From: Behan Webster <[email protected]>
Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
compliant equivalent. These patches allocate the appropriate amount of memory
using a char array using the SHASH_DESC_ON_STACK macro.
There are places in the kernel whose maintainers have previously taken our
patches to remove VLAIS from their crypto code. Once this patch set is accepted
into mainline, I'll go back and resubmit patches to these maintainers to use
this new macro so the same approach is used consistently in all places in the
kernel.
The LLVMLinux project aims to fully build the Linux kernel using both gcc and
clang (the C front end for the LLVM compiler infrastructure project).
Behan Webster (6):
crypto: LLVMLinux: Add macro to remove use of VLAIS in crypto code
crypto: LLVMLinux: Remove VLAIS from crypto/mv_cesa.c
crypto: LLVMLinux: Remove VLAIS from crypto/n2_core.c
crypto: LLVMLinux: Remove VLAIS from crypto/omap_sham.c
crypto: LLVMLinux: Remove VLAIS from crypto/.../qat_algs.c
security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.c
Jan-Simon Möller (5):
crypto: LLVMLinux: Remove VLAIS from crypto/ccp/ccp-crypto-sha.c
crypto, dm: LLVMLinux: Remove VLAIS usage from dm-crypt
crypto: LLVMLinux: Remove VLAIS usage from crypto/hmac.c
crypto: LLVMLinux: Remove VLAIS usage from libcrc32c.c
crypto: LLVMLinux: Remove VLAIS usage from crypto/testmgr.c
Vinícius Tinti (1):
btrfs: LLVMLinux: Remove VLAIS
crypto/hmac.c | 25 ++++++++---------
crypto/testmgr.c | 14 ++++------
drivers/crypto/ccp/ccp-crypto-sha.c | 13 ++++-----
drivers/crypto/mv_cesa.c | 41 ++++++++++++----------------
drivers/crypto/n2_core.c | 11 +++-----
drivers/crypto/omap-sham.c | 28 ++++++++-----------
drivers/crypto/qat/qat_common/qat_algs.c | 31 ++++++++++-----------
drivers/md/dm-crypt.c | 34 ++++++++++-------------
fs/btrfs/hash.c | 16 +++++------
include/crypto/hash.h | 5 ++++
lib/libcrc32c.c | 16 +++++------
security/integrity/ima/ima_crypto.c | 47 +++++++++++++-------------------
12 files changed, 122 insertions(+), 159 deletions(-)
--
1.9.1
From: Vinícius Tinti <[email protected]>
Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
compliant equivalent. This patch instead allocates the appropriate amount of
memory using a char array using the SHASH_DESC_ON_STACK macro.
The new code can be compiled with both gcc and clang.
Signed-off-by: Vinícius Tinti <[email protected]>
Reviewed-by: Jan-Simon Möller <[email protected]>
Reviewed-by: Mark Charlebois <[email protected]>
Signed-off-by: Behan Webster <[email protected]>
Acked-by: Chris Mason <[email protected]>
Acked-by: Herbert Xu <[email protected]>
Cc: "David S. Miller" <[email protected]>
---
fs/btrfs/hash.c | 16 +++++++---------
1 file changed, 7 insertions(+), 9 deletions(-)
diff --git a/fs/btrfs/hash.c b/fs/btrfs/hash.c
index 85889aa..4bf4d3a 100644
--- a/fs/btrfs/hash.c
+++ b/fs/btrfs/hash.c
@@ -33,18 +33,16 @@ void btrfs_hash_exit(void)
u32 btrfs_crc32c(u32 crc, const void *address, unsigned int length)
{
- struct {
- struct shash_desc shash;
- char ctx[crypto_shash_descsize(tfm)];
- } desc;
+ SHASH_DESC_ON_STACK(shash, tfm);
+ u32 *ctx = (u32 *)shash_desc_ctx(shash);
int err;
- desc.shash.tfm = tfm;
- desc.shash.flags = 0;
- *(u32 *)desc.ctx = crc;
+ shash->tfm = tfm;
+ shash->flags = 0;
+ *ctx = crc;
- err = crypto_shash_update(&desc.shash, address, length);
+ err = crypto_shash_update(shash, address, length);
BUG_ON(err);
- return *(u32 *)desc.ctx;
+ return *ctx;
}
--
1.9.1
From: Behan Webster <[email protected]>
Add a macro which replaces the use of a Variable Length Array In Struct (VLAIS)
with a C99 compliant equivalent. This macro instead allocates the appropriate
amount of memory using an char array.
The new code can be compiled with both gcc and clang.
struct shash_desc contains a flexible array member member ctx declared with
CRYPTO_MINALIGN_ATTR, so sizeof(struct shash_desc) aligns the beginning
of the array declared after struct shash_desc with long long.
No trailing padding is required because it is not a struct type that can
be used in an array.
The CRYPTO_MINALIGN_ATTR is required so that desc is aligned with long long
as would be the case for a struct containing a member with
CRYPTO_MINALIGN_ATTR.
