2012-08-16 21:20:55

by Kasatkin, Dmitry

[permalink] [raw]
Subject: on stack dynamic allocations

Hello,

Some places in the code uses variable-size allocation on stack..
For example from hmac_setkey():

struct {
struct shash_desc shash;
char ctx[crypto_shash_descsize(hash)];
} desc;


sparse complains

CHECK crypto/hmac.c
crypto/hmac.c:57:47: error: bad constant expression

I like it instead of kmalloc..

But what is position of kernel community about it?

- Dmitry


2012-08-16 21:30:57

by David Daney

[permalink] [raw]
Subject: Re: on stack dynamic allocations

On 08/16/2012 02:20 PM, Kasatkin, Dmitry wrote:
> Hello,
>
> Some places in the code uses variable-size allocation on stack..
> For example from hmac_setkey():
>
> struct {
> struct shash_desc shash;
> char ctx[crypto_shash_descsize(hash)];
> } desc;
>
>
> sparse complains
>
> CHECK crypto/hmac.c
> crypto/hmac.c:57:47: error: bad constant expression
>
> I like it instead of kmalloc..
>
> But what is position of kernel community about it?

If you know that the range of crypto_shash_descsize(hash) is bounded,
just use the upper bound.

If the range of crypto_shash_descsize(hash) is unbounded, then the stack
will overflow and ... BOOM!

David Daney




2012-08-17 08:18:26

by Jussi Kivilinna

[permalink] [raw]
Subject: Re: on stack dynamic allocations

Quoting David Daney <[email protected]>:

> On 08/16/2012 02:20 PM, Kasatkin, Dmitry wrote:
>> Hello,
>>
>> Some places in the code uses variable-size allocation on stack..
>> For example from hmac_setkey():
>>
>> struct {
>> struct shash_desc shash;
>> char ctx[crypto_shash_descsize(hash)];
>> } desc;
>>
>>
>> sparse complains
>>
>> CHECK crypto/hmac.c
>> crypto/hmac.c:57:47: error: bad constant expression
>>
>> I like it instead of kmalloc..
>>
>> But what is position of kernel community about it?
>
> If you know that the range of crypto_shash_descsize(hash) is
> bounded, just use the upper bound.
>
> If the range of crypto_shash_descsize(hash) is unbounded, then the
> stack will overflow and ... BOOM!
>

Quick look shows that largest crypto_shash_descsize() would be with
hmac+s390/sha512, 16 + 332 = 348. Crypto-api also prevents registering
shash with descsize larger than (PAGE_SIZE / 8).

-Jussi