Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp99144imm; Tue, 19 Jun 2018 16:50:16 -0700 (PDT) X-Google-Smtp-Source: ADUXVKI/EvV+udpbI7nJzsSranM5G2djHAQBWjLMLgf7z6iWL3FdePzdS/shsnTqiMHEKRYZM0TM X-Received: by 2002:a63:6107:: with SMTP id v7-v6mr16896327pgb.264.1529452216047; Tue, 19 Jun 2018 16:50:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1529452216; cv=none; d=google.com; s=arc-20160816; b=oOteCtPKAvUHIey1uUgYkxkJ3LBzNWzkRK1rS+O5blNHuyJnpXXpG0u8khMTSu8LTw DO8ik6N9VKVDNJ9H/hJm9oxQVNLYouL1hk1vKJ2yoCtMj9oJ0d/FJ1zm+TuJAC+QMhYO bWIRV6jMzhwb+U9Piu/ygJQb1iR09hewzGTRm7La8m4sbig2zN/bNJpy3s/jXU2y4xmR K1PFoal27le0x4DJpT4F3dUEcqB3Ipx8UKMz663X/CY9gZvNxSQKbhTbx9QypgqyPq+V raQkT/E5my/yZ+whU7RJhRuq7XZIDGtkcgXnXNCX5CrQE2Gcj/yrrW3fUkJLaNax4k0m 59zw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:references:in-reply-to:mime-version :dkim-signature:dkim-signature:arc-authentication-results; bh=QvTgeUtMZUrhyxxA/IeInTAuE0XOAQekEQKiTa4yBHQ=; b=mj1Po5hQwqzFBGA7+GMD5DtjyA0kNDsD2CT9gZbMX01VF09aglNj/n11LeEkSV994A VxCuOHLGw5en6b2d4KBPheS2o42XOHLascZc7RNKOZTubNKjoHeqluhOttwTuoM7ymph /o7xwv1m/55lFHmUUVHyq4m/T36hRSm9K5lp7NQAFrYbgZyhcyPpi4xJpTLrKTSYs5qP 1i3zBDUgmz6vDyWEQkl6fHhp7xEmDlWhTXiJ4JMZ6YCDAPG5RQIC8Y24vaR6OFX6g44e HzOeNT/wsZywKNT30OlVAqbZGGqrX8R7F9VjwNajHLqPhQLUg79NDbMQAnlfKdYqbMh0 T9pw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=DI11X+hW; dkim=fail header.i=@chromium.org header.s=google header.b=cDrVhlYe; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d2-v6si651556pgv.562.2018.06.19.16.50.01; Tue, 19 Jun 2018 16:50:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=DI11X+hW; dkim=fail header.i=@chromium.org header.s=google header.b=cDrVhlYe; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752827AbeFSXsW (ORCPT + 99 others); Tue, 19 Jun 2018 19:48:22 -0400 Received: from mail-yw0-f194.google.com ([209.85.161.194]:35317 "EHLO mail-yw0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751003AbeFSXsT (ORCPT ); Tue, 19 Jun 2018 19:48:19 -0400 Received: by mail-yw0-f194.google.com with SMTP id v131-v6so542150ywg.2 for ; Tue, 19 Jun 2018 16:48:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-transfer-encoding; bh=QvTgeUtMZUrhyxxA/IeInTAuE0XOAQekEQKiTa4yBHQ=; b=DI11X+hWZWDspJvMfHXNP8Qo0SC96BGQgZHXQjIt49wuDlqNCwIIrgYZTf8E9KgNIS 2tVK00ohz/0w4f/1hu1RAB8y6RM2erxdwGtMnqrRLXLa7X/OlfBPOxvKzaQ9HDjIqvtp 1/PR/IhHxbA6cc8xy3HdxY2WzmJtx1vMpY6JxIxSmCqvprv6cdZdHkQOAL4UOb859c8k Aq/qaSVuGWzbRQHUR3SNhWLEQIyR8kXh63LHBbMb0/gPCzojgjyx1aqs/RdyBb9bJX5a y8nNkOR1YYXFcv+I2mo3OtcSFnAlahZUjCzo5tC0Hdy4pvpsdCbcxe2YwCPGcyXuVGX9 wSVQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-transfer-encoding; bh=QvTgeUtMZUrhyxxA/IeInTAuE0XOAQekEQKiTa4yBHQ=; b=cDrVhlYeBE06VJ0OWdmJOzbamdKLP0potg7sUxrJs96xl6CiT7iZh2ntSM+AwA+XMZ HebnErmJqo5Shg+TiM/PSTXmb65wxw/GgFjifcWqPQLBJBV/hon6OLUeFbU37K4gteXq QhaWOfoWHUSBBkh+gKdvVxI89sFGDBEORKaMI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc:content-transfer-encoding; bh=QvTgeUtMZUrhyxxA/IeInTAuE0XOAQekEQKiTa4yBHQ=; b=XOyRAhCg79nOx4/GSkWDbkixnPQb5AeLu/Ooz3lvNp7QTRuEbfTT77OIUS88nyBePw AtwNO1wFKab6YSe6z6vRR31RmE24BekKt5aJV+Mw7v+BOJr1oRZCgG3EL9ciFke0pFFP M08Hi1oHO9O/9A3ilxtcoifERvtQc52ax88WLgenEXMV10DprlvsVHMbsiE0Vqrbl2eH WRDEwGr3Br7i9KClx/dam0aaOpOcRzO+UpCh6utrbMsbve6S9U/VwgAWGxOeewEuMmzC