If you want to get to the ctx at the end of the shash_desc as before you can do
so using shash_desc_ctx(shash)
Signed-off-by: Behan Webster <[email protected]>
Reviewed-by: Mark Charlebois <[email protected]>
Acked-by: Herbert Xu <[email protected]>
Cc: Michał Mirosław <[email protected]>
---
include/crypto/hash.h | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/include/crypto/hash.h b/include/crypto/hash.h
index a391955..74b13ec 100644
--- a/include/crypto/hash.h
+++ b/include/crypto/hash.h
@@ -58,6 +58,11 @@ struct shash_desc {
void *__ctx[] CRYPTO_MINALIGN_ATTR;
};
+#define SHASH_DESC_ON_STACK(shash, ctx) \
+ char __##shash##_desc[sizeof(struct shash_desc) + \
+ crypto_shash_descsize(ctx)] CRYPTO_MINALIGN_ATTR; \
+ struct shash_desc *shash = (struct shash_desc *)__##shash##_desc
+
struct shash_alg {
int (*init)(struct shash_desc *desc);
int (*update)(struct shash_desc *desc, const u8 *data,
--
1.9.1
From: Behan Webster <[email protected]>
Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
compliant equivalent. This patch allocates the appropriate amount of memory
using a char array using the SHASH_DESC_ON_STACK macro.
The new code can be compiled with both gcc and clang.
Signed-off-by: Behan Webster <[email protected]>
Reviewed-by: Mark Charlebois <[email protected]>
Reviewed-by: Jan-Simon Möller <[email protected]>
Acked-by: Herbert Xu <[email protected]>
---
drivers/crypto/mv_cesa.c | 41 ++++++++++++++++++-----------------------
1 file changed, 18 insertions(+), 23 deletions(-)
diff --git a/drivers/crypto/mv_cesa.c b/drivers/crypto/mv_cesa.c
index 29d0ee5..032c72c 100644
--- a/drivers/crypto/mv_cesa.c
+++ b/drivers/crypto/mv_cesa.c
@@ -402,26 +402,23 @@ static int mv_hash_final_fallback(struct ahash_request *req)
{
const struct mv_tfm_hash_ctx *tfm_ctx = crypto_tfm_ctx(req->base.tfm);
struct mv_req_hash_ctx *req_ctx = ahash_request_ctx(req);
- struct {
- struct shash_desc shash;
- char ctx[crypto_shash_descsize(tfm_ctx->fallback)];
- } desc;
+ SHASH_DESC_ON_STACK(shash, tfm_ctx->fallback);
int rc;
- desc.shash.tfm = tfm_ctx->fallback;
- desc.shash.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
+ shash->tfm = tfm_ctx->fallback;
+ shash->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
if (unlikely(req_ctx->first_hash)) {
- crypto_shash_init(&desc.shash);
- crypto_shash_update(&desc.shash, req_ctx->buffer,
+ crypto_shash_init(shash);
+ crypto_shash_update(shash, req_ctx->buffer,
req_ctx->extra_bytes);
} else {
/* only SHA1 for now....
*/
- rc = mv_hash_import_sha1_ctx(req_ctx, &desc.shash);
+ rc = mv_hash_import_sha1_ctx(req_ctx, shash);
if (rc)
goto out;
}
- rc = crypto_shash_final(&desc.shash, req->result);
+ rc = crypto_shash_final(shash, req->result);
out:
return rc;
}
@@ -794,23 +791,21 @@ static int mv_hash_setkey(struct crypto_ahash *tfm, const u8 * key,
ss = crypto_shash_statesize(ctx->base_hash);
{
- struct {
- struct shash_desc shash;
- char ctx[crypto_shash_descsize(ctx->base_hash)];
- } desc;
+ SHASH_DESC_ON_STACK(shash, ctx->base_hash);
+
unsigned int i;
char ipad[ss];
char opad[ss];
- desc.shash.tfm = ctx->base_hash;
- desc.shash.flags = crypto_shash_get_flags(ctx->base_hash) &
+ shash->tfm = ctx->base_hash;
+ shash->flags = crypto_shash_get_flags(ctx->base_hash) &
CRYPTO_TFM_REQ_MAY_SLEEP;
if (keylen > bs) {
int err;
err =
- crypto_shash_digest(&desc.shash, key, keylen, ipad);
+ crypto_shash_digest(shash, key, keylen, ipad);
if (err)
return err;
@@ -826,12 +821,12 @@ static int mv_hash_setkey(struct crypto_ahash *tfm, const u8 * key,
opad[i] ^= 0x5c;
}
- rc = crypto_shash_init(&desc.shash) ? :
- crypto_shash_update(&desc.shash, ipad, bs) ? :
- crypto_shash_export(&desc.shash, ipad) ? :
- crypto_shash_init(&desc.shash) ? :
- crypto_shash_update(&desc.shash, opad, bs) ? :
- crypto_shash_export(&desc.shash, opad);
+ rc = crypto_shash_init(shash) ? :
+ crypto_shash_update(shash, ipad, bs) ? :
+ crypto_shash_export(shash, ipad) ? :
+ crypto_shash_init(shash) ? :
+ crypto_shash_update(shash, opad, bs) ? :
+ crypto_shash_export(shash, opad);
if (rc == 0)
mv_hash_init_ivs(ctx, ipad, opad);
--
1.9.1
From: Jan-Simon Möller <[email protected]>
Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
compliant equivalent. This patch allocates the appropriate amount of memory
using a char array using the SHASH_DESC_ON_STACK macro.
The new code can be compiled with both gcc and clang.
