From: Herbert Xu Subject: Re: Remaining crypto API regressions with CONFIG_VMAP_STACK Date: Sat, 10 Dec 2016 13:32:08 +0800 Message-ID: <20161210053208.GA27951@gondor.apana.org.au> References: <20161209230851.GB64048@google.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Eric Biggers , linux-crypto@vger.kernel.org, "linux-kernel@vger.kernel.org" , "linux-mm@kvack.org" , "kernel-hardening@lists.openwall.com" , Andrew Lutomirski , Stephan Mueller To: Andy Lutomirski Return-path: Received: from helcar.hengli.com.au ([209.40.204.226]:56000 "EHLO helcar.apana.org.au" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752560AbcLJFcX (ORCPT ); Sat, 10 Dec 2016 00:32:23 -0500 Content-Disposition: inline In-Reply-To: Sender: linux-crypto-owner@vger.kernel.org List-ID: On Fri, Dec 09, 2016 at 09:25:38PM -0800, Andy Lutomirski wrote: > > > The following crypto drivers initialize a scatterlist to point into an > > ablkcipher_request, which may have been allocated on the stack with > > SKCIPHER_REQUEST_ON_STACK(): > > > > drivers/crypto/ccp/ccp-crypto-aes-xts.c:162 > > drivers/crypto/ccp/ccp-crypto-aes.c:94 > > These are real, and I wish I'd known about them sooner. Are you sure? Any instance of *_ON_STACK must only be used with sync algorithms and most drivers under drivers/crypto declare themselves as async. Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt