Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp1211070imm; Wed, 20 Jun 2018 13:39:07 -0700 (PDT) X-Google-Smtp-Source: ADUXVKKYlu4E9i/ftmcYneEMceUb+i/aS3+QPZxNnBNK/ni0bOJ4pdm8ooxogQkaIJreOCaiErho X-Received: by 2002:a65:5944:: with SMTP id g4-v6mr20331297pgu.317.1529527147427; Wed, 20 Jun 2018 13:39:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1529527147; cv=none; d=google.com; s=arc-20160816; b=Ibj9zkbTuhiSx5J2pKeFUEjJWKaWE0ZgYj0cL57kphPVx7jqHr8cGmFO3WaWxo6F57 kKgpFUp/3AHFNY1d9zOle6lcpTLA4WMQv92VCJCreHuz1wl5IoO99zyGnZfztVKPJ3FC sEyUixt9WVrOrXXxLfcn8NHwuHmf9PDX6bSMRI5eIrMj8mAVgyb6meRuMf8+OqA6LaRJ i1nOiruJcgpWFH7LRDAhgYkY2g+cVG0fwwbdjtb2qhIDcRhHiPPZDfBN7UxUgwwUGOvQ txlNv5NMbIMA3NmGaJ1EGh8qBpLUxXVv09wncHJe+rnSRTGyz0K74ua8UhtC7swx6oSo //rg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:references:in-reply-to:mime-version :dkim-signature:dkim-signature:arc-authentication-results; bh=GjbkdrkSlpS4x2MghtNByd9Ojj9LDwgDe7Am1Bo4DNg=; b=JcWovHqir5gWvlBoZ+kcZ2DUVFgxVSD51A0RVaMHhvjSWj1VbHxz72ZPkPFj9IcMxD ihGMskkpIeJjMu5Vvwypa9tL/yr5WqrnstMl9uVsjqsyOl/rqpoxrmTdfh13d1BXeE6r diFfWIbKKYa6S0pRL7QIeAkoQamoBV9Y+G5nFR7zk+0DJlE7z0pJ0wEf7KAFEMr3HFlz kzm49kshFbE9qRqgPfoUsb1gEv6xvsSwMtcm1YPYh0b8a0EcJKc8zIORx9XhMtwgmpkm C/IHsAg3IbUf91C7KrsSc2nGfPHuQRcMooldSkEMzO+z21FDeOpG6DYmIMrUoI5Rku7D w8Qw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=ZPZ4sFmY; dkim=fail header.i=@chromium.org header.s=google header.b=cxLpWmxH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d14-v6si3023789plr.244.2018.06.20.13.38.52; Wed, 20 Jun 2018 13:39:07 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=ZPZ4sFmY; dkim=fail header.i=@chromium.org header.s=google header.b=cxLpWmxH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933277AbeFTUgs (ORCPT + 99 others); Wed, 20 Jun 2018 16:36:48 -0400 Received: from mail-yb0-f194.google.com ([209.85.213.194]:33614 "EHLO mail-yb0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933097AbeFTUgq (ORCPT ); Wed, 20 Jun 2018 16:36:46 -0400 Received: by mail-yb0-f194.google.com with SMTP id e84-v6so357871ybb.0 for ; Wed, 20 Jun 2018 13:36:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-transfer-encoding; bh=GjbkdrkSlpS4x2MghtNByd9Ojj9LDwgDe7Am1Bo4DNg=; b=ZPZ4sFmYdJWz/ke14L0wj2tN794pRng34Ev7XtqtL3Snq17PmI2Q8yowfnLaD0hDpC qy26wuxEFa8yzILVCs0mTk2nux3OWWDnJeb0xH26rmXLJVg5rVqhVDlJQZRS7SSv85wB JEM8AorrcoXohBul4j1J0WpjuWeRkTRaSzf0mvHKieY04/acq825crnVMFrZ1OK4t2PZ aMh3y+7Kg6DbRxdypH2IfBVgdMCAQag8X/VvAUp3Et6n5trH5fKfmnvlWUGT+IeJueTr xdAvVcNbiIszrk/EhDqJffbuXxcK4eR2UuK9MB+xD/g1jPEDtQn6yIQMNoVaQZ0eiCzR 7MAw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-transfer-encoding; bh=GjbkdrkSlpS4x2MghtNByd9Ojj9LDwgDe7Am1Bo4DNg=; b=cxLpWmxHBIEAxj3u3xHMeTGK7kUNNJsdr3wZo3DDHQpZq20hOmCb09EgLfxyTjzXeD KrSRpiS3scZpNC9GYgcK4VG822p3vR27hae72hQgPoXKpr7F4ydW4DWRmO+7YZq11/wo