From patchwork Tue Apr 24 01:03:19 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tycho Andersen X-Patchwork-Id: 10358441 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 39E1460225 for ; Tue, 24 Apr 2018 01:03:38 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2C9BA28B7F for ; Tue, 24 Apr 2018 01:03:38 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1EF8128CB3; Tue, 24 Apr 2018 01:03:38 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4E84328CAC for ; Tue, 24 Apr 2018 01:03:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932633AbeDXBDe (ORCPT ); Mon, 23 Apr 2018 21:03:34 -0400 Received: from mail-ot0-f196.google.com ([74.125.82.196]:34949 "EHLO mail-ot0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932635AbeDXBDd (ORCPT ); Mon, 23 Apr 2018 21:03:33 -0400 Received: by mail-ot0-f196.google.com with SMTP id h8-v6so15674727otb.2 for ; Mon, 23 Apr 2018 18:03:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho-ws.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id; bh=Yk/g0djB0jPedGHm0mvrwwxkD9dHO9VodP3jlVLORRA=; b=t7EqQ7OwSvqlonY1p2bHNguhWOyg6kd//p6qgb6+jPXr1wlatKHXdcC270qZp0l5/H 6CUPlepWKsRXoX+0pUbJauik4NApScSd+ITwLqAvvqsscnbX6lly8kXcCFEzw9/eq29n Na9BXRs3htGQ3zzc6PA9XPkcBltyd2Hn7VDyv0+lNlnb/v7AqHJxZCHDgRngrxJLVsRD enJjBX+XTcC8kdHdJEQaX6ZIA2Rc6ySTaNhlVRs9MV8sFMWjtw13hQIKjGnOm8x6SRwL eevgGcgU8a1xIvDAVcVP2lueivd9byBS55LugtZXOCBab9/6k4ilL5RHdx13CWt8mCyN Ud7w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=Yk/g0djB0jPedGHm0mvrwwxkD9dHO9VodP3jlVLORRA=; b=q/tqhv8hrAc5a0vgp/GNfOnHipDrIhYVqQ4s+UqGOQ/kP5D43MPjYmNq6J9MfapguM Ur0dRsh4WJkY3z7waLn4LkbEJGaeSewir5yheUwqRZ+5O0+HiVep1kIUcm9jloIKHLeI CIOVqv5BtezPCX6hGK92DBlECf/vrZakaq+FLFXe0w38kaWbWiLN7J9T19k7eOJgv92t V2Lfp1aaHkh3sboCQ1i7+3z87f8lplfxygK4XczhovCOw0cAthrl+db6nb8sdmlr0jOs kwI9zxhJUV2zcTiBGP2LU9hkB4HbxFuww2nhHXakJLmduV9wMhcXskSIjAopQloW2S4B +LaA== X-Gm-Message-State: ALQs6tAEtQ0ccae8DYbCZwdeLmC1RssJAHNi0w21XwfIzostbc1wgaa9 GYz6aMwiNKff0/byykgBmVGM7w== X-Google-Smtp-Source: AIpwx48GjcCzkaRjXjMCRjlZbf6lJd0WX/oXNHxrEngLye++PCeo+1KbVWWS47kjKpiRfgaooSSR9A== X-Received: by 2002:a9d:441d:: with SMTP id u29-v6mr16452287ote.70.1524531812937; Mon, 23 Apr 2018 18:03:32 -0700 (PDT) Received: from cisco.lan ([8.24.24.129]) by smtp.gmail.com with ESMTPSA id n204-v6sm7410331oia.3.2018.04.23.18.03.30 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 23 Apr 2018 18:03:31 -0700 (PDT) From: Tycho Andersen To: David Howells Cc: keyrings@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, Tycho Andersen , James Morris , "Serge E. Hallyn" , "Jason A . Donenfeld" , Eric Biggers Subject: [PATCH 1/3] big key: get rid of stack array allocation Date: Mon, 23 Apr 2018 19:03:19 -0600 Message-Id: <20180424010321.14739-1-tycho@tycho.ws> X-Mailer: git-send-email 2.17.0 Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP We're interested in getting rid of all of the stack allocated arrays in the kernel [1]. This patch simply hardcodes the iv length to match that of the hardcoded cipher. [1]: https://lkml.org/lkml/2018/3/7/621 v2: hardcode the length of the nonce to be the GCM AES IV length, and do a sanity check in init(), Eric Biggers Signed-off-by: Tycho Andersen CC: David Howells CC: James Morris CC: "Serge E. Hallyn" CC: Jason A. Donenfeld CC: Eric Biggers --- security/keys/big_key.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/security/keys/big_key.c b/security/keys/big_key.c index 933623784ccd..75c46786a166 100644 --- a/security/keys/big_key.c +++ b/security/keys/big_key.c @@ -22,6 +22,7 @@ #include #include #include +#include struct big_key_buf { unsigned int nr_pages; @@ -109,7 +110,7 @@ static int big_key_crypt(enum big_key_op op, struct big_key_buf *buf, size_t dat * an .update function, so there's no chance we'll wind up reusing the * key to encrypt updated data. Simply put: one key, one encryption. */ - u8 zero_nonce[crypto_aead_ivsize(big_key_aead)]; + u8 zero_nonce[GCM_AES_IV_SIZE]; aead_req = aead_request_alloc(big_key_aead, GFP_KERNEL); if (!aead_req) @@ -425,6 +426,12 @@ static int __init big_key_init(void) pr_err("Can't alloc crypto: %d\n", ret); return ret; } + + if (unlikely(crypto_aead_ivsize(big_key_aead) != GCM_AES_IV_SIZE)) { + WARN(1, "big key algorithm changed?"); + return -EINVAL; + } + ret = crypto_aead_setauthsize(big_key_aead, ENC_AUTHTAG_SIZE); if (ret < 0) { pr_err("Can't set crypto auth tag len: %d\n", ret);