Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp1390507imm; Fri, 29 Jun 2018 17:47:20 -0700 (PDT) X-Google-Smtp-Source: ADUXVKKyUKWqsxpScjUJELbXxD/QmCYDs3WRUbxZ/S2AEFTjzU73ZB8LgHMMMHO2aZ+9hqxDhD5f X-Received: by 2002:a17:902:ab8e:: with SMTP id f14-v6mr17247870plr.5.1530319640165; Fri, 29 Jun 2018 17:47:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1530319640; cv=none; d=google.com; s=arc-20160816; b=cpGSXYYgc1xmKgjU2i1jnbRWmaSvvWbZ+jbzQLpWyRx2riWZm66MHdohmJ4oMjV9G0 GW8x+gi5ATKZOT7+HwEFjbe+7p8FOrL8gs6Szspr51hSNBucWOFIqiKXlxjzNkIy6RhA 8t6ip9J6/u9xXm182UkBJ7x8vwKnTDFISdX5njXR1zspgvvF6cimuaa1quaTk7dvL2hd 2YXYJmXP3+qZwOfSI8bXibYk9Xkq7rgHuTMwMa9KMBAqC6627ACcpGnHPPsMvVx7jE4N d38yCCblWkKA/b+Rwcq2QxH4TVYkvUOOZRU9CSIog6KjXMaHatH5xJpmhQ+nBxS0QvQR 8xCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=TpYkn8m2etMpCR0QwsktlSjBduqwjTKCppyk+pSh3EM=; b=qTeSXWoElcHcrM47yqVff6lpHRhrtgZJsFnybNLIpQS18fI13JmCccnh46z014CFFa XQ7236GLXNfvPiHv2F1kSD2xAmnY/+390iNBGzIfxxB6SoT48c27f2WZXRY8SlGPtTO+ CstSYLFI7d0FhKzJESrmFutiYGL+x6+BcUtLmbnuzw2FlBwPb5O9rSNamFsxiCHvsa4X +o2a+R5eZJK/LN56r3OpxlFFHqUJhJ+WmTU7kUtf65qOljRJhard40KRnlVLvb9XbErR UIAobqI5IY7NsLxN4HutEyEuOiDCumM3PG+bXXwy3Z8MbzjeV/lL5ElzfhED48FPAhmC LOpA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=hEvj1x9y; dkim=fail header.i=@chromium.org header.s=google header.b=Xr9EZ+vS; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f3-v6si8983808pgp.496.2018.06.29.17.47.05; Fri, 29 Jun 2018 17:47:20 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=hEvj1x9y; dkim=fail header.i=@chromium.org header.s=google header.b=Xr9EZ+vS; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S936688AbeF2V4l (ORCPT + 99 others); Fri, 29 Jun 2018 17:56:41 -0400 Received: from mail-yw0-f194.google.com ([209.85.161.194]:41549 "EHLO mail-yw0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S934086AbeF2V4j (ORCPT ); Fri, 29 Jun 2018 17:56:39 -0400 Received: by mail-yw0-f194.google.com with SMTP id j5-v6so4222403ywe.8 for ; Fri, 29 Jun 2018 14:56:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=TpYkn8m2etMpCR0QwsktlSjBduqwjTKCppyk+pSh3EM=; b=hEvj1x9yhPX7qzU6S3jlSeIyiB0o8HPEo9s+Et/bCjAS8n3TRLxQFc65ZnjlElmmSS 406r3g3//fIb0rbAnNjG1OSnihnCBMAS2nJwpkyKDZyK9HsiCLNsgW/XUHUAUSPlU/9T 0IkXacrjET7Vy5oIC8wPkVzOMJlSgFqIC1YpqVrSY4LyMYXieAq2L0V5LWofJrS3Cy/x nTtQ/tkTm5WEaTYPe86FSoGjNANoh9SLpo0d34lBBcCloOuHiE6aZSAP0sht2M+TQnT/ pyBeg1s4te+ALpnxlGFDYyQtXqdlA8RYvNa/HA0S4WONUd68GjeM4dU80ND1NgMLAbcy q38g== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=TpYkn8m2etMpCR0QwsktlSjBduqwjTKCppyk+pSh3EM=; b=Xr9EZ+vSEKK+86Z6zWDJbvX6d0UMPVM9uC47BFYAb3Y5E+qkGTE4AypAplw8ApcYva i7Mt3KFjlqQ6TNf4mqnf52gKRLEf24SMyyoYgF7VHNcLKA/Dw5YiBJLxA2G6bQm6W4hj SbVXHL3Yqzx7mSjxB/7zTai9yL56NRY4KadvA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=TpYkn8m2etMpCR0QwsktlSjBduqwjTKCppyk+pSh3EM=; b=hMZ2cczmQCXzSJvyculp0JBD0jLaeUFkwwuJHiFaB13ukT5MmEvpbdUT4oOcBZaWYr eUeOgDKpVQdnVIqEts7/1xKNmfNcUWWJOmPkNAX3PipTPptjjkyIMiPbwJWai69JdYUC