Signed-off-by: Jan-Simon Möller <[email protected]>
Signed-off-by: Behan Webster <[email protected]>
Reviewed-by: Mark Charlebois <[email protected]>
Acked-by: Herbert Xu <[email protected]>
Cc: [email protected]
Cc: "David S. Miller" <[email protected]>
---
lib/libcrc32c.c | 16 +++++++---------
1 file changed, 7 insertions(+), 9 deletions(-)
diff --git a/lib/libcrc32c.c b/lib/libcrc32c.c
index b3131f5..6a08ce7 100644
--- a/lib/libcrc32c.c
+++ b/lib/libcrc32c.c
@@ -41,20 +41,18 @@ static struct crypto_shash *tfm;
u32 crc32c(u32 crc, const void *address, unsigned int length)
{
- struct {
- struct shash_desc shash;
- char ctx[crypto_shash_descsize(tfm)];
- } desc;
+ SHASH_DESC_ON_STACK(shash, tfm);
+ u32 *ctx = (u32 *)shash_desc_ctx(shash);
int err;
- desc.shash.tfm = tfm;
- desc.shash.flags = 0;
- *(u32 *)desc.ctx = crc;
+ shash->tfm = tfm;
+ shash->flags = 0;
+ *ctx = crc;
- err = crypto_shash_update(&desc.shash, address, length);
+ err = crypto_shash_update(shash, address, length);
BUG_ON(err);
- return *(u32 *)desc.ctx;
+ return *ctx;
}
EXPORT_SYMBOL(crc32c);
--
1.9.1
From: Jan-Simon Möller <[email protected]>
Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
compliant equivalent. This patch allocates the appropriate amount of memory
using a char array using the SHASH_DESC_ON_STACK macro.
The new code can be compiled with both gcc and clang.
Signed-off-by: Jan-Simon Möller <[email protected]>
Signed-off-by: Behan Webster <[email protected]>
Reviewed-by: Mark Charlebois <[email protected]>
Acked-by: Herbert Xu <[email protected]>
Cc: [email protected]
---
crypto/testmgr.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index ac2b631..b959c0c 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -1714,16 +1714,14 @@ static int alg_test_crc32c(const struct alg_test_desc *desc,
}
do {
- struct {
- struct shash_desc shash;
- char ctx[crypto_shash_descsize(tfm)];
- } sdesc;
+ SHASH_DESC_ON_STACK(shash, tfm);
+ u32 *ctx = (u32 *)shash_desc_ctx(shash);
- sdesc.shash.tfm = tfm;
- sdesc.shash.flags = 0;
+ shash->tfm = tfm;
+ shash->flags = 0;
- *(u32 *)sdesc.ctx = le32_to_cpu(420553207);
- err = crypto_shash_final(&sdesc.shash, (u8 *)&val);
+ *ctx = le32_to_cpu(420553207);
+ err = crypto_shash_final(shash, (u8 *)&val);
if (err) {
printk(KERN_ERR "alg: crc32c: Operation failed for "
"%s: %d\n", driver, err);
--
1.9.1
From: Behan Webster <[email protected]>
Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
compliant equivalent. This patch allocates the appropriate amount of memory
using a char array using the SHASH_DESC_ON_STACK macro.
The new code can be compiled with both gcc and clang.
Signed-off-by: Behan Webster <[email protected]>
Reviewed-by: Mark Charlebois <[email protected]>
Reviewed-by: Jan-Simon Möller <[email protected]>
Acked-by: Herbert Xu <[email protected]>
Cc: [email protected]
---
security/integrity/ima/ima_crypto.c | 47 +++++++++++++++----------------------
1 file changed, 19 insertions(+), 28 deletions(-)
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
index 0bd7328..e35f5d9 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security/integrity/ima/ima_crypto.c
@@ -380,17 +380,14 @@ static int ima_calc_file_hash_tfm(struct file *file,
loff_t i_size, offset = 0;
char *rbuf;
int rc, read = 0;
- struct {
- struct shash_desc shash;
- char ctx[crypto_shash_descsize(tfm)];
- } desc;
+ SHASH_DESC_ON_STACK(shash, tfm);
- desc.shash.tfm = tfm;
- desc.shash.flags = 0;
+ shash->tfm = tfm;
+ shash->flags = 0;
hash->length = crypto_shash_digestsize(tfm);
- rc = crypto_shash_init(&desc.shash);
+ rc = crypto_shash_init(shash);
if (rc != 0)
return rc;
@@ -420,7 +417,7 @@ static int ima_calc_file_hash_tfm(struct file *file,
break;
offset += rbuf_len;
- rc = crypto_shash_update(&desc.shash, rbuf, rbuf_len);
+ rc = crypto_shash_update(shash, rbuf, rbuf_len);
if (rc)
break;
}
@@ -429,7 +426,7 @@ static int ima_calc_file_hash_tfm(struct file *file,
kfree(rbuf);
out:
if (!rc)
- rc = crypto_shash_final(&desc.shash, hash->digest);
+ rc = crypto_shash_final(shash, hash->digest);
