From patchwork Thu Jul 12 20:30:33 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Kees Cook <keescook@chromium.org>
X-Patchwork-Id: 10522265
X-Patchwork-Delegate: snitzer@redhat.com
Return-Path: <dm-devel-bounces@redhat.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	0DC496032C for <patchwork-dm-devel@patchwork.kernel.org>;
	Thu, 12 Jul 2018 20:30:58 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F13E829C8C
	for <patchwork-dm-devel@patchwork.kernel.org>;
	Thu, 12 Jul 2018 20:30:57 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id EACC129C64; Thu, 12 Jul 2018 20:30:57 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	MAILING_LIST_MULTI, RCVD_IN_DNSWL_HI,
	T_DKIM_INVALID autolearn=unavailable version=3.3.1
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
	(using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 8ECAE29CCD
	for <patchwork-dm-devel@patchwork.kernel.org>;
	Thu, 12 Jul 2018 20:30:57 +0000 (UTC)
Received: from smtp.corp.redhat.com
	(int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 32E25308FBA2;
	Thu, 12 Jul 2018 20:30:55 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
	(colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 80D015D755;
	Thu, 12 Jul 2018 20:30:54 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
	(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id C93AF18037ED;
	Thu, 12 Jul 2018 20:30:53 +0000 (UTC)
Received: from smtp.corp.redhat.com
	(int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with
	ESMTP id w6CKUpp1009745 for <dm-devel@listman.util.phx.redhat.com>;
	Thu, 12 Jul 2018 16:30:51 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 76B9E60910; Thu, 12 Jul 2018 20:30:51 +0000 (UTC)
Delivered-To: dm-devel@redhat.com
Received: from mx1.redhat.com (ext-mx14.extmail.prod.ext.phx2.redhat.com
	[10.5.110.43])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 69B57611B5
	for <dm-devel@redhat.com>; Thu, 12 Jul 2018 20:30:46 +0000 (UTC)
Received: from mail-yw0-f195.google.com (mail-yw0-f195.google.com
	[209.85.161.195])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128
	bits)) (No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id EA386308FBA2
	for <dm-devel@redhat.com>; Thu, 12 Jul 2018 20:30:34 +0000 (UTC)
Received: by mail-yw0-f195.google.com with SMTP id q129-v6so8148562ywg.8
	for <dm-devel@redhat.com>; Thu, 12 Jul 2018 13:30:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=20161025;
	h=mime-version:sender:in-reply-to:references:from:date:message-id
	:subject:to:cc;
	bh=zTZAdsj3LaGt0R+V4g8HPRJLlgetDfWYobZ5rk6Bzxg=;
	b=RnDkgRHkeGopbLxyAQU7SCoQtSKcJ1K5Iinlzh1BQ9KoC/HL8NwYfbcxB7xxLyL4Bz
	Hhf3SJ50aKwzqnxdtwVsKx9gYXZFAS07KUEJvfRb/3H0OQKyA5Lxz4vCjcpbvckNkBt6
	AUWpIE8q7GnpQHAYaUSMUbAGC9p8gMyP10UD9qE7zsdYMWKcQC61q2iD9PD4hAp/sDqz
	PLhJfkpf6Ha2qjUeHMqL4Qo0t3CwTuRsB8mbJTjRx1fnQdpRsJuUVQUT3QhMS/3U33a6
	BQD7IE7cMFmtAZKlY09AZ9DgSvSMjbETa7MGcDj09RdDn+Z5m4FBLOg2beGMu9OUNNmy
	n7WQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org;
	s=google;
	h=mime-version:sender:in-reply-to:references:from:date:message-id
	:subject:to:cc;
	bh=zTZAdsj3LaGt0R+V4g8HPRJLlgetDfWYobZ5rk6Bzxg=;
	b=UemoOPq5BPo30ivv1V8ih8WuIWIA5x/BoI3TE/1+i90WnE2y2aBuBH8f8BjjJa7N/g
	WBtXQc8rOP3ASydt1Fhc/4xJANuIc2HOiCOcyCRHtsKwvrVRCdOhUIyhsVOTV+zVawsQ
	Efoa3VeG87UqYTgtcbTzms3Zf71NmL7bet/NI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
	:date:message-id:subject:to:cc;
	bh=zTZAdsj3LaGt0R+V4g8HPRJLlgetDfWYobZ5rk6Bzxg=;
	b=jNF7u5TCLoaicIsQKtb/qahyiAnymjHtfEaQ3OVSimfm4EH4RlMxsFhKTfwU0juMvw
	J9y9XbVdsyrJ49bJvO8TQ7CnpCdaQa3NItBMIlb5z8hmQ1HP4+qB7EH3zkwi6fpt128f
	7ukR1+dMAHB2qV2l1c05/600lD4n1AMEuLG8weOlZdt/YVvUM+Vwk1/Du5soDPWG9fv0
	+NrUOLXTAUXNCVixNfD+mFbsR9U/TbYyXgdtTmtLNlXVwrPwyI5ob1BI8+1MuJOja71Z
	SpQEDdBf0WBiASXYEGWHEGw3pOnobiAlYW+8J3UppqpXi4TxMlj2mGAhD/oL5sJZkCWC
	vxJA==
X-Gm-Message-State: AOUpUlGvBPIpqmuezPF137qG66GefR6LAzEFvee6/rG+epDnpHdX7hv4
	BTUsYwQpnKjV37d4AmGwM6LbQwfHzJ9iSmwPecNX/w==
X-Google-Smtp-Source: 
 AAOMgpc7GMwnXcEOuLpJeh02O1aR4884TSqQGuJuotOuT8TrIMN1rnLvrB5D75vZOykbzzTHUfSaBFWChgNKc/JmwYs=
X-Received: by 2002:a0d:e2cd:: with SMTP id
	l196-v6mr1831631ywe.38.1531427434052;
	Thu, 12 Jul 2018 13:30:34 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a25:5f51:0:0:0:0:0 with HTTP; Thu, 12 Jul 2018 13:30:33
	-0700 (PDT)
In-Reply-To: 
 <CAGXu5jLUME9cjntUUed9EYukzEaODDzqRmtGht=uu7YVAG2WWg@mail.gmail.com>
References: <20180711203619.1020-1-keescook@chromium.org>
	<20180711203619.1020-14-keescook@chromium.org>
	<CAK8P3a1k+cy9wAVNQMWE4tdA4aV8tiu6K3haLc+kMPt0iiUQ9Q@mail.gmail.com>
	<CAGXu5jLUME9cjntUUed9EYukzEaODDzqRmtGht=uu7YVAG2WWg@mail.gmail.com>
From: Kees Cook <keescook@chromium.org>
Date: Thu, 12 Jul 2018 13:30:33 -0700
X-Google-Sender-Auth: qaaxhdfIYlg1TLQaIhGXaB4PlVM
Message-ID: 
 <CAGXu5jK7iRv1HE7JgW95vTgg5vhye4dxjfoQyN3G7HZzp7nZhA@mail.gmail.com>
To: Arnd Bergmann <arnd@arndb.de>
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
	(mx1.redhat.com [10.5.110.43]);
	Thu, 12 Jul 2018 20:30:35 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com
	[10.5.110.43]);
	Thu, 12 Jul 2018 20:30:35 +0000 (UTC) for IP:'209.85.161.195'
	DOMAIN:'mail-yw0-f195.google.com'
	HELO:'mail-yw0-f195.google.com' FROM:'keescook@google.com' RCPT:''
X-RedHat-Spam-Score: -7.381  (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU,
	HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,
	RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_PASS,
	USER_IN_DEF_SPF_WL) 209.85.161.195 mail-yw0-f195.google.com
	209.85.161.195 mail-yw0-f195.google.com <keescook@google.com>
X-Scanned-By: MIMEDefang 2.84 on 10.5.110.43
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-loop: dm-devel@redhat.com
Cc: Giovanni Cabiddu <giovanni.cabiddu@intel.com>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	Mike Snitzer <snitzer@redhat.com>, Eric Biggers <ebiggers@google.com>,
	"Gustavo A. R. Silva" <gustavo@embeddedor.com>, qat-linux@intel.com,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	David Howells <dhowells@redhat.com>,
	Masahiro Yamada <yamada.masahiro@socionext.com>, dm-devel@redhat.com,
	"open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
	<linux-crypto@vger.kernel.org>, Lars Persson <larper@axis.com>,
	Tim Chen <tim.c.chen@linux.intel.com>,
	"David S. Miller" <davem@davemloft.net>,
	Alasdair Kergon <agk@redhat.com>, Rabin Vincent <rabinv@axis.com>
Subject: Re: [dm-devel] [PATCH v4 13/14] rxrpc: Prepare to remove VLA usage
	for SKCIPHER_REQUEST_ON_STACK
X-BeenThere: dm-devel@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: device-mapper development <dm-devel.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/dm-devel>,
	<mailto:dm-devel-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/dm-devel>
List-Post: <mailto:dm-devel@redhat.com>
List-Help: <mailto:dm-devel-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/dm-devel>,
	<mailto:dm-devel-request@redhat.com?subject=subscribe>
Sender: dm-devel-bounces@redhat.com
Errors-To: dm-devel-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
	(mx1.redhat.com [10.5.110.43]);
	Thu, 12 Jul 2018 20:30:56 +0000 (UTC)
X-Virus-Scanned: ClamAV using ClamSMTP

