Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp1163933imm; Wed, 20 Jun 2018 12:46:12 -0700 (PDT) X-Google-Smtp-Source: ADUXVKKJqeihuTVjSWuJfNoEmN7cpN9W2wR1290UmeQxOsEM53SIMZhv8z6f5UDIVNT/6m42jTNN X-Received: by 2002:a63:b004:: with SMTP id h4-v6mr3246593pgf.340.1529523972056; Wed, 20 Jun 2018 12:46:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1529523972; cv=none; d=google.com; s=arc-20160816; b=IYRAw0xhxEV2RtF7HAbsziItHbv8v6zqYU/F1nJdmLTDQcnedbPERA/edL+/Yxyq7N o+tbqRgWwJY1NRPi14m+fub7ixcbCPB6dJiu6cVVVzLBS/DOmNrBZTmiu6xpHZ0GwQ8z qyDTm0vIS19NT4AdUOeUSLuzgP2VhC3DcKxqzhz13hD9obmvbgdrNbioCdMMAIPocf9D ZQSKcUNjpAw+WP7i9+syDe3GE3FKJta5bMOQYl/z1oTm/yMYE0gNQyBP4EO3GiJk3aR/ ajuxDm5OrJMU0nZMSCbA+069Y1SiruW5tqyOy7m3hcEEZzDXEqb8S8dgeKJlTedh7d9+ x0HA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=6gdsOwhHlG5vMSR+TDUjQBCG+Q+EF4G5SNblkbYJZ3Q=; b=XvbOcqe9ZFoK9rIIjV8qIctlRrUOrLepkorXaSTS/x85KoBpvdKJnxnRxpieOVP78b OPXEY8Y/vLwUUEW8+ChKzZyIZVk5fPzXNdswtkIqmJ8t/tGO4wWnFRaUXur3cAkYyuby 6qv7i9pDaKfKqolJuTLWHhL97YZxtpGncErckySIzR3am6Dlj1ugzhPbZvMm+dh2PUaN AefuYeUUc/clzkNwusvD6uaOnUqzYxmDdDw40s3wYIuS5ZXVqEhhcGw0Tg+GFKZs72Xi JutXXKNkhdsBnUUUVM6XTVBsu5a08NoKDQTD91IT0pV6TUWLg0/IgLEEcIZo79SsAoqU eO9g== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=g7OuKtJR; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d37-v6si3010928plb.481.2018.06.20.12.45.57; Wed, 20 Jun 2018 12:46:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=g7OuKtJR; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933004AbeFTToq (ORCPT + 99 others); Wed, 20 Jun 2018 15:44:46 -0400 Received: from mail-lf0-f68.google.com ([209.85.215.68]:44318 "EHLO mail-lf0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932184AbeFTTop (ORCPT ); Wed, 20 Jun 2018 15:44:45 -0400 Received: by mail-lf0-f68.google.com with SMTP id p23-v6so1043308lfh.11; Wed, 20 Jun 2018 12:44:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=6gdsOwhHlG5vMSR+TDUjQBCG+Q+EF4G5SNblkbYJZ3Q=; b=g7OuKtJRAHCKBYwaQfhOZYktEfZMpUrN+NuewtOkLjWwuwhXDJ5Gxp6DbUq3GdNfOV pn41FMhvKmkhv7HlPZKlAApjUfRWVAjVozfSmbQgEioFiGC5HoKkwFdNcMZkOTaySvDK saV+2K7YAECitI44e2GZLjM1jhXp3Sms4iPhffmyFslOYxSLnLuawy4JZGxZlKm197cp /K9FO92axsytAVoihIDMTaUJHEWxfVp2DRm6PN0TSaajnqWnycIB+HLH/N2oANi8zwVQ YGwR3U845T0y3w8kPTHU3h3AFnpJkuhTYR1eyv5JOiMxfZFVLOA0fxBbrti8vsKaGtZR 79mw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=6gdsOwhHlG5vMSR+TDUjQBCG+Q+EF4G5SNblkbYJZ3Q=; b=SVJ2mAl6CU1YTwZKSFu5exwiTD5RqTWw7yZXbJLc8LI09qnJI0QwARggazPU9+EQFo 04nk5Hxf3P+sFg7lFtvhdTh/FhPUlSsU6gzspPkOmIwRL1G/oW5nz5HteNhID3135X/W GmytCAHi69aB7RnFu4a2/OSGHG64RwRI6fIdPnU+cPHGLrWIAjGIph5wBq7VoUPYTqPI 8aIPSRbo//QVQFbi1BZ4uEo3IYTL5Au1osZ1uie30nzcBl3bBbJzEJJvIloyfUqgsLDq 001b1O0uCQa5nnUnGXvGAE4P1eDN+YQTYLcZ42SdzbiIXLjBHAvS89LeCPFZDaWYrX9G oNIQ== X-Gm-Message-State: APt69E3ZbK6DitmGxJgyifPOYo1xJA7wxgy8MSHt8Uwxfs8OaX2D3QU0 zTFmyM1pN4KPEexIAsVLFl4z62C9YSjywsuL6Ic= X-Received: by 2002:a2e:40d9:: with SMTP id r86-v6mr14984171lje.19.1529523883672; Wed, 20 Jun 2018 12:44:43 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a2e:56c8:0:0:0:0:0 with HTTP; Wed, 20 Jun 2018 12:44:42 -0700 (PDT) In-Reply-To: <20180620190408.45104-12-keescook@chromium.org> References: <20180620190408.45104-1-keescook@chromium.org> <20180620190408.45104-12-keescook@chromium.org> From: Arnd Bergmann Date: Wed, 20 Jun 2018 21:44:42 +0200 X-Google-Sender-Auth: QBeswwwygk5-vsg-S4bWtBVFYFw Message-ID: Subject: Re: [PATCH 11/11] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK To: Kees Cook Cc: Herbert Xu , "Gustavo A. R. Silva" , Alasdair Kergon , Eric Biggers , Giovanni Cabiddu , Lars Persson , Mike Snitzer , Rabin Vincent , Tim Chen , "David S. Miller" , "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" , qat-linux@intel.com, dm-devel@redhat.com, Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jun 20, 2018 at 9:04 PM, Kees Cook wrote: > In the quest to remove all stack VLA usage from the kernel[1], this > caps the skcipher request size similar to other limits and adds a sanity > check at registration. > > > +#define SKCIPHER_MAX_REQSIZE (PAGE_SIZE / 8) > + > #define SKCIPHER_REQUEST_ON_STACK(name, tfm) \ > char __##name##_desc[sizeof(struct skcipher_request) + \ > - crypto_skcipher_reqsize(tfm)] CRYPTO_MINALIGN_ATTR; \ > + SKCIPHER_MAX_REQSIZE] CRYPTO_MINALIGN_ATTR; \ > struct skcipher_request *name = (void *)__##name##_desc > This is probably a bad idea on kernels with large values of PAGE_SIZE. Some users on ppc64 and arm64 use 64KB here, but still limit the per-function stack size to 2KB. Arnd