Received: by 10.192.165.148 with SMTP id m20csp4050263imm;
        Mon, 23 Apr 2018 18:05:44 -0700 (PDT)
X-Google-Smtp-Source: AIpwx48TvqrVR1LdTPaEGw+kv9PqIWvymEQ0l0Lt1tAyTMHH9wV0X9MnjEFw3/PNblrwkG/w5GK1
X-Received: by 10.101.72.68 with SMTP id i4mr18462738pgs.265.1524531944825;
        Mon, 23 Apr 2018 18:05:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1524531944; cv=none;
        d=google.com; s=arc-20160816;
        b=wEafJ98CNrI+U6Sbpvd/q0Ou0u4FT9L1S/F8VkY6h/XDsmSPOXb499Kwo4eK9gke4w
         BfrSA1iPSi8AnLY6yxzJtSzkqG5vB6jaEqmwTqsVGLZwpyQjMU9TlLiJRkT05TxVgz9U
         aeBbL1V5HwEvBQGX+Re2LKOvz51wbIxUkSZ/Hmy+uhPrXpQiKEFPtBZBzaLjMPJFFFSO
         2xpsVyoNdxV73QapEQiKajFLtZVV790Ws3+tsEuVb2QZSDMb3cxCjZmS6Qr2kl8OMEC0
         cEK1T4XP4m+UEQNOi2fzWcA0SNFdxmdtBRSJNZFi9CmqTt7dQNf2oSkrtE8vcAbibf8K
         23/A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:references:in-reply-to:message-id:date
         :subject:cc:to:from:dkim-signature:arc-authentication-results;
        bh=PopBxbGfzaql5PthbzfuQy9JDtfE3NU4JPCNXim3sd4=;
        b=JbESx+uooogpM4gDki6OSuYPDMIWyzcwAlKhj1ThLVWY/Dro9sScy158KDWC91hEIO
         4HSVe/8cUbifGNlwbFlhKP1qcY+QipD7TqDlkjJvq4lFKNu0dvy17E3zwCj+faeKfvLN
         +VBMF5wqRjDV/F+yLkKTzPI+tDEJFwrWbEXhMEhqBEZRbMVf/BJnaVhmoiOsDLWVDmrB
         2PDTVcN6zndcKbpmNCUO3xsIaqD7VAHxZ76ED+1o9S/f/CqikeaGlXAewuWStp2KeIDe
         pGop0XSO7zHulV7HUongqcpkzvYqan381OoxmrEwzcVAm/gyaFk+BP1MGn+lMhwj6TYJ
         HD6w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@tycho-ws.20150623.gappssmtp.com header.s=20150623 header.b=grndnHWa;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id m26si10790762pfa.45.2018.04.23.18.05.30;
        Mon, 23 Apr 2018 18:05:44 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@tycho-ws.20150623.gappssmtp.com header.s=20150623 header.b=grndnHWa;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932770AbeDXBDu (ORCPT <rfc822;learnos2017@gmail.com>
        + 99 others); Mon, 23 Apr 2018 21:03:50 -0400
Received: from mail-ot0-f194.google.com ([74.125.82.194]:35949 "EHLO
        mail-ot0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S932723AbeDXBDg (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 23 Apr 2018 21:03:36 -0400
Received: by mail-ot0-f194.google.com with SMTP id p2-v6so19379344otf.3
        for <linux-kernel@vger.kernel.org>; Mon, 23 Apr 2018 18:03:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=tycho-ws.20150623.gappssmtp.com; s=20150623;
        h=from:to:cc:subject:date:message-id:in-reply-to:references;
        bh=PopBxbGfzaql5PthbzfuQy9JDtfE3NU4JPCNXim3sd4=;
        b=grndnHWaqpdCqVoiT3E9FlYwUrw695Mx5oXrkHxT6A4WAkQ86Hx+6WSMxQJOx3LEEP
         afPbRxWSKYWxeonpDnun07KcA64woZ0h7OdpyhISWER8XpJNdRZ6fPHwO4geXKaSjaT3
         rqvXxL1SLe7eOmMYWurX6QZpWjWgW2LH+iMBVD2AbJM21oU2JwNNBQWl3dWGl31Fnk+U
         +Nw8hYgAcIBEy0X7lU8FP/FRXmlGhZPxA0ZJvlpeqiJdTpsQQVgPPmbX5Nvf+4eCdW8l
         MsNP5vd9tUHtE4BR7DEN6yZF0cGnAg4c4gGN/fUB9TZ70ZHUWYJfFjkbJSSkdDuWyUkt
         Ue9Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references;
        bh=PopBxbGfzaql5PthbzfuQy9JDtfE3NU4JPCNXim3sd4=;
        b=kac2PcL1oyKdMvE+wosUB6RbDFepIzQcvORIigXSX/6vb/1AHX8jvgf2bJL8JvYGaI
         uccTPqR0RB/glDrkZfxoDDzF/MtjSgT3vZ9XMlqlPvw0Fzx7LZR4V6wINaVm0oNpXi71
         1W4wecHfktSWvjwMHLEtrTM7yN20Im4NLpC4aK4h6hZLL0x0nKDrOq4eN5J5Et15gWhH
         fQFQJPNKGJBLWkdRtciUjbaM5M1V66t6m+tj4cwBURC8bhDMDkTiaA1LX7NnSOgzotEa
         c7uunsSkggKpnbCOnfc5ElQi+RLLt94zE+3oQK/RnTqqkRRxdasOylzXwCdrVqQZOHI1
         gFQg==
X-Gm-Message-State: ALQs6tA0i02CbV7hhofiJIDFqiU0rn3WxDhdRijBr6fD/FH01TL3ME1F
        h2H4ejTY4plAIIAt/fxbId2HIQ==
X-Received: by 2002:a9d:400d:: with SMTP id m13-v6mr16021310ote.391.1524531816240;
        Mon, 23 Apr 2018 18:03:36 -0700 (PDT)
Received: from cisco.lan ([8.24.24.129])
        by smtp.gmail.com with ESMTPSA id n204-v6sm7410331oia.3.2018.04.23.18.03.34
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 23 Apr 2018 18:03:35 -0700 (PDT)
From:   Tycho Andersen <tycho@tycho.ws>
To:     David Howells <dhowells@redhat.com>
Cc:     keyrings@vger.kernel.org, linux-security-module@vger.kernel.org,
        linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com,
        Tycho Andersen <tycho@tycho.ws>,
        James Morris <jmorris@namei.org>,
        "Serge E. Hallyn" <serge@hallyn.com>,
        Eric Biggers <ebiggers3@gmail.com>
Subject: [PATCH 3/3] dh key: get rid of stack allocated array for zeroes
Date:   Mon, 23 Apr 2018 19:03:21 -0600
Message-Id: <20180424010321.14739-3-tycho@tycho.ws>
X-Mailer: git-send-email 2.17.0
In-Reply-To: <20180424010321.14739-1-tycho@tycho.ws>
References: <20180424010321.14739-1-tycho@tycho.ws>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