xtRi/jW8Iat85yiCM377lKT7Bnem3rnbZKryiVLdPrJWQyWBSi8MUaAOS9cKKmImLGe/ NsCOx1LOg3IWbXnNMx4ZvYwUH8m15b3luqCG7vOS7FPKs3J89xj5xbTk4shtReiYudC2 T7kHolrvQRxy6h+1yXB93IfRqXQbMuHCl/MXPUmTRQkdpAliSMoWQAOaYMZ+rzKe23L7 nsNg== X-Gm-Message-State: APt69E3hsm0BVKZc+C0m97TLISqdiS9EA2XZ/CeMxyKhZlWvZS2olDad Pp3bSgjED1UNrNjWzm/sO4xeyO95oza/fMeBDOubyw== X-Received: by 2002:a81:8743:: with SMTP id x64-v6mr8167150ywf.129.1530309398418; Fri, 29 Jun 2018 14:56:38 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:5f51:0:0:0:0:0 with HTTP; Fri, 29 Jun 2018 14:56:37 -0700 (PDT) In-Reply-To: References: <20180629002843.31095-1-keescook@chromium.org> <20180629002843.31095-5-keescook@chromium.org> From: Kees Cook Date: Fri, 29 Jun 2018 14:56:37 -0700 X-Google-Sender-Auth: LQDn_4UNuYW42o07xnrrqL7il9g Message-ID: Subject: Re: [PATCH v3 4/9] dm integrity: Remove VLA usage To: Arnd Bergmann Cc: Herbert Xu , "Gustavo A. R. Silva" , Eric Biggers , Alasdair Kergon , Giovanni Cabiddu , Lars Persson , Mike Snitzer , Rabin Vincent , Tim Chen , "David S. Miller" , "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" , qat-linux@intel.com, dm-devel@redhat.com, Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jun 29, 2018 at 1:43 PM, Arnd Bergmann wrote: > On Fri, Jun 29, 2018 at 2:28 AM, Kees Cook wrote: > >> diff --git a/drivers/md/dm-integrity.c b/drivers/md/dm-integrity.c >> index 86438b2f10dd..85e8ce1625a2 100644 >> --- a/drivers/md/dm-integrity.c >> +++ b/drivers/md/dm-integrity.c >> @@ -521,7 +521,12 @@ static void section_mac(struct dm_integrity_c *ic, unsigned section, __u8 result >> } >> memset(result + size, 0, JOURNAL_MAC_SIZE - size); >> } else { >> - __u8 digest[size]; >> + __u8 digest[SHASH_MAX_DIGESTSIZE]; >> + >> + if (WARN_ON(size > sizeof(digest))) { >> + dm_integrity_io_error(ic, "digest_size", -EINVAL); >> + goto err; >> + } > > I'm still slightly worried that some patches like this one could make > things worse and lead to an actual stack overflow. As in stack exhaustion? Yeah, this has been a concern of mine for the crypto stuff because some combinations get BIG. My thinking has been mainly that it means ALL cases will lead to a bad state instead of only corner cases, which makes it easier to find and fix. > You define SHASH_MAX_DIGESTSIZE > as '512', which is still quite a lot to put on the kernel stack. The > function also > uses SHASH_DESC_ON_STACK(), so now you have two copies. Then you > could call shash_final_unaligned(), which seems to put a third copy on > the stack, > so replacing each one with a fixed-size buffer adds quite a bit of bloat. > > Is there actually a digest that can be used in dm-integrity with more than 64 > byte output (matching JOURNAL_MAC_SIZE) here? This conversion was following the existing check (PAGE_SIZE / 8), and not via an analysis of alg.digestsize users. Let me double-check. For predefined stuff, it looks like the largest is: SKEIN1024_DIGEST_BIT_SIZE/8 == 128 I can drop this from 512 down to 128... -Kees -- Kees Cook Pixel Security