On Thu, Jul 12, 2018 at 1:23 PM, Kees Cook <keescook@chromium.org> wrote:
> On Thu, Jul 12, 2018 at 8:11 AM, Arnd Bergmann <arnd@arndb.de> wrote:
>> On Wed, Jul 11, 2018 at 10:36 PM, Kees Cook <keescook@chromium.org> wrote:
>>> Two uses of SKCIPHER_REQUEST_ON_STACK() will trigger FRAME_WARN warnings
>>> (when less than 2048) once the VLA is no longer hidden from the check:
>>>
>>> net/rxrpc/rxkad.c:398:1: warning: the frame size of 1152 bytes is larger than 1024 bytes [-Wframe-larger-than=]
>>> net/rxrpc/rxkad.c:242:1: warning: the frame size of 1152 bytes is larger than 1024 bytes [-Wframe-larger-than=]
>>>
>>> This bumps the affected objects by 20% to silence the warnings while
>>> still providing coverage is anything grows even more.
>>>
>>> Signed-off-by: Kees Cook <keescook@chromium.org>
>>
>> (adding David Howells to cc)
>>
>> I don't think these are in a fast path, it should be possible to just use
>> skcipher_alloc_req() instead of SKCIPHER_REQUEST_ON_STACK() here.
>> From what I can tell, neither of the two are called in atomic context, so
>> you should be able to use a GFP_KERNEL allocation.
>
> Sure, I can do that instead.