return rc;
}
@@ -487,18 +484,15 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
struct ima_digest_data *hash,
struct crypto_shash *tfm)
{
- struct {
- struct shash_desc shash;
- char ctx[crypto_shash_descsize(tfm)];
- } desc;
+ SHASH_DESC_ON_STACK(shash, tfm);
int rc, i;
- desc.shash.tfm = tfm;
- desc.shash.flags = 0;
+ shash->tfm = tfm;
+ shash->flags = 0;
hash->length = crypto_shash_digestsize(tfm);
- rc = crypto_shash_init(&desc.shash);
+ rc = crypto_shash_init(shash);
if (rc != 0)
return rc;
@@ -508,7 +502,7 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
u32 datalen = field_data[i].len;
if (strcmp(td->name, IMA_TEMPLATE_IMA_NAME) != 0) {
- rc = crypto_shash_update(&desc.shash,
+ rc = crypto_shash_update(shash,
(const u8 *) &field_data[i].len,
sizeof(field_data[i].len));
if (rc)
@@ -518,13 +512,13 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
data_to_hash = buffer;
datalen = IMA_EVENT_NAME_LEN_MAX + 1;
}
- rc = crypto_shash_update(&desc.shash, data_to_hash, datalen);
+ rc = crypto_shash_update(shash, data_to_hash, datalen);
if (rc)
break;
}
if (!rc)
- rc = crypto_shash_final(&desc.shash, hash->digest);
+ rc = crypto_shash_final(shash, hash->digest);
return rc;
}
@@ -565,15 +559,12 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest,
{
u8 pcr_i[TPM_DIGEST_SIZE];
int rc, i;
- struct {
- struct shash_desc shash;
- char ctx[crypto_shash_descsize(tfm)];
- } desc;
+ SHASH_DESC_ON_STACK(shash, tfm);
- desc.shash.tfm = tfm;
- desc.shash.flags = 0;
+ shash->tfm = tfm;
+ shash->flags = 0;
- rc = crypto_shash_init(&desc.shash);
+ rc = crypto_shash_init(shash);
if (rc != 0)
return rc;
@@ -581,10 +572,10 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest,
for (i = TPM_PCR0; i < TPM_PCR8; i++) {
ima_pcrread(i, pcr_i);
/* now accumulate with current aggregate */
- rc = crypto_shash_update(&desc.shash, pcr_i, TPM_DIGEST_SIZE);
+ rc = crypto_shash_update(shash, pcr_i, TPM_DIGEST_SIZE);
}
if (!rc)
- crypto_shash_final(&desc.shash, digest);
+ crypto_shash_final(shash, digest);
return rc;
}
--
1.9.1
From: Jan-Simon Möller <[email protected]>
Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
compliant equivalent. This patch allocates the appropriate amount of memory
using a char array using the SHASH_DESC_ON_STACK macro.
The new code can be compiled with both gcc and clang.
Signed-off-by: Jan-Simon Möller <[email protected]>
Signed-off-by: Behan Webster <[email protected]>
Reviewed-by: Mark Charlebois <[email protected]>
Acked-by: Herbert Xu <[email protected]>
---
drivers/crypto/ccp/ccp-crypto-sha.c | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/ccp/ccp-crypto-sha.c b/drivers/crypto/ccp/ccp-crypto-sha.c
index 873f234..9653157 100644
--- a/drivers/crypto/ccp/ccp-crypto-sha.c
+++ b/drivers/crypto/ccp/ccp-crypto-sha.c
@@ -198,10 +198,9 @@ static int ccp_sha_setkey(struct crypto_ahash *tfm, const u8 *key,
{
struct ccp_ctx *ctx = crypto_tfm_ctx(crypto_ahash_tfm(tfm));
struct crypto_shash *shash = ctx->u.sha.hmac_tfm;
- struct {
- struct shash_desc sdesc;
- char ctx[crypto_shash_descsize(shash)];
- } desc;
+
+ SHASH_DESC_ON_STACK(sdesc, shash);
+
unsigned int block_size = crypto_shash_blocksize(shash);
unsigned int digest_size = crypto_shash_digestsize(shash);
int i, ret;
@@ -216,11 +215,11 @@ static int ccp_sha_setkey(struct crypto_ahash *tfm, const u8 *key,
if (key_len > block_size) {
/* Must hash the input key */
- desc.sdesc.tfm = shash;
- desc.sdesc.flags = crypto_ahash_get_flags(tfm) &
+ sdesc->tfm = shash;
+ sdesc->flags = crypto_ahash_get_flags(tfm) &
CRYPTO_TFM_REQ_MAY_SLEEP;
- ret = crypto_shash_digest(&desc.sdesc, key, key_len,
+ ret = crypto_shash_digest(sdesc, key, key_len,
ctx->u.sha.key);
if (ret) {
crypto_ahash_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
--
1.9.1
From: Behan Webster <[email protected]>
Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
compliant equivalent. This patch allocates the appropriate amount of memory
using a char array using the SHASH_DESC_ON_STACK macro.
The new code can be compiled with both gcc and clang.
