Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp1036613imm; Thu, 6 Sep 2018 14:17:33 -0700 (PDT) X-Google-Smtp-Source: ANB0VdalPDNFcElQbFvbQW1K8bmwqkuLGwqxPZECuTyCtvKbw7RWnZEVlY2hpVB/nOsNLC4fBj9M X-Received: by 2002:a17:902:585:: with SMTP id f5-v6mr4742548plf.7.1536268653421; Thu, 06 Sep 2018 14:17:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1536268653; cv=none; d=google.com; s=arc-20160816; b=Y4v3+Ljp54hP5JRkhh6V/ueMpJREp/sGF/4ho/K4eUxkYXmYMQTO39jiYU3nhj0VXT 6+I4L2xPMalqM1afs07tywXiDDK7YHwCfJ1HOyyWjSakaPxofyFKxu4J1quG6540YjJY dYhhWMMLa7A+1SAI7NMJEqAVhap6dMKR1vtaTP72qum9sMs3IvC6q0DRn4P7lPCCtG51 6RCpcrz5PRHXWPxm/45OcJM8nWoeAwIOfbarVlzg/wQX97JVKva7hl6KLzDsWzDToWSt 6D9wd9uWoFUv505mzu/Xs7ShofXcNcQ5JXuinKBcVhbfBI9U5QMg2Ho3OnPEVaXvjaXg VRsQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature; bh=5K2AF4hd3u2iLAJIF5jwpMp9/BO/mt7wf28Abi9aVmw=; b=okJzj5s3Q2r9C2Q8QE8uhQorj3Hdhl9mBMzkZbQf8Bsn9cTSSUvjKIoylbV2ZJNeTt xUPoiPqTJCvEef+p/twqsjjvj6eyeNI2TpYQB4RjrcfHpecy93lAwCRw61CYF60bCMEk 7Agsh2R4OyJKRnnRvu1Q1tsrrnbTufjYN6bVwo1ng7aKckBE1YDnt8A2olRKrIzgtC1O 3xUieeysq+5Ti8mErWd2xF/NPykIedJd3Eg4v5yM7M6jHuolQ4DEvMmi74NoXqTZqbh3 DhsUgDRGrxSjLha5H1lCKKTw0cRMbqWJqOuMLzpy3J4kpa/4rrNcACIiXcz73mqmCAm6 VZQg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=WOV2O2vR; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 34-v6si5965266pgo.399.2018.09.06.14.17.18; Thu, 06 Sep 2018 14:17:33 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=WOV2O2vR; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730626AbeIFXz2 (ORCPT + 99 others); Thu, 6 Sep 2018 19:55:28 -0400 Received: from mail-yb1-f194.google.com ([209.85.219.194]:36534 "EHLO mail-yb1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727261AbeIFXz1 (ORCPT ); Thu, 6 Sep 2018 19:55:27 -0400 Received: by mail-yb1-f194.google.com with SMTP id d34-v6so4568590yba.3 for ; Thu, 06 Sep 2018 12:18:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=5K2AF4hd3u2iLAJIF5jwpMp9/BO/mt7wf28Abi9aVmw=; b=WOV2O2vR5A5fe/9qGbf0AwAUT834DRV7mMLQ+GE4XaKz9ivFC/DWQkHRAUHameYnSb yiaAJr8DjKTqTUJ7YUNarYwK84tYYPEQXzZSlMP9NB94vPb+KLkHeqjEQVYapYFsqJA1 1sIDgHQd4398gU8Zfi9R/HqYLP4ZWdkp/XuI8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=5K2AF4hd3u2iLAJIF5jwpMp9/BO/mt7wf28Abi9aVmw=; b=VgwA6D6ukczA8l74cCG+yk6/MfwuWIO9K+iapODZ1Uvdl4kS1TQLsfCQLc113FEwH5 71dF3kkOu4J1oCH4GAMb+dHgu8vij7qSj/AN5+ZyJbcN5qW2n3jtTgL0AiFYxiBCcoQM dd4WQiPcwc2ck/HyZ3L3RhcDHaIR8KueBqpeRHrYb+n0ZqZw44usq2bZCGNo/0/Zfx7g jCki1gIYqZ1zUGQ2mwqCrkv9R93+G0gOQ8Q5fGGTPXxUSEkgZuRlbtILDHsO0eVm9CEq 0uN/PtDuudBscWfDX6vnskWCS7bN6b6etqHOv+0vxQgUckMA/lIuf70seKhUk5Bf8WAO POpg== X-Gm-Message-State: APzg51CCwQAzu/66d9fyh6zF5erBeJBRnbexYP+L0oROKuF5F5DfNqrc nmM3p/bZm0GEM4Qc2aKpMaWN2J8x7Ec= X-Received: by 2002:a25:8205:: with SMTP id q5-v6mr2345283ybk.363.1536261514047; Thu, 06 Sep 2018 12:18:34 -0700 (PDT) Received: from mail-yb1-f176.google.com (mail-yb1-f176.google.com. [209.85.219.176]) by smtp.gmail.com with ESMTPSA id v185-v6sm1962588ywc.94.2018.09.06.12.18.30 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Sep 2018 12:18:32 -0700 (PDT) Received: by mail-yb1-f176.google.com with SMTP id h22-v6so4547447ybg.12 for ; Thu, 06 Sep 2018 12:18:30 -0700 (PDT) X-Received: by 2002:a25:19c3:: with SMTP id 186-v6mr2369882ybz.410.1536261510130; Thu, 06 Sep 2018 12:18:30 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:5f04:0:0:0:0:0 with HTTP; Thu, 6 Sep 2018 12:18:28 -0700 (PDT) In-Reply-To: References: <20180904181629.20712-1-keescook@chromium.org> <20180904181629.20712-3-keescook@chromium.org> <20180906085100.xcqqftgqg4sizkec@gondor.apana.org.au> <20180906131149.ge2db74nxffs2tbz@gondor.apana.org.au> From: Kees Cook Date: Thu, 6 Sep 2018 12:18:28 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 2/2] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK To: Ard Biesheuvel Cc: Herbert Xu , Gilad Ben-Yossef , Eric Biggers , Antoine Tenart , Boris Brezillon , Arnaud Ebalard , Corentin Labbe , Maxime Ripard , Chen-Yu Tsai , Christian Lamparter , Philippe Ombredanne , Jonathan Cameron , "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" , Linux Kernel Mailing List , linux-arm-kernel Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Sep 6, 2018 at 7:49 AM, Ard Biesheuvel wrote: > On 6 September 2018 at 15:11, Herbert Xu wrote: >> On Thu, Sep 06, 2018 at 11:29:41AM +0200, Ard Biesheuvel wrote: >>> >>> Perhaps not, but it is not enforced atm. >>> >>> In any case, limiting the reqsize is going to break things, so that >>> needs to occur based on the sync/async nature of the algo. That also >>> means we'll corrupt the stack if we ever end up using >>> SKCIPHER_REQUEST_ON_STACK() with an async algo whose reqsize is >>> greater than the sync reqsize limit, so I do think some additional >>> sanity check is appropriate. >> >> I'd prefer compile-time based checks. Perhaps we can introduce >> a wrapper around crypto_skcipher, say crypto_skcipher_sync which >> could then be used by SKCIPHER_REQUEST_ON_STACK to ensure that >> only sync algorithms can use this construct. >> > > That would require lots of changes in the callers, including ones that > already take care to use sync algos only. > > How about we do something like the below instead? Oh, I like this, thanks! -Kees -- Kees Cook Pixel Security