Actually, I think this can actually be adjusted to just re-use the
stack allocation, since rxkad_verify_packet() finishes one before
doing another in rxkad_verify_packet_1():

        default:


-Kees

diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c
index 278ac0807a60..d6a2e7cab384 100644
--- a/net/rxrpc/rxkad.c
+++ b/net/rxrpc/rxkad.c
@@ -316,10 +316,10 @@ static int rxkad_secure_packet(struct rxrpc_call *call,
  */
 static int rxkad_verify_packet_1(struct rxrpc_call *call, struct sk_buff *skb,
                                 unsigned int offset, unsigned int len,
-                                rxrpc_seq_t seq)
+                                rxrpc_seq_t seq,
+                                struct skcipher_request *req)
 {
        struct rxkad_level1_hdr sechdr;
-       SKCIPHER_REQUEST_ON_STACK(req, call->conn->cipher);
        struct rxrpc_crypt iv;
        struct scatterlist sg[16];
        struct sk_buff *trailer;
@@ -549,7 +549,7 @@ static int rxkad_verify_packet(struct rxrpc_call
*call, struct sk_buff *skb,
        case RXRPC_SECURITY_PLAIN:
                return 0;
        case RXRPC_SECURITY_AUTH:
-               return rxkad_verify_packet_1(call, skb, offset, len, seq);
+               return rxkad_verify_packet_1(call, skb, offset, len, seq, req);
        case RXRPC_SECURITY_ENCRYPT:
                return rxkad_verify_packet_2(call, skb, offset, len, seq);