Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754690Ab2HTFCA (ORCPT ); Mon, 20 Aug 2012 01:02:00 -0400 Received: from ozlabs.org ([203.10.76.45]:34526 "EHLO ozlabs.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753313Ab2HTFBU (ORCPT ); Mon, 20 Aug 2012 01:01:20 -0400 From: Rusty Russell To: Dmitry Kasatkin , zohar@linux.vnet.ibm.com, jmorris@namei.org, dhowells@redhat.com, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [RFC v2 1/7] integrity: added digest calculation function In-Reply-To: References: User-Agent: Notmuch/0.12 (http://notmuchmail.org) Emacs/23.3.1 (i686-pc-linux-gnu) Date: Mon, 20 Aug 2012 12:29:33 +0930 Message-ID: <87628e5kve.fsf@rustcorp.com.au> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 773 Lines: 21 On Wed, 15 Aug 2012 21:43:06 +0300, Dmitry Kasatkin wrote: > + } else { > + struct { > + struct shash_desc shash; > + char ctx[crypto_shash_descsize(tfm)]; > + } desc; Linus had a rant a while ago about using variable-sized stack vars in the kernel (can't find a reference right now, sorry). The problem is that either you know there's a limit to crypto_shash_descsize(), in which case you can just use this here, or you don't know, in which case, this risks a stack oveflow. Cheers, Rusty. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/