Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp81784imm; Tue, 7 Aug 2018 14:21:11 -0700 (PDT) X-Google-Smtp-Source: AA+uWPxoebh0abRslTweGtK+NI/rW0J3k7LzN3KAM8n+zrHXWvzQfQfECcmTI7p0uMKV4UbJqFUk X-Received: by 2002:a17:902:290a:: with SMTP id g10-v6mr86664plb.110.1533676871844; Tue, 07 Aug 2018 14:21:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1533676871; cv=none; d=google.com; s=arc-20160816; b=v3hgkZrfr3bdOkxeeXFRY+4zFil/f73myOmhr1GHK49W8NcI7XZhMOif4q3aOoTygo LbSzVCbMN35xdAPkKjQjQQzhwQ/FvOOwdryUtoI+4finOygG5YMnO/+6aTDqCStKWls8 lTeMUQEg7PJ/KRbu4QviuTU6OpSlGR3XrwH0XNjo7vMLEhFJ9IghFL4oaITHFlcT8R3N If95TJDFiQV4QEMuaDzsT1iBcIC+TpyBs/+8GcMgHEG/68b6LWzSm2paxYHezTj6OPzz W+ysigK5kzzbeYNNyEIx8ZdB5yVX3uYFn9rGBNEtsNnqrG2rxhUMSsERsoo7cAcMN5KY 0Fhg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=WKSfBoqqmwqW/7rTlYhIb2ASSav+oo5lfeHmCUUrk2I=; b=SHuh5RMaJPFJmB8Nz/BGmhfDk/isaFE00Oh96LQsUmgHee29cUJzkB0shXCt9pFvYd O+8ZT5bG86XmmnlWyKAgDRzGEsWgRfqDoHKvBBweFOW3ES0qxhPXLHXR6YMQdcelQYy0 26+Sz9DaazH73ZUCTNE7PR6ATm3rFkKripvzH84amaQzvsxy9YZt18W5MFdC8Ex3ZoWw 6eDRyTllO2tuEVSsC556qUGHbCc25ofC184vFs/h3dWx0cckqEPVdFO7fufzTemioQjh uUs81YfsfmwzKogaNfiqF+TPR1AO8bUAoLRoBMRE9OJUB5AZch72LxlCxhw0tmthzUw0 9ofw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=fRu17USj; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 200-v6si2362389pgf.378.2018.08.07.14.20.57; Tue, 07 Aug 2018 14:21:11 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=fRu17USj; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727102AbeHGXfK (ORCPT + 99 others); Tue, 7 Aug 2018 19:35:10 -0400 Received: from mail-pg1-f193.google.com ([209.85.215.193]:37417 "EHLO mail-pg1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727048AbeHGXfJ (ORCPT ); Tue, 7 Aug 2018 19:35:09 -0400 Received: by mail-pg1-f193.google.com with SMTP id n7-v6so40058pgq.4 for ; Tue, 07 Aug 2018 14:18:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=WKSfBoqqmwqW/7rTlYhIb2ASSav+oo5lfeHmCUUrk2I=; b=fRu17USj+VPtv3LEav9XxzknEFCskBJejbyi2YND9LHOBQC1cXwpSyhPgP+p3zOZgW WtBRKFmxTa4aGNJ9jKD7ItSWb6JKRGET9Pj++1oyH52TfO4HmQDANXNaN/gwXx8xahGX PWyhfcS99/Lh9FNkIh3SwqPAw+kR0t4yWDhEE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=WKSfBoqqmwqW/7rTlYhIb2ASSav+oo5lfeHmCUUrk2I=; b=ntFUYA1/CFzmd4ZkmSbkYvrnxc490g/d9rhyK0fw+nHerTULHrQjdOrWFFszMFTBAt 3G3FyXCL06zKxmXirJRBnmf9c4aW0Z/q3ejOl7tSd4TFrLVrxnXtZKZfF/z4JnI9NBkh doQsj4uoGMxPCOZXt4wXfDSd/j16BLgmh5XTPIc3bBe5Q1oknqlybxrabpViiaMQM2Ze QxB4OFU9NAXdJ7hKFZqdAZSClwdxoWfD1oC6VLFAvQSuC2CHcjmamojkfrUZwtbxMygo epjo5K1HZImLMznD/QGEOap8Por2/HVejxTZZ02iPOTgc1WCm4mybfcujORcYVIewsH7 zVug== X-Gm-Message-State: AOUpUlGK324b5JalYRwyiv7sbGUKS8Bitd9CMcN3ggQa9Gpmqpmtq+dC V0gdw+kt9ZWVfLx5/IuTojf6kQ== X-Received: by 2002:a63:3444:: with SMTP id b65-v6mr74051pga.396.1533676730942; Tue, 07 Aug 2018 14:18:50 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id s66-v6sm2342549pgc.67.2018.08.07.14.18.45 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 07 Aug 2018 14:18:46 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Eric Biggers , Ard Biesheuvel , Giovanni Cabiddu , Alasdair Kergon , Mike Snitzer , Tudor-Dan Ambarus , Andrew Morton , Thomas Gleixner , Geert Uytterhoeven , Arnd Bergmann , Will Deacon , Rasmus Villemoes , David Woodhouse , Matthew Wilcox , "David S. Miller" , "Gustavo A. R. Silva" , linux-crypto@vger.kernel.org, dm-devel@redhat.com, qat-linux@intel.com, linux-kernel@vger.kernel.org Subject: [PATCH v8 2/9] crypto: cbc: Remove VLA usage Date: Tue, 7 Aug 2018 14:18:36 -0700 Message-Id: <20180807211843.47586-3-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180807211843.47586-1-keescook@chromium.org> References: <20180807211843.47586-1-keescook@chromium.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org In the quest to remove all stack VLA usage from the kernel[1], this uses the upper bounds on blocksize. Since this is always a cipher blocksize, use the existing cipher max blocksize. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- include/crypto/cbc.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/crypto/cbc.h b/include/crypto/cbc.h index f5b8bfc22e6d..3bf28beefa33 100644 --- a/include/crypto/cbc.h +++ b/include/crypto/cbc.h @@ -113,7 +113,7 @@ static inline int crypto_cbc_decrypt_inplace( unsigned int bsize = crypto_skcipher_blocksize(tfm); unsigned int nbytes = walk->nbytes; u8 *src = walk->src.virt.addr; - u8 last_iv[bsize]; + u8 last_iv[MAX_CIPHER_BLOCKSIZE]; /* Start of the last block. */ src += nbytes - (nbytes & (bsize - 1)) - bsize; -- 2.17.1