Signed-off-by: Behan Webster <[email protected]>
Reviewed-by: Mark Charlebois <[email protected]>
Reviewed-by: Jan-Simon Möller <[email protected]>
Acked-by: Herbert Xu <[email protected]>
---
drivers/crypto/n2_core.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/n2_core.c b/drivers/crypto/n2_core.c
index 7263c10..f8e3207 100644
--- a/drivers/crypto/n2_core.c
+++ b/drivers/crypto/n2_core.c
@@ -445,10 +445,7 @@ static int n2_hmac_async_setkey(struct crypto_ahash *tfm, const u8 *key,
struct n2_hmac_ctx *ctx = crypto_ahash_ctx(tfm);
struct crypto_shash *child_shash = ctx->child_shash;
struct crypto_ahash *fallback_tfm;
- struct {
- struct shash_desc shash;
- char ctx[crypto_shash_descsize(child_shash)];
- } desc;
+ SHASH_DESC_ON_STACK(shash, child_shash);
int err, bs, ds;
fallback_tfm = ctx->base.fallback_tfm;
@@ -456,15 +453,15 @@ static int n2_hmac_async_setkey(struct crypto_ahash *tfm, const u8 *key,
if (err)
return err;
- desc.shash.tfm = child_shash;
- desc.shash.flags = crypto_ahash_get_flags(tfm) &
+ shash->tfm = child_shash;
+ shash->flags = crypto_ahash_get_flags(tfm) &
CRYPTO_TFM_REQ_MAY_SLEEP;
bs = crypto_shash_blocksize(child_shash);
ds = crypto_shash_digestsize(child_shash);
BUG_ON(ds > N2_HASH_KEY_MAX);
if (keylen > bs) {
- err = crypto_shash_digest(&desc.shash, key, keylen,
+ err = crypto_shash_digest(shash, key, keylen,
ctx->hash_key);
if (err)
return err;
--
1.9.1
--
dm-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/dm-devel
From: Behan Webster <[email protected]>
Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
compliant equivalent. This patch allocates the appropriate amount of memory
using a char array using the SHASH_DESC_ON_STACK macro.
The new code can be compiled with both gcc and clang.
Signed-off-by: Behan Webster <[email protected]>
Reviewed-by: Mark Charlebois <[email protected]>
Reviewed-by: Jan-Simon Möller <[email protected]>
Acked-by: Herbert Xu <[email protected]>
---
drivers/crypto/omap-sham.c | 28 +++++++++++-----------------
1 file changed, 11 insertions(+), 17 deletions(-)
diff --git a/drivers/crypto/omap-sham.c b/drivers/crypto/omap-sham.c
index 710d863..24ef489 100644
--- a/drivers/crypto/omap-sham.c
+++ b/drivers/crypto/omap-sham.c
@@ -949,17 +949,14 @@ static int omap_sham_finish_hmac(struct ahash_request *req)
struct omap_sham_hmac_ctx *bctx = tctx->base;
int bs = crypto_shash_blocksize(bctx->shash);
int ds = crypto_shash_digestsize(bctx->shash);
- struct {
- struct shash_desc shash;
- char ctx[crypto_shash_descsize(bctx->shash)];
- } desc;
+ SHASH_DESC_ON_STACK(shash, bctx->shash);
- desc.shash.tfm = bctx->shash;
- desc.shash.flags = 0; /* not CRYPTO_TFM_REQ_MAY_SLEEP */
+ shash->tfm = bctx->shash;
+ shash->flags = 0; /* not CRYPTO_TFM_REQ_MAY_SLEEP */
- return crypto_shash_init(&desc.shash) ?:
- crypto_shash_update(&desc.shash, bctx->opad, bs) ?:
- crypto_shash_finup(&desc.shash, req->result, ds, req->result);
+ return crypto_shash_init(shash) ?:
+ crypto_shash_update(shash, bctx->opad, bs) ?:
+ crypto_shash_finup(shash, req->result, ds, req->result);
}
static int omap_sham_finish(struct ahash_request *req)
@@ -1118,18 +1115,15 @@ static int omap_sham_update(struct ahash_request *req)
return omap_sham_enqueue(req, OP_UPDATE);
}
-static int omap_sham_shash_digest(struct crypto_shash *shash, u32 flags,
+static int omap_sham_shash_digest(struct crypto_shash *tfm, u32 flags,
const u8 *data, unsigned int len, u8 *out)
{
- struct {
- struct shash_desc shash;
- char ctx[crypto_shash_descsize(shash)];
- } desc;
+ SHASH_DESC_ON_STACK(shash, tfm);
- desc.shash.tfm = shash;
- desc.shash.flags = flags & CRYPTO_TFM_REQ_MAY_SLEEP;
+ shash->tfm = tfm;
+ shash->flags = flags & CRYPTO_TFM_REQ_MAY_SLEEP;
- return crypto_shash_digest(&desc.shash, data, len, out);
+ return crypto_shash_digest(shash, data, len, out);
}
static int omap_sham_final_shash(struct ahash_request *req)
--
1.9.1
--
dm-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/dm-devel
From: Behan Webster <[email protected]>
Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
compliant equivalent. This patch allocates the appropriate amount of memory
using a char array using the SHASH_DESC_ON_STACK macro.
The new code can be compiled with both gcc and clang.
