Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp1188563imm;
        Wed, 20 Jun 2018 13:12:17 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKLb5n/T9Hp6re2QFEGvVIZZDGr/gqN5OAIxRI16H/QK03vpYLjc7HNKis6VUZzQZnc+yJQk
X-Received: by 2002:aa7:864d:: with SMTP id a13-v6mr24054379pfo.247.1529525537393;
        Wed, 20 Jun 2018 13:12:17 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1529525537; cv=none;
        d=google.com; s=arc-20160816;
        b=nW9/Ns8eXO336/i01gyexstiLWF3USncwq83R1rB215rNQjOv0v7A0p7oBSzuCzp6q
         M6xYv3jmVKWhbwBhg7czIsTOOInga4aC4R49DELyfNcP8sMjVDq8QBkIQXvkWTUyWF4K
         IPR+ZpP0DjhiMbSVnA8yjsAKy8M9QFycQAHruNsrAINlxVHCAGUWSlOMBZxUswJEfJwG
         k2V/MIXGWjqK+xv83W+gmnWx7x2oceZYDh+6VEbQxcMljFBHlbNEBfMkP8GYI2UpR8qq
         dS3c2VkFyBL8rrlqYoQRAgjAip2qQHPxRQsmqbMiAQUrgvFBa0dcqB2Mn6jyKWO71ksR
         jWJw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:arc-authentication-results;
        bh=2CxTDf8oZLkQwEWg2ckBhHaJldp/8bGTmYt1Ln3CEok=;
        b=Es25Jteo/Ioe2jMerljsViLx9+3dcgl6RrAK7MJjS0HccJ19xzxQDhx8ctfDhZpjjV
         2oFskBQeCSne74m0dUcq23mjRrmKADPUguxOWDTiKby7COc1MiqWg8Krwx8dn5Kw0Aih
         NQMQ3/UX/m7GQXN3qKrnODustaaJiSvRfY2XGJcSKxKXf3h523gACzPDEY3zXDD/Oe8l
         wuIlYFIH5Ln7b8IipaRu9sVSu17qM8VTOPQ19YDBzOKIV//6e5SD9ndLWHL+owROGPmW
         uEEbVCSNoDFQAqGpdguAZppdCfOel2C4PcGC+3y86eVczp5APNHtDc3cqYyv78+6VOZG
         BKcA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id o26-v6si3140904pfe.44.2018.06.20.13.12.03;
        Wed, 20 Jun 2018 13:12:17 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S933097AbeFTUJv (ORCPT <rfc822;7819ynot@gmail.com> + 99 others);
        Wed, 20 Jun 2018 16:09:51 -0400
Received: from pegase1.c-s.fr ([93.17.236.30]:30608 "EHLO pegase1.c-s.fr"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S932996AbeFTUJt (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 20 Jun 2018 16:09:49 -0400
Received: from localhost (mailhub1-int [192.168.12.234])
        by localhost (Postfix) with ESMTP id 419wsg4mb4z9ttmc;
        Wed, 20 Jun 2018 22:09:43 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at c-s.fr
Received: from pegase1.c-s.fr ([192.168.12.234])
        by localhost (pegase1.c-s.fr [192.168.12.234]) (amavisd-new, port 10024)
        with ESMTP id BcpDRlaC3d7f; Wed, 20 Jun 2018 22:09:43 +0200 (CEST)
Received: from messagerie.si.c-s.fr (messagerie.si.c-s.fr [192.168.25.192])
        by pegase1.c-s.fr (Postfix) with ESMTP id 419wsg4F1Xz9ttmD;
        Wed, 20 Jun 2018 22:09:43 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
        by messagerie.si.c-s.fr (Postfix) with ESMTP id E7F698B83D;
        Wed, 20 Jun 2018 22:09:47 +0200 (CEST)
X-Virus-Scanned: amavisd-new at c-s.fr
Received: from messagerie.si.c-s.fr ([127.0.0.1])
        by localhost (messagerie.si.c-s.fr [127.0.0.1]) (amavisd-new, port 10023)
        with ESMTP id 2Ku-V9oUsqKS; Wed, 20 Jun 2018 22:09:47 +0200 (CEST)
Received: from po14934vm.idsi0.si.c-s.fr (unknown [192.168.232.3])
        by messagerie.si.c-s.fr (Postfix) with ESMTP id 676C08B82D;
        Wed, 20 Jun 2018 22:09:47 +0200 (CEST)
Subject: Re: [PATCH 01/11] crypto: shash: Remove VLA usage
To:     Kees Cook <keescook@chromium.org>,
        Herbert Xu <herbert@gondor.apana.org.au>
Cc:     "Gustavo A. R. Silva" <gustavo@embeddedor.com>,
        Alasdair Kergon <agk@redhat.com>,
        Arnd Bergmann <arnd@arndb.de>,
        Eric Biggers <ebiggers@google.com>,
        Giovanni Cabiddu <giovanni.cabiddu@intel.com>,
        Lars Persson <larper@axis.com>,
        Mike Snitzer <snitzer@redhat.com>,
        Rabin Vincent <rabinv@axis.com>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        "David S. Miller" <davem@davemloft.net>,
        linux-crypto@vger.kernel.org, qat-linux@intel.com,
        dm-devel@redhat.com, linux-kernel@vger.kernel.org
References: <20180620190408.45104-1-keescook@chromium.org>
 <20180620190408.45104-2-keescook@chromium.org>
From:   Christophe Leroy <christophe.leroy@c-s.fr>
Message-ID: <638faf05-946a-1345-dda4-f75fee5b07d9@c-s.fr>
Date:   Wed, 20 Jun 2018 19:30:50 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <20180620190408.45104-2-keescook@chromium.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 06/20/2018 07:03 PM, Kees Cook wrote:
> In the quest to remove all stack VLA usage from the kernel[1], this
> removes the VLAs in SHASH_DESC_ON_STACK (via crypto_shash_descsize())
> by using the maximum allowable size (which is now more clearly captured
> in a macro). Similar limits are turned into macros as well.
> 
> [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com
> 
> Signed-off-by: Kees Cook <keescook@chromium.org>

