Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp175326imm; Tue, 18 Sep 2018 19:20:20 -0700 (PDT) X-Google-Smtp-Source: ANB0Vda5w7qjOfAFbDWcPkI7tea2IS1NcChpAViY4da35KEbAQ4RsCWsRjffu0HFJpaCLpS+Jc5O X-Received: by 2002:a63:6a89:: with SMTP id f131-v6mr30841026pgc.165.1537323620445; Tue, 18 Sep 2018 19:20:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1537323620; cv=none; d=google.com; s=arc-20160816; b=LUDlqhqqOesQaTdTkIcbeWtDTrLRgASWHfb2kvePIN7cZ/q97B9nRDb+/ULvOrRfsG 12mN6oSWATZjwJ2HqVlWyJ4U1HvPemthAON6WkEmbZVzoxIETOSXxcwA5BiRcp53Ssau HNXbsG21doFof52B2HWrypzqmsEu9yqbiYUGPlhBACpV0uX+kwKU/N504W8DBFoV8kE9 C0LztOXup8IKnUbEmhv/hxx5mwf22XNQeeU6kTjMrNTvVtRCBNPYbHxDfdRs2nPH/l5b yvY4Uc27ppFAJFP5YSYJqn7ANdLB1DXYVVq3JECio4q+qv/a+AOsNp+r9mIbokQl+/fW oipQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=bwpHaNlRdidXYTSo5B9BGO/P76H7RxTgLjp5X7q/NJw=; b=ZwA/I15xg6X7RCUdHIZwX9SYuQWOhvbmM4T5YlJMciVsZzzu+Id21J0fNB8MdYd/Km Myc/GfKwfoIJua2Rf06pArmmabANLvJSHXW0DtOZiMlVDBety4kkojAO5nDvZ2IcvzuC mxJ5PRBELbcwmzewP+Co9GEbRbPZ4t84+cCVffd0IidGnk6asJ4LOPbIMNMjQgnF0xzq OyZ9H2C+KNmBLfgdl8bAX53Og0CHXBYlx0/Kp3kRgVRb6qdPocfcKuH8AavT6MbqQXhr 61mXUyVUkYYSs9w8ek96i9//hU+cHNNirqOJpFGbugsnGDsyxq5zg37TerzwL3NGzdGz Ipqg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=eVFOScn1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j14-v6si20561532pgb.496.2018.09.18.19.20.05; Tue, 18 Sep 2018 19:20:20 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=eVFOScn1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730858AbeISHyw (ORCPT + 99 others); Wed, 19 Sep 2018 03:54:52 -0400 Received: from mail-pg1-f193.google.com ([209.85.215.193]:32973 "EHLO mail-pg1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728267AbeISHyu (ORCPT ); Wed, 19 Sep 2018 03:54:50 -0400 Received: by mail-pg1-f193.google.com with SMTP id s7-v6so1960472pgc.0 for ; Tue, 18 Sep 2018 19:19:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=bwpHaNlRdidXYTSo5B9BGO/P76H7RxTgLjp5X7q/NJw=; b=eVFOScn1P73qT/paJvfd9cUG9+vTYBA285PcZQ1jbgTyZVZA8p1UxdXs0uXk8st4yM Vn7MMWK5OzrVfrHfv/hU4eJ0rKisZKM5pfu2ZUs0RPkP6egvz3kfQUmU1j3PqAAW2M7Z orWRqQyOSItFpWSIUW9F/RcfzPx6WU2QvYmJk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=bwpHaNlRdidXYTSo5B9BGO/P76H7RxTgLjp5X7q/NJw=; b=lD1bR6lsl9jU/HNw2C/WU6s7fFppRYuMm8VSXxYtiaGuI4oUmy4Z6iwNr1+E6bb1CH hOPTWJcRFzk5xHz/Iz/wiezOuAGBjmLq8YhJFHHxy3jUGVC/KzZ4Y8DXWVRJskHNrpDs 5uxCmiMjW5tpIAmJWEnQPwLf/ORePw6AWAVKNLMNgDu3YOKYM6tDOIz1UQ59T9ODJL8E XLhQbSZExtT+rB8ByYfCkOGtT1CYttjLCN14qr+sWruWUDgigQjkRvU3DSDbaEFLIhQR h/ZCLa0Ho57qOQNz5XckeKIYEZK9EBH6cdXptRGBuBBckGsf7Xb7CkFrrYM0fs0hhHrk 5hSA== X-Gm-Message-State: APzg51Bvz24XfehtntD4t/eMmZC2C/RCx4hXN7ctTtBUfxf0Dlhfer5o kln+rEVtFwIHZcNSBBEAqLQdvQ== X-Received: by 2002:a63:5204:: with SMTP id g4-v6mr29970572pgb.274.1537323560594; Tue, 18 Sep 2018 19:19:20 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id f75-v6sm35679362pfk.85.2018.09.18.19.19.18 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 18 Sep 2018 19:19:18 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Himanshu Jha , Ard Biesheuvel , Eric Biggers , linux-crypto , Linux Kernel Mailing List Subject: [PATCH crypto-next 17/23] crypto: qce - Remove VLA usage of skcipher Date: Tue, 18 Sep 2018 19:10:54 -0700 Message-Id: <20180919021100.3380-18-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180919021100.3380-1-keescook@chromium.org> References: <20180919021100.3380-1-keescook@chromium.