Signed-off-by: Behan Webster <[email protected]>
Reviewed-by: Mark Charlebois <[email protected]>
Reviewed-by: Jan-Simon Möller <[email protected]>
Acked-by: Herbert Xu <[email protected]>
---
drivers/crypto/qat/qat_common/qat_algs.c | 31 ++++++++++++++-----------------
1 file changed, 14 insertions(+), 17 deletions(-)
diff --git a/drivers/crypto/qat/qat_common/qat_algs.c b/drivers/crypto/qat/qat_common/qat_algs.c
index 59df488..9cabadd 100644
--- a/drivers/crypto/qat/qat_common/qat_algs.c
+++ b/drivers/crypto/qat/qat_common/qat_algs.c
@@ -152,10 +152,7 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash,
const uint8_t *auth_key,
unsigned int auth_keylen, uint8_t *auth_state)
{
- struct {
- struct shash_desc shash;
- char ctx[crypto_shash_descsize(ctx->hash_tfm)];
- } desc;
+ SHASH_DESC_ON_STACK(shash, ctx->hash_tfm);
struct sha1_state sha1;
struct sha256_state sha256;
struct sha512_state sha512;
@@ -167,12 +164,12 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash,
__be64 *hash512_state_out;
int i, offset;
- desc.shash.tfm = ctx->hash_tfm;
- desc.shash.flags = 0x0;
+ shash->tfm = ctx->hash_tfm;
+ shash->flags = 0x0;
if (auth_keylen > block_size) {
char buff[SHA512_BLOCK_SIZE];
- int ret = crypto_shash_digest(&desc.shash, auth_key,
+ int ret = crypto_shash_digest(shash, auth_key,
auth_keylen, buff);
if (ret)
return ret;
@@ -195,10 +192,10 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash,
*opad_ptr ^= 0x5C;
}
- if (crypto_shash_init(&desc.shash))
+ if (crypto_shash_init(shash))
return -EFAULT;
- if (crypto_shash_update(&desc.shash, ipad, block_size))
+ if (crypto_shash_update(shash, ipad, block_size))
return -EFAULT;
hash_state_out = (__be32 *)hash->sha.state1;
@@ -206,19 +203,19 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash,
switch (ctx->qat_hash_alg) {
case ICP_QAT_HW_AUTH_ALGO_SHA1:
- if (crypto_shash_export(&desc.shash, &sha1))
+ if (crypto_shash_export(shash, &sha1))
return -EFAULT;
for (i = 0; i < digest_size >> 2; i++, hash_state_out++)
*hash_state_out = cpu_to_be32(*(sha1.state + i));
break;
case ICP_QAT_HW_AUTH_ALGO_SHA256:
- if (crypto_shash_export(&desc.shash, &sha256))
+ if (crypto_shash_export(shash, &sha256))
return -EFAULT;
for (i = 0; i < digest_size >> 2; i++, hash_state_out++)
*hash_state_out = cpu_to_be32(*(sha256.state + i));
break;
case ICP_QAT_HW_AUTH_ALGO_SHA512:
- if (crypto_shash_export(&desc.shash, &sha512))
+ if (crypto_shash_export(shash, &sha512))
return -EFAULT;
for (i = 0; i < digest_size >> 3; i++, hash512_state_out++)
*hash512_state_out = cpu_to_be64(*(sha512.state + i));
@@ -227,10 +224,10 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash,
return -EFAULT;
}
- if (crypto_shash_init(&desc.shash))
+ if (crypto_shash_init(shash))
return -EFAULT;
- if (crypto_shash_update(&desc.shash, opad, block_size))
+ if (crypto_shash_update(shash, opad, block_size))
return -EFAULT;
offset = round_up(qat_get_inter_state_size(ctx->qat_hash_alg), 8);
@@ -239,19 +236,19 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash,
switch (ctx->qat_hash_alg) {
case ICP_QAT_HW_AUTH_ALGO_SHA1:
- if (crypto_shash_export(&desc.shash, &sha1))
+ if (crypto_shash_export(shash, &sha1))
return -EFAULT;
for (i = 0; i < digest_size >> 2; i++, hash_state_out++)
*hash_state_out = cpu_to_be32(*(sha1.state + i));
break;
case ICP_QAT_HW_AUTH_ALGO_SHA256:
- if (crypto_shash_export(&desc.shash, &sha256))
+ if (crypto_shash_export(shash, &sha256))
return -EFAULT;
for (i = 0; i < digest_size >> 2; i++, hash_state_out++)
*hash_state_out = cpu_to_be32(*(sha256.state + i));
break;
case ICP_QAT_HW_AUTH_ALGO_SHA512:
- if (crypto_shash_export(&desc.shash, &sha512))
+ if (crypto_shash_export(shash, &sha512))
return -EFAULT;
for (i = 0; i < digest_size >> 3; i++, hash512_state_out++)
*hash512_state_out = cpu_to_be64(*(sha512.state + i));
--
1.9.1
--
dm-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/dm-devel
From: Jan-Simon Möller <[email protected]>
Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
compliant equivalent. This patch allocates the appropriate amount of memory
using a char array using the SHASH_DESC_ON_STACK macro.
The new code can be compiled with both gcc and clang.
