Received: by 10.192.165.148 with SMTP id m20csp4143456imm;
        Mon, 23 Apr 2018 20:14:55 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4/2A6dyboPd/XIdgxgPpOnIrp5dJFdhlBTg3Q7AC19JkN9D779vzPQaXFZAxos2iVJjN0iC
X-Received: by 2002:a17:902:2a43:: with SMTP id i61-v6mr23647018plb.54.1524539695371;
        Mon, 23 Apr 2018 20:14:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1524539695; cv=none;
        d=google.com; s=arc-20160816;
        b=B/lWldOIKPxRAqkoG2MGLPkZh1h31kH2RJGwLgVfNCluBzbIZbNRFqrVgL0zbFNCJA
         5xnG3M5vTqPBoLyZ+YL8miaVYr5VTxAFLg80ddvRJ9o/ZOpgofEsaHtBmukvzcFAYONi
         LWKtuAz4TVqo0r0nSUrqKPzU2Kn+iQTUCipUGRETPnkTUzji8elW7bw4YFHAO4FLhAaU
         Gpl/bTc7JKr20aQbLtg7wPjG0N3FduKYBRvSTCEl8kpktrGybvwFTI64tG/ILCQdqaB5
         u0zqFWz0fvGn7BUby5mkncaJvCrwAYvIfK9FxFbxxkMhfg6tUGXb32o/Xkj2ONM05KbM
         zzVw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature:arc-authentication-results;
        bh=OJqyR4OrhkcwYBtwzsSU8YLhkBfAj/+05OeJn6O3w7Q=;
        b=mJ1+YH8yJhTatdKtZOIDXQtm/00seObZHFKeZW7zE3LiHLzyoDHROik6C+7SzgBUFI
         SJlQCK/dx82DZxCNw15wmEZnmNs/cNGht6m26B7vMoL6iaRqRp6MSohvAwy9YYDWBy9b
         K3OALvxrzrEyn0rgEaT36VLM148Y/eJMaYqDFNRDUALfDkQA7xUYBMaqzN12cEBl0Y/i
         3NoOKl7eoehxo3Ut9+B9S0TyWHBnudS7tcssmIOezM4Vi05OrsBWucM6PKhD7WDQCydD
         pDKwl7xGmB1d93iVrX+ZQUOd0wNwAZxxaJJf1haH7AroCRH1nE+QUZulj59qtiv+mBp0
         Gxsg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@tycho-ws.20150623.gappssmtp.com header.s=20150623 header.b=M0wY0HWW;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id a23si8670372pfh.295.2018.04.23.20.14.39;
        Mon, 23 Apr 2018 20:14:55 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@tycho-ws.20150623.gappssmtp.com header.s=20150623 header.b=M0wY0HWW;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932810AbeDXDNa (ORCPT <rfc822;learnos2017@gmail.com>
        + 99 others); Mon, 23 Apr 2018 23:13:30 -0400
Received: from mail-io0-f193.google.com ([209.85.223.193]:42884 "EHLO
        mail-io0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S932776AbeDXDN2 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 23 Apr 2018 23:13:28 -0400
Received: by mail-io0-f193.google.com with SMTP id a10-v6so3020955ioc.9
        for <linux-kernel@vger.kernel.org>; Mon, 23 Apr 2018 20:13:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=tycho-ws.20150623.gappssmtp.com; s=20150623;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=OJqyR4OrhkcwYBtwzsSU8YLhkBfAj/+05OeJn6O3w7Q=;
        b=M0wY0HWWjNe7F82Q27eCmvZAus+Mxf3Nan8o59f+tA+FqtyTxfacI5PztR/EdB2yMC
         JFFLJYTjcGDRhr5oUy3XZ0dnp7RtMFaLqqePAOMeYKjD5bRMs+jtYZUHi3dJz+zxCNBo
         Mb7YpSHVM4Bwd4Pj4SBk0aZ/hLHgyKhvekAfdyP3Ixlt2ex9e2qoyXv2nSzhH0ELzsw7
         t3b1ML1aXNvsQRdzcu2TzUzX6coL7YOV+M2TWfUmc7R8j3sVAegbQeoqVyel/mWjTUsM
         ypOnxKnOgZ6lTWp+po5slxERrOGFAcys95Yu8JFpdSMIv+bchABHbDSbYjDYzj3ETitO
         udZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to:user-agent;
        bh=OJqyR4OrhkcwYBtwzsSU8YLhkBfAj/+05OeJn6O3w7Q=;
        b=d+0HgpmEsDqT1Yx3JKJV3hUNLo35J84GLHn5sYbbof7XQFpNQYX96CzFRuqm6gJ5/e
