From patchwork Thu Aug 2 22:51:44 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10554287 X-Patchwork-Delegate: snitzer@redhat.com Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0BBA615E9 for ; Thu, 2 Aug 2018 22:52:10 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id ECB7D2C4C2 for ; Thu, 2 Aug 2018 22:52:09 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E0D702C4E8; Thu, 2 Aug 2018 22:52:09 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 823302C4C2 for ; Thu, 2 Aug 2018 22:52:09 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 2BD2130832D0; Thu, 2 Aug 2018 22:52:08 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id BEF5510694D0; Thu, 2 Aug 2018 22:52:07 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 5A30A18052EA; Thu, 2 Aug 2018 22:52:05 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w72Mq3VX026033 for ; Thu, 2 Aug 2018 18:52:03 -0400 Received: by smtp.corp.redhat.com (Postfix) id 71FFB7C121; Thu, 2 Aug 2018 22:52:03 +0000 (UTC) Delivered-To: dm-devel@redhat.com Received: from mx1.redhat.com (ext-mx09.extmail.prod.ext.phx2.redhat.com [10.5.110.38]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 674587BB43 for ; Thu, 2 Aug 2018 22:52:00 +0000 (UTC) Received: from mail-pg1-f195.google.com (mail-pg1-f195.google.com [209.85.215.195]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B21CF4E90C for ; Thu, 2 Aug 2018 22:51:59 +0000 (UTC) Received: by mail-pg