Signed-off-by: Jan-Simon Möller <[email protected]>
Signed-off-by: Behan Webster <[email protected]>
Reviewed-by: Mark Charlebois <[email protected]>
Acked-by: Herbert Xu <[email protected]>
Cc: [email protected]
---
crypto/hmac.c | 25 +++++++++++--------------
1 file changed, 11 insertions(+), 14 deletions(-)
diff --git a/crypto/hmac.c b/crypto/hmac.c
index 8d9544c..e392219 100644
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@@ -52,20 +52,17 @@ static int hmac_setkey(struct crypto_shash *parent,
struct hmac_ctx *ctx = align_ptr(opad + ss,
crypto_tfm_ctx_alignment());
struct crypto_shash *hash = ctx->hash;
- struct {
- struct shash_desc shash;
- char ctx[crypto_shash_descsize(hash)];
- } desc;
+ SHASH_DESC_ON_STACK(shash, hash);
unsigned int i;
- desc.shash.tfm = hash;
- desc.shash.flags = crypto_shash_get_flags(parent) &
- CRYPTO_TFM_REQ_MAY_SLEEP;
+ shash->tfm = hash;
+ shash->flags = crypto_shash_get_flags(parent)
+ & CRYPTO_TFM_REQ_MAY_SLEEP;
if (keylen > bs) {
int err;
- err = crypto_shash_digest(&desc.shash, inkey, keylen, ipad);
+ err = crypto_shash_digest(shash, inkey, keylen, ipad);
if (err)
return err;
@@ -81,12 +78,12 @@ static int hmac_setkey(struct crypto_shash *parent,
opad[i] ^= 0x5c;
}
- return crypto_shash_init(&desc.shash) ?:
- crypto_shash_update(&desc.shash, ipad, bs) ?:
- crypto_shash_export(&desc.shash, ipad) ?:
- crypto_shash_init(&desc.shash) ?:
- crypto_shash_update(&desc.shash, opad, bs) ?:
- crypto_shash_export(&desc.shash, opad);
+ return crypto_shash_init(shash) ?:
+ crypto_shash_update(shash, ipad, bs) ?:
+ crypto_shash_export(shash, ipad) ?:
+ crypto_shash_init(shash) ?:
+ crypto_shash_update(shash, opad, bs) ?:
+ crypto_shash_export(shash, opad);
}
static int hmac_export(struct shash_desc *pdesc, void *out)
--
1.9.1
--
dm-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/dm-devel
From: Jan-Simon Möller <[email protected]>
Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
compliant equivalent. This patch allocates the appropriate amount of memory
using a char array using the SHASH_DESC_ON_STACK macro.
The new code can be compiled with both gcc and clang.
Signed-off-by: Jan-Simon Möller <[email protected]>
Signed-off-by: Behan Webster <[email protected]>
Reviewed-by: Mark Charlebois <[email protected]>
Acked-by: Herbert Xu <[email protected]>
Cc: [email protected]
Cc: [email protected]
Cc: "David S. Miller" <[email protected]>
---
drivers/md/dm-crypt.c | 34 ++++++++++++++--------------------
1 file changed, 14 insertions(+), 20 deletions(-)
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index cd15e08..fc93b93 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -526,29 +526,26 @@ static int crypt_iv_lmk_one(struct crypt_config *cc, u8 *iv,
u8 *data)
{
struct iv_lmk_private *lmk = &cc->iv_gen_private.lmk;
- struct {
- struct shash_desc desc;
- char ctx[crypto_shash_descsize(lmk->hash_tfm)];
- } sdesc;
+ SHASH_DESC_ON_STACK(desc, lmk->hash_tfm);
struct md5_state md5state;
__le32 buf[4];
int i, r;
- sdesc.desc.tfm = lmk->hash_tfm;
- sdesc.desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
+ desc->tfm = lmk->hash_tfm;
+ desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
- r = crypto_shash_init(&sdesc.desc);
+ r = crypto_shash_init(desc);
if (r)
return r;
if (lmk->seed) {
- r = crypto_shash_update(&sdesc.desc, lmk->seed, LMK_SEED_SIZE);
+ r = crypto_shash_update(desc, lmk->seed, LMK_SEED_SIZE);
if (r)
return r;
}
/* Sector is always 512B, block size 16, add data of blocks 1-31 */
- r = crypto_shash_update(&sdesc.desc, data + 16, 16 * 31);
+ r = crypto_shash_update(desc, data + 16, 16 * 31);
if (r)
return r;
@@ -557,12 +554,12 @@ static int crypt_iv_lmk_one(struct crypt_config *cc, u8 *iv,
buf[1] = cpu_to_le32((((u64)dmreq->iv_sector >> 32) & 0x00FFFFFF) | 0x80000000);
buf[2] = cpu_to_le32(4024);
buf[3] = 0;
- r = crypto_shash_update(&sdesc.desc, (u8 *)buf, sizeof(buf));
+ r = crypto_shash_update(desc, (u8 *)buf, sizeof(buf));
if (r)
return r;
/* No MD5 padding here */
- r = crypto_shash_export(&sdesc.desc, &md5state);
+ r = crypto_shash_export(desc, &md5state);
if (r)
return r;
@@ -679,10 +676,7 @@ static int crypt_iv_tcw_whitening(struct crypt_config *cc,
struct iv_tcw_private *tcw = &cc->iv_gen_private.tcw;
u64 sector = cpu_to_le64((u64)dmreq->iv_sector);
u8 buf[TCW_WHITENING_SIZE];
- struct {
- struct shash_desc desc;
- char ctx[crypto_shash_descsize(tcw->crc32_tfm)];
- } sdesc;
+ SHASH_DESC_ON_STACK(desc, tcw->crc32_tfm);
int i, r;
/* xor whitening with sector number */
@@ -691,16 +685,16 @@ static int crypt_iv_tcw_whitening(struct crypt_config *cc,
crypto_xor(&buf[8], (u8 *)§or, 8);
/* calculate crc32 for every 32bit part and xor it */
- sdesc.desc.tfm = tcw->crc32_tfm;
- sdesc.desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
+ desc->tfm = tcw->crc32_tfm;
+ desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
for (i = 0; i < 4; i++) {
- r = crypto_shash_init(&sdesc.desc);
+ r = crypto_shash_init(desc);
if (r)
goto out;
- r = crypto_shash_update(&sdesc.desc, &buf[i * 4], 4);
+ r = crypto_shash_update(desc, &buf[i * 4], 4);
if (r)
goto out;
- r = crypto_shash_final(&sdesc.desc, &buf[i * 4]);
+ r = crypto_shash_final(desc, &buf[i * 4]);
if (r)
goto out;
}
--
1.9.1
--
dm-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/dm-devel
On 23/09/14 07:42, [email protected] wrote:
> From: Behan Webster <[email protected]>
>
> Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
> compliant equivalent. This patch allocates the appropriate amount of memory
> using a char array using the SHASH_DESC_ON_STACK macro.