         45Y19bY5RkcESrcdhfXb9FALFwhu2J/Lz/M9kyKyfSo9JqkoOAhFlSrUIK3BvPpGNEKw
         wYzhbme3kcLh9iHdkBfR1W1bCDenf5GPd3nwsCAJEtSlnASRr3hbfV8zaAH2hI8AG/mn
         lB3tj0B/ajl6FRfF7TCsv6wWCdsu59vx8pgn4PoqBMEGAZUe8xXorLPy9xHw5mp276GJ
         YIWOPmmHNsTP76wqzFMxnfNzZ8lvILESmSzcHJnpGvung17NmEnYaFdFhNAKw5iNYRkf
         0WZw==
X-Gm-Message-State: ALQs6tDSJFymMox+I0Uf855nl3tGtDefpt3O2WLp8qAppBO0k13aNcwq
        XebrcsXdi9qba0nzOTLPYvx7qw==
X-Received: by 2002:a6b:8753:: with SMTP id j80-v6mr23493865iod.14.1524539607822;
        Mon, 23 Apr 2018 20:13:27 -0700 (PDT)
Received: from cisco (174-16-199-190.hlrn.qwest.net. [174.16.199.190])
        by smtp.gmail.com with ESMTPSA id 67-v6sm6576869iow.4.2018.04.23.20.13.25
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Mon, 23 Apr 2018 20:13:26 -0700 (PDT)
Date:   Mon, 23 Apr 2018 21:13:24 -0600
From:   Tycho Andersen <tycho@tycho.ws>
To:     David Howells <dhowells@redhat.com>
Cc:     keyrings@vger.kernel.org, linux-security-module@vger.kernel.org,
        linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com,
        James Morris <jmorris@namei.org>,
        "Serge E. Hallyn" <serge@hallyn.com>,
        Eric Biggers <ebiggers3@gmail.com>
Subject: Re: [PATCH 3/3] dh key: get rid of stack allocated array for zeroes
Message-ID: <20180424031324.GA3125@cisco>
References: <20180424010321.14739-1-tycho@tycho.ws>
 <20180424010321.14739-3-tycho@tycho.ws>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20180424010321.14739-3-tycho@tycho.ws>
User-Agent: Mutt/1.9.4 (2018-02-28)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Apr 23, 2018 at 07:03:21PM -0600, Tycho Andersen wrote:
> We're interested in getting rid of all of the stack allocated arrays in
> the kernel: https://lkml.org/lkml/2018/3/7/621
> 
> This case is interesting, since we really just need an array of bytes that
> are zero. The loop already ensures that if the array isn't exactly the
> right size that enough zero bytes will be copied in. So, instead of
> choosing this value to be the size of the hash, let's just choose it to be
> 256, since that is a common size, is not to big, and will not result in too
> many extra iterations of the loop.
> 
> v2: split out from other patch, just hardcode array size instead of
>     dynamically allocating something the right size
> 
> Signed-off-by: Tycho Andersen <tycho@tycho.ws>
> CC: David Howells <dhowells@redhat.com>
> CC: James Morris <jmorris@namei.org>
> CC: "Serge E. Hallyn" <serge@hallyn.com>
> CC: Eric Biggers <ebiggers3@gmail.com>
> ---
>  security/keys/dh.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/security/keys/dh.c b/security/keys/dh.c
> index 9fecaea6c298..74f8a853872e 100644
> --- a/security/keys/dh.c
> +++ b/security/keys/dh.c
> @@ -162,8 +162,8 @@ static int kdf_ctr(struct kdf_sdesc *sdesc, const u8 *src, unsigned int slen,
>  			goto err;
>  
>  		if (zlen && h) {
> -			u8 tmpbuffer[h];
> -			size_t chunk = min_t(size_t, zlen, h);
> +			u8 tmpbuffer[256];

Whoops, this should be 32, not 256. That shouldn't make any runtime
difference, but it'll closer match the allocation patterns from
before.

I'll let this sit for a bit and send v3.

Tycho