n/ZdsKKQLfHHmkhyrbhUU7QyalLKm5rqgqsLg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc:content-transfer-encoding; bh=GjbkdrkSlpS4x2MghtNByd9Ojj9LDwgDe7Am1Bo4DNg=; b=IiES+X4Uubr5e41NFURJqtz2DRlBP4RUSiTe8x6UNC/Yb0qlmsUjOcby9DIYV7tvBF vFeUrvjClhaCIvHIWVP0Wi4gmqmKU7dnkce/Tuufz7qvBlzFX58/gNK2riCSWiB+TEiK EuUNLHXcNoUv/e5tc2hRc5PRv+/TgzTmD6QzA6LQdgO+nmQnuBVf/C1VdW3ualRvPcGa NjiIoFdzjEu+ubiPa9adgljP8TSmfUWcLseNZXMU8sL0KZZcRtOraRBrurkITHF1yPko pu5Ty3TTObai6DVGqjZI1zIiM+jGLDkTrhu/7qQAJaGmxo6XdSaze0QGKkcrbDBBjEN9 15PQ== X-Gm-Message-State: APt69E052sCqej51Ym7kf9xayYoSiQxVRRUR4j3LiOp4VfJRLPXZytMg vpdV0n6/J4Gy3/1aRWusVYS6isLpWC7XDvKFa64n0A== X-Received: by 2002:a25:ab10:: with SMTP id u16-v6mr11868158ybi.112.1529527005757; Wed, 20 Jun 2018 13:36:45 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:d6c5:0:0:0:0:0 with HTTP; Wed, 20 Jun 2018 13:36:45 -0700 (PDT) In-Reply-To: <638faf05-946a-1345-dda4-f75fee5b07d9@c-s.fr> References: <20180620190408.45104-1-keescook@chromium.org> <20180620190408.45104-2-keescook@chromium.org> <638faf05-946a-1345-dda4-f75fee5b07d9@c-s.fr> From: Kees Cook Date: Wed, 20 Jun 2018 13:36:45 -0700 X-Google-Sender-Auth: FlIyMv7-DIDfrGCCFjcdBJP1EG0 Message-ID: Subject: Re: [PATCH 01/11] crypto: shash: Remove VLA usage To: Christophe Leroy Cc: Herbert Xu , "Gustavo A. R. Silva" , Alasdair Kergon , Arnd Bergmann , Eric Biggers , Giovanni Cabiddu , Lars Persson , Mike Snitzer , Rabin Vincent , Tim Chen , "David S. Miller" , linux-crypto , qat-linux@intel.com, dm-devel@redhat.com, LKML Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jun 20, 2018 at 12:30 PM, Christophe Leroy wrote: > > > On 06/20/2018 07:03 PM, Kees Cook wrote: >> >> In the quest to remove all stack VLA usage from the kernel[1], this >> removes the VLAs in SHASH_DESC_ON_STACK (via crypto_shash_descsize()) >> by using the maximum allowable size (which is now more clearly captured >> in a macro). Similar limits are turned into macros as well. >> >> [1] >> https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=3DqPXydAac= U1RqZWA@mail.gmail.com >> >> Signed-off-by: Kees Cook > > > Got the following warnings: > > crypto/testmgr.c: In function =E2=80=98alg_test_crc32c.part.4=E2=80=99: > crypto/testmgr.c:1896:1: warning: the frame size of 2088 bytes is larger > than 1024 bytes [-Wframe-larger-than=3D] > crypto/hmac.c: In function =E2=80=98hmac_setkey=E2=80=99: > crypto/hmac.c:88:1: warning: the frame size of 2088 bytes is larger than > 1024 bytes [-Wframe-larger-than=3D] Ah yes. I didn't do 32-bit builds. So, here's the issue: this uncovers the frame size problems that were hidden by in being a VLA before. It was always possible for the frame to get this big, it's just that the compiler couldn't see it. For qat, I raised the -Wframe-larger-than flag. It seems we'll need to do this in some other places too. -Kees --=20 Kees Cook Pixel Security