>
> The new code can be compiled with both gcc and clang.
>
> Signed-off-by: Behan Webster <[email protected]>
> Reviewed-by: Mark Charlebois <[email protected]>
> Reviewed-by: Jan-Simon Möller <[email protected]>
> Acked-by: Herbert Xu <[email protected]>
> Cc: [email protected]
Looks good. Thanks.
Acked-by: Dmitry Kasatkin <[email protected]>
> ---
> security/integrity/ima/ima_crypto.c | 47 +++++++++++++++----------------------
> 1 file changed, 19 insertions(+), 28 deletions(-)
>
> diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
> index 0bd7328..e35f5d9 100644
> --- a/security/integrity/ima/ima_crypto.c
> +++ b/security/integrity/ima/ima_crypto.c
> @@ -380,17 +380,14 @@ static int ima_calc_file_hash_tfm(struct file *file,
> loff_t i_size, offset = 0;
> char *rbuf;
> int rc, read = 0;
> - struct {
> - struct shash_desc shash;
> - char ctx[crypto_shash_descsize(tfm)];
> - } desc;
> + SHASH_DESC_ON_STACK(shash, tfm);
>
> - desc.shash.tfm = tfm;
> - desc.shash.flags = 0;
> + shash->tfm = tfm;
> + shash->flags = 0;
>
> hash->length = crypto_shash_digestsize(tfm);
>
> - rc = crypto_shash_init(&desc.shash);
> + rc = crypto_shash_init(shash);
> if (rc != 0)
> return rc;
>
> @@ -420,7 +417,7 @@ static int ima_calc_file_hash_tfm(struct file *file,
> break;
> offset += rbuf_len;
>
> - rc = crypto_shash_update(&desc.shash, rbuf, rbuf_len);
> + rc = crypto_shash_update(shash, rbuf, rbuf_len);
> if (rc)
> break;
> }
> @@ -429,7 +426,7 @@ static int ima_calc_file_hash_tfm(struct file *file,
> kfree(rbuf);
> out:
> if (!rc)
> - rc = crypto_shash_final(&desc.shash, hash->digest);
> + rc = crypto_shash_final(shash, hash->digest);
> return rc;
> }
>
> @@ -487,18 +484,15 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
> struct ima_digest_data *hash,
> struct crypto_shash *tfm)
> {
> - struct {
> - struct shash_desc shash;
> - char ctx[crypto_shash_descsize(tfm)];
> - } desc;
> + SHASH_DESC_ON_STACK(shash, tfm);
> int rc, i;
>
> - desc.shash.tfm = tfm;
> - desc.shash.flags = 0;
> + shash->tfm = tfm;
> + shash->flags = 0;
>
> hash->length = crypto_shash_digestsize(tfm);
>
> - rc = crypto_shash_init(&desc.shash);
> + rc = crypto_shash_init(shash);
> if (rc != 0)
> return rc;
>
> @@ -508,7 +502,7 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
> u32 datalen = field_data[i].len;
>
> if (strcmp(td->name, IMA_TEMPLATE_IMA_NAME) != 0) {
> - rc = crypto_shash_update(&desc.shash,
> + rc = crypto_shash_update(shash,
> (const u8 *) &field_data[i].len,
> sizeof(field_data[i].len));
> if (rc)
> @@ -518,13 +512,13 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
> data_to_hash = buffer;
> datalen = IMA_EVENT_NAME_LEN_MAX + 1;
> }
> - rc = crypto_shash_update(&desc.shash, data_to_hash, datalen);
> + rc = crypto_shash_update(shash, data_to_hash, datalen);
> if (rc)
> break;
> }
>
> if (!rc)
> - rc = crypto_shash_final(&desc.shash, hash->digest);
> + rc = crypto_shash_final(shash, hash->digest);
>
> return rc;
> }
> @@ -565,15 +559,12 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest,
> {
> u8 pcr_i[TPM_DIGEST_SIZE];
> int rc, i;
> - struct {
> - struct shash_desc shash;
> - char ctx[crypto_shash_descsize(tfm)];
> - } desc;
> + SHASH_DESC_ON_STACK(shash, tfm);
>
> - desc.shash.tfm = tfm;
> - desc.shash.flags = 0;
> + shash->tfm = tfm;
> + shash->flags = 0;
>
> - rc = crypto_shash_init(&desc.shash);
> + rc = crypto_shash_init(shash);
> if (rc != 0)
> return rc;
>
> @@ -581,10 +572,10 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest,
> for (i = TPM_PCR0; i < TPM_PCR8; i++) {
> ima_pcrread(i, pcr_i);
> /* now accumulate with current aggregate */
> - rc = crypto_shash_update(&desc.shash, pcr_i, TPM_DIGEST_SIZE);
> + rc = crypto_shash_update(shash, pcr_i, TPM_DIGEST_SIZE);
> }
> if (!rc)
> - crypto_shash_final(&desc.shash, digest);
> + crypto_shash_final(shash, digest);
> return rc;
> }
>