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org In the quest to remove all stack VLA usage from the kernel[1], this replaces struct crypto_skcipher and SKCIPHER_REQUEST_ON_STACK() usage with struct crypto_sync_skcipher and SYNC_SKCIPHER_REQUEST_ON_STACK(), which uses a fixed stack size. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Cc: Himanshu Jha Signed-off-by: Kees Cook --- drivers/crypto/qce/ablkcipher.c | 13 ++++++------- drivers/crypto/qce/cipher.h | 2 +- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/qce/ablkcipher.c b/drivers/crypto/qce/ablkcipher.c index ea4d96bf47e8..585e1cab9ae3 100644 --- a/drivers/crypto/qce/ablkcipher.c +++ b/drivers/crypto/qce/ablkcipher.c @@ -189,7 +189,7 @@ static int qce_ablkcipher_setkey(struct crypto_ablkcipher *ablk, const u8 *key, memcpy(ctx->enc_key, key, keylen); return 0; fallback: - ret = crypto_skcipher_setkey(ctx->fallback, key, keylen); + ret = crypto_sync_skcipher_setkey(ctx->fallback, key, keylen); if (!ret) ctx->enc_keylen = keylen; return ret; @@ -212,9 +212,9 @@ static int qce_ablkcipher_crypt(struct ablkcipher_request *req, int encrypt) if (IS_AES(rctx->flags) && ctx->enc_keylen != AES_KEYSIZE_128 && ctx->enc_keylen != AES_KEYSIZE_256) { - SKCIPHER_REQUEST_ON_STACK(subreq, ctx->fallback); + SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->fallback); - skcipher_request_set_tfm(subreq, ctx->fallback); + skcipher_request_set_sync_tfm(subreq, ctx->fallback); skcipher_request_set_callback(subreq, req->base.flags, NULL, NULL); skcipher_request_set_crypt(subreq, req->src, req->dst, @@ -245,9 +245,8 @@ static int qce_ablkcipher_init(struct crypto_tfm *tfm) memset(ctx, 0, sizeof(*ctx)); tfm->crt_ablkcipher.reqsize = sizeof(struct qce_cipher_reqctx); - ctx->fallback = crypto_alloc_skcipher(crypto_tfm_alg_name(tfm), 0, - CRYPTO_ALG_ASYNC | - CRYPTO_ALG_NEED_FALLBACK); + ctx->fallback = crypto_alloc_sync_skcipher(crypto_tfm_alg_name(tfm), + 0, CRYPTO_ALG_NEED_FALLBACK); return PTR_ERR_OR_ZERO(ctx->fallback); } @@ -255,7 +254,7 @@ static void qce_ablkcipher_exit(struct crypto_tfm *tfm) { struct qce_cipher_ctx *ctx = crypto_tfm_ctx(tfm); - crypto_free_skcipher(ctx->fallback); + crypto_free_sync_skcipher(ctx->fallback); } struct qce_ablkcipher_def { diff --git a/drivers/crypto/qce/cipher.h b/drivers/crypto/qce/cipher.h index 2b0278bb6e92..ee055bfe98a0 100644 --- a/drivers/crypto/qce/cipher.h +++ b/drivers/crypto/qce/cipher.h @@ -22,7 +22,7 @@ struct qce_cipher_ctx { u8 enc_key[QCE_MAX_KEY_SIZE]; unsigned int enc_keylen; - struct crypto_skcipher *fallback; + struct crypto_sync_skcipher *fallback; }; /** -- 2.17.1