From patchwork Mon Jul 16 03:56:57 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10525451 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 2CD7860545 for ; Mon, 16 Jul 2018 03:57:07 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0BD0828658 for ; Mon, 16 Jul 2018 03:57:07 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id F3BCA2863F; Mon, 16 Jul 2018 03:57:06 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A20992863D for ; Mon, 16 Jul 2018 03:57:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726373AbeGPEW0 (ORCPT ); Mon, 16 Jul 2018 00:22:26 -0400 Received: from mail-pf0-f196.google.com ([209.85.192.196]:44400 "EHLO mail-pf0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726063AbeGPEWU (ORCPT ); Mon, 16 Jul 2018 00:22:20 -0400 Received: by mail-pf0-f196.google.com with SMTP id k21-v6so733966pff.11 for ; Sun, 15 Jul 2018 20:56:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:mime-version:content-disposition; bh=akYEvHs19WJRAj6KNIr0rURqc8YhNLPEt8XljT6qIEA=; b=NK+L67Z8YrbTGWqIbP1tdk/eLN8CZR8/4FwV7rnuVddvD0/qW587gIJLBdShWEkrHf eEPi/UAutmFTLk7Et8Ba/gjhMC1Mp/p2/gq0+HhXWZQJVmzr+OEFmCkzCN6/OhiBy3T7 Cjv9utz8UW9kYy54Q23x4Rwniwz/AdNQxIrSY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version :content-disposition; bh=akYEvHs19WJRAj6KNIr0rURqc8YhNLPEt8XljT6qIEA=; b=O2Gv6H9uMszOkTP7i/x8L5iL4PH/wWzvJSmVZHDhf7UuDzzxbsFnl+10E/8TayUFBt ayGDfcD3ALNc5uZGrthHE8Y7NIjVbBpGKsKp2jCpxYACQS/cL/FXXc5rmaZwHZeS3m/2 cwWHWBLsPpfGJNzmMFF3pGsmZiJrNV2Q9p8WDOfBupiEIldDVz4RD8TwTWNPkpeIqv16 9vS3b4nPxaUojpfIb9wQ75rWtmTpqjulVPzKyuPZWupA5jkQk1FcD9vPjLqjgFyecQew X4MfovJXjwHKvfPU3DJ6UIoGm0OdBgnzLW0ll6fao0ljimwWhINxo+yGk74Y9cWqU7Kh fIeg== X-Gm-Message-State: AOUpUlHN/eHLn2mR8Z8N3yYOoK0yNzMURuR1AWye8r+OjmYbhGgRbavB G7fK9bMBSpbHOvaoZa+BEIiUHQ== X-Google-Smtp-Source: AAOMgpdTQkScZVJkLsz93f2WZhYAJkaCPnjWnQWvi5XJ51jWQ1LCYv0NxEeMUdixMVQZrRKDyv4I6g== X-Received: by 2002:a62:9541:: with SMTP id p62-v6mr16361469pfd.152.1531713419276; Sun, 15 Jul 2018 20:56:59 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id q5-v6sm24985865pfj.27.2018.07.15.20.56.57 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 15 Jul 2018 20:56:58 -0700 (PDT) Date: Sun, 15 Jul 2018 20:56:57 -0700 From: Kees Cook To: "Rafael J. Wysocki" Cc: Pavel Machek , Herbert Xu , Arnd Bergmann , Eric Biggers , "Gustavo A. R. Silva" , linux-pm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] x86/power/64: Remove VLA usage Message-ID: <20180716035657.GA32180@beast> MIME-Version: 1.0 Content-Disposition: inline Sender: linux-pm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-pm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this removes the discouraged use of AHASH_REQUEST_ON_STACK by switching to shash directly and allocating the descriptor in heap memory (which should be fine: the tfm has already been allocated there too). [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook Acked-by: Pavel Machek --- arch/x86/power/hibernate_64.c | 35 +++++++++++++++++++---------------- 1 file changed, 19 insertions(+), 16 deletions(-) diff --git a/arch/x86/power/hibernate_64.c b/arch/x86/power/hibernate_64.c index 67ccf64c8bd8..0ed01bb935a6 100644 --- a/arch/x86/power/hibernate_64.c +++ b/arch/x86/power/hibernate_64.c @@ -233,28 +233,31 @@ struct restore_data_record { */ static int get_e820_md5(struct e820_table *table, void *buf) { - struct scatterlist sg; - struct crypto_ahash *tfm; + struct crypto_shash *tfm; + struct shash_desc *desc; int size; int ret = 0; - tfm = crypto_alloc_ahash("md5", 0, CRYPTO_ALG_ASYNC); + tfm = crypto_alloc_shash("md5", 0, 0); if (IS_ERR(tfm)) return -ENOMEM; - { - AHASH_REQUEST_ON_STACK(req, tfm); - size = offsetof(struct e820_table, entries) + sizeof(struct e820_entry) * table->nr_entries; - ahash_request_set_tfm(req, tfm); - sg_init_one(&sg, (u8 *)table, size); - ahash_request_set_callback(req, 0, NULL, NULL); - ahash_request_set_crypt(req, &sg, buf, size); - - if (crypto_ahash_digest(req)) - ret = -EINVAL; - ahash_request_zero(req); - } - crypto_free_ahash(tfm); + desc = kmalloc(sizeof(struct shash_desc) + crypto_shash_descsize(tfm), + GFP_KERNEL); + if (!desc) + return -ENOMEM; + + desc->tfm = tfm; + desc->flags = 0; + + size = offsetof(struct e820_table, entries) + + sizeof(struct e820_entry) * table->nr_entries; + + if (crypto_shash_digest(desc, (u8 *)table, size, buf)) + ret = -EINVAL; + + kzfree(desc); + crypto_free_shash(tfm); return ret; }