We're interested in getting rid of all of the stack allocated arrays in
the kernel: https://lkml.org/lkml/2018/3/7/621

This case is interesting, since we really just need an array of bytes that
are zero. The loop already ensures that if the array isn't exactly the
right size that enough zero bytes will be copied in. So, instead of
choosing this value to be the size of the hash, let's just choose it to be
256, since that is a common size, is not to big, and will not result in too
many extra iterations of the loop.

v2: split out from other patch, just hardcode array size instead of
    dynamically allocating something the right size

Signed-off-by: Tycho Andersen <tycho@tycho.ws>
CC: David Howells <dhowells@redhat.com>
CC: James Morris <jmorris@namei.org>
CC: "Serge E. Hallyn" <serge@hallyn.com>
CC: Eric Biggers <ebiggers3@gmail.com>
---
 security/keys/dh.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/security/keys/dh.c b/security/keys/dh.c
index 9fecaea6c298..74f8a853872e 100644
--- a/security/keys/dh.c
+++ b/security/keys/dh.c
@@ -162,8 +162,8 @@ static int kdf_ctr(struct kdf_sdesc *sdesc, const u8 *src, unsigned int slen,
 			goto err;
 
 		if (zlen && h) {
-			u8 tmpbuffer[h];
-			size_t chunk = min_t(size_t, zlen, h);
+			u8 tmpbuffer[256];
+			size_t chunk = min_t(size_t, zlen, sizeof(tmpbuffer));
 			memset(tmpbuffer, 0, chunk);
 
 			do {
@@ -173,7 +173,7 @@ static int kdf_ctr(struct kdf_sdesc *sdesc, const u8 *src, unsigned int slen,
 					goto err;
 
 				zlen -= chunk;
-				chunk = min_t(size_t, zlen, h);
+				chunk = min_t(size_t, zlen, sizeof(tmpbuffer));
 			} while (zlen);
 		}
 
-- 
2.17.0