.141.1523180409957; Sun, 08 Apr 2018 02:40:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523180409; cv=none; d=google.com; s=arc-20160816; b=GoQVQkYEnjrHNzxBVL6GailIxwdfPLAkXteTlzW6UBvpn6wjQevHq2JP3Zz4P6oN9u EVM3UeQIbwc2+WKkwblyP0IQp+SrRKC0rz4Ctf7BmafLU48Xyj1vFVuN+MSu+TPIFhgE ox/nhaXSMP15UcUzJkDLSjSF2VMG+KCG4op0OBXDF05a33qGPkuDfM5BatKLlHkp1Iyh NHercAY1xRXRDRMkxFFX4AJ9nAY+bWxWgHoybvFKRWvgDcs8pqaI5F3fiofZ4R/sGJk6 teJIp5yZWqJC+NrZIle/PqKzkEbrD3B/F0FMQXzhkjRM/E+ZeIsSVFbX8QROX/NlxI4u LjGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=kGjzDJpnHEu4U/ZnYuasmd2evtUBy8zSWfjxwlzLlJU=; b=hqsJUGgGNF97cKgQFKEjq+w54h9eHvdTdezQda8lZeuRxyBF/9pzfIiF8DbyrgqKcw qXgwx+Quba0Yoo68yLbMNVnbRY04kY9mOVnWGkC57cYCjIC5skeKy9TN++npMjI3GgF8 iKTYzK92zuy+M6IFfB0tvSZxbhOVitL2are0GiO071Nh/lHKKkTI2u3vsXQQYHCblCto DhbPRj3NHWyC5cvNdIF8JshcO/q1HtYlvohj9iweWIdL+rYltlmLm9WnrIaIrcMZi4aK YsWYC/oWpA8DFTHlNP61RiAl9gJfo6gvKaaWch5mDbZu5M2VArftqvqfq/crx5h+5sCr yStw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=qhbyn5GZ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z69si10905803pfk.321.2018.04.08.02.39.33; Sun, 08 Apr 2018 02:40:09 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=qhbyn5GZ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752594AbeDHI7K (ORCPT + 99 others); Sun, 8 Apr 2018 04:59:10 -0400 Received: from mail-ua0-f194.google.com ([209.85.217.194]:44981 "EHLO mail-ua0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751697AbeDHI7J (ORCPT ); Sun, 8 Apr 2018 04:59:09 -0400 Received: by mail-ua0-f194.google.com with SMTP id r16so3210443uak.11; Sun, 08 Apr 2018 01:59:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=kGjzDJpnHEu4U/ZnYuasmd2evtUBy8zSWfjxwlzLlJU=; b=qhbyn5GZHFTnciJBCfOqMbPgR/7CRQcjajKl4NX4wHG7IClPFfcGF78y3amrnFcPAx PBW4uvp4BjcV7p6gMw1+pZJokXF0QJS/+PLBWpr8KkIlf6OGYrebLNr3WK1VMehMQf8W RfRoK2KypYQVUC55E5B6gBt7Vtq99XwuivXJ8jwWoHmcxgSg2Ye6tW8OE2I72uLCknWa fWbHvkMd9gc1EUGgHgrZcoYs1zVyClLhYSpoJliuG/SBIA9boGCLR3TsbMOkRqmnUM65 TseB/CIcTaw+7jPm1I7/2I8ssp3uKfJ7do4AXDQAcf3ImGG7zfLQlyGeBsRUC2tQVdNa DPpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=kGjzDJpnHEu4U/ZnYuasmd2evtUBy8zSWfjxwlzLlJU=; b=nXIIq1pLGYciFWki2pU9y4nvj0u+jyHU6qkbUE3h6igXCGFFl7QWxo2DT8OhlR3LV6 sguIYh3qDN4CIR7kLw1nWWlFSQ1r/yD/IkL1KVyWGEeH4na6ImTucd1AKn9juNHMG8hd 1YDJOZG0pncG3JdbooGApxnvSH7c0DqbEuOuLnz/nMg2HnKKvh7giqvpvQ/KcJXeXtsY I0DGD9C2qYwznzwWvVPDAiFzyP/XIQ27/l5J0rXtOIBHqhhNB0IXp+IfIQ9cIcD+aFhj x8UzneQwb+2Wk+5QOcfxx96l10yV1PclHtuXtSFBQn8RIzR9HylcHE2Pe6EvY4Tumbqo vaqQ== X-Gm-Message-State: ALQs6tDuRgdSYRWhcrsJkOBHc2tLYLJ6iRJZ2G63wxyVzi4/wJpCp/nc txLqUFplhWOhcLbbWOMLqyHIPRu04LO9AxmyWpU= X-Received: by 10.159.49.94 with SMTP id n30mr21729018uab.169.1523177948621; Sun, 08 Apr 2018 01:59:08 -0700 (PDT) MIME-Version: 1.0 Received: by 10.103.179.9 with HTTP; Sun, 8 Apr 2018 01:58:48 -0700 (PDT) In-Reply-To: <20180408031935.GC25197@gondor.apana.org.au> References: <1523126303-23205-1-git-send-email-s.mesoraca16@gmail.com> <1523126303-23205-3-git-send-email-s.mesoraca16@gmail.com> <20180408031935.GC25197@gondor.apana.org.au> From: Salvatore Mesoraca Date: Sun, 8 Apr 2018 10:58:48 +0200 Message-ID: Subject: Re: [PATCH 2/6] crypto: ctr - avoid VLA use To: Herbert Xu Cc: linux-kernel@vger.kernel.org, Kernel Hardening , linux-crypto@vger.kernel.org, "David S. Miller" , Kees Cook , Eric Biggers , Laura Abbott Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 018-04-08 5:19 GMT+02:00 Herbert Xu : > On Sat, Apr 07, 2018 at 08:38:19PM +0200, Salvatore Mesoraca wrote: >> >> @@ -206,6 +207,14 @@ static struct crypto_instance *crypto_ctr_alloc(struct rtattr **tb) >> if (alg->cra_blocksize < 4) >> goto out_put_alg; >> >> + /* Block size must be <= MAX_BLOCKSIZE. */ >> + if (alg->cra_blocksize > MAX_BLOCKSIZE) >> + goto out_put_alg; >> + >> + /* Alignmask must be <= MAX_ALIGNMASK. */ >> + if (alg->cra_alignmask > MAX_ALIGNMASK) >> + goto out_put_alg; >> + > > Since you're also adding a check to cipher algorithms in general, > none of these individual checks are needed anymore. Fair enough. After removing the individual checks the modification to the single files will be just a couple of lines, is it OK for you if I collapse all of them in just a single commit? Thank you, Salvatore