oY0JaqbwiGTrSnkikmaAJMPBNcR0HRZzP97LaF0TdwLGDBGurj6WcVWddG1PuC8cuk7K pOZw== X-Gm-Message-State: APt69E2LtcXcE9MRWkeXNRVnhVWLw+7XOoyXauKGkZf2dZph2XDF4wXi zYJyYOtE8R301EV+YFBFO7JrzH5YlJDL+ckTlj1irQ== X-Received: by 2002:a0d:d105:: with SMTP id t5-v6mr9397482ywd.53.1529452098411; Tue, 19 Jun 2018 16:48:18 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:d6c5:0:0:0:0:0 with HTTP; Tue, 19 Jun 2018 16:48:17 -0700 (PDT) In-Reply-To: <20180601110921.GC4695@parrot.com> References: <20180531184525.GA11068@beast> <20180601110921.GC4695@parrot.com> From: Kees Cook Date: Tue, 19 Jun 2018 16:48:17 -0700 X-Google-Sender-Auth: TcKai8UVlIQX8d_3AWI83Cw8oUU Message-ID: Subject: Re: [PATCH v3] lib/bch: Remove VLA usage To: Ivan Djelic Cc: Boris Brezillon , Brian Norris , David Woodhouse , Marek Vasut , Richard Weinberger , Linux mtd , LKML Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jun 1, 2018 at 4:09 AM, Ivan Djelic wrote: > On Thu, May 31, 2018 at 11:45:25AM -0700, Kees Cook wrote: >> In the quest to remove all stack VLA usage from the kernel[1], this >> allocates a fixed size stack array to cover the range needed for >> bch. This was done instead of a preallocation on the SLAB due to >> performance reasons, shown by Ivan Djelic: >> >> little-endian, type sizes: int=3D4 long=3D8 longlong=3D8 >> cpu: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz >> calibration: iter=3D4.9143=C2=B5s niter=3D2034 nsamples=3D200 m=3D13 t= =3D4 >> >> Buffer allocation | Encoding throughput (Mbit/s) >> --------------------------------------------------- >> on-stack, VLA | 3988 >> on-stack, fixed | 4494 >> kmalloc | 1967 >> >> So this change actually improves performance too, it seems. >> >> The resulting stack allocation can get rather large; without >> CONFIG_BCH_CONST_PARAMS, it will allocate 4096 bytes, which >> trips the stack size checking: >> >> lib/bch.c: In function =E2=80=98encode_bch=E2=80=99: >> lib/bch.c:261:1: warning: the frame size of 4432 bytes is larger than 20= 48 bytes [-Wframe-larger-than=3D] >> >> Even the default case for "allmodconfig" (with CONFIG_BCH_CONST_M=3D14 a= nd >> CONFIG_BCH_CONST_T=3D4) would have started throwing a warning: >> >> lib/bch.c: In function =E2=80=98encode_bch=E2=80=99: >> lib/bch.c:261:1: warning: the frame size of 2288 bytes is larger than 20= 48 bytes [-Wframe-larger-than=3D] >> >> But this is how large it's always been; it was just hidden from >> the checker because it was a VLA. So the Makefile has been adjusted to >> silence this warning for anything smaller than 4500 bytes, which should >> provide room for normal cases, but still low enough to catch any future >> pathological situations. >> >> [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=3DqPXy= dAacU1RqZWA@mail.gmail.com >> >> Signed-off-by: Kees Cook >> --- >> v3: fix r_bytes to whole-word size >> v2: switch to fixed-size stack array >> --- >> lib/Makefile | 1 + >> lib/bch.c | 23 +++++++++++++++-------- >> 2 files changed, 16 insertions(+), 8 deletions(-) > > > The patch looks good to me. It also passed my regression tests. > > Reviewed-by: Ivan Djelic > Tested-by: Ivan Djelic Thanks for the review and testing! Who's the best person to carry this patch? -Kees --=20 Kees Cook Pixel Security