Got the following warnings:

crypto/testmgr.c: In function ‘alg_test_crc32c.part.4’:
crypto/testmgr.c:1896:1: warning: the frame size of 2088 bytes is larger 
than 1024 bytes [-Wframe-larger-than=]
crypto/hmac.c: In function ‘hmac_setkey’:
crypto/hmac.c:88:1: warning: the frame size of 2088 bytes is larger than 
1024 bytes [-Wframe-larger-than=]

Christophe

> ---
>   crypto/shash.c        | 6 +++---
>   include/crypto/hash.h | 6 +++++-
>   2 files changed, 8 insertions(+), 4 deletions(-)
> 
> diff --git a/crypto/shash.c b/crypto/shash.c
> index 5d732c6bb4b2..ab6902c6dae7 100644
> --- a/crypto/shash.c
> +++ b/crypto/shash.c
> @@ -458,9 +458,9 @@ static int shash_prepare_alg(struct shash_alg *alg)
>   {
>   	struct crypto_alg *base = &alg->base;
>   
> -	if (alg->digestsize > PAGE_SIZE / 8 ||
> -	    alg->descsize > PAGE_SIZE / 8 ||
> -	    alg->statesize > PAGE_SIZE / 8)
> +	if (alg->digestsize > SHASH_MAX_DIGESTSIZE ||
> +	    alg->descsize > SHASH_MAX_DESCSIZE ||
> +	    alg->statesize > SHASH_MAX_STATESIZE)
>   		return -EINVAL;
>   
>   	base->cra_type = &crypto_shash_type;
> diff --git a/include/crypto/hash.h b/include/crypto/hash.h
> index 76e432cab75d..308aad8bf523 100644
> --- a/include/crypto/hash.h
> +++ b/include/crypto/hash.h
> @@ -151,9 +151,13 @@ struct shash_desc {
>   	void *__ctx[] CRYPTO_MINALIGN_ATTR;
>   };
>   
> +#define SHASH_MAX_DIGESTSIZE    (PAGE_SIZE / 8)
> +#define SHASH_MAX_DESCSIZE      (PAGE_SIZE / 8)
> +#define SHASH_MAX_STATESIZE     (PAGE_SIZE / 8)
> +
>   #define SHASH_DESC_ON_STACK(shash, ctx)				  \
>   	char __##shash##_desc[sizeof(struct shash_desc) +	  \
> -		crypto_shash_descsize(ctx)] CRYPTO_MINALIGN_ATTR; \
> +		SHASH_MAX_DESCSIZE] CRYPTO_MINALIGN_ATTR; \
>   	struct shash_desc *shash = (struct shash_desc *)__##shash##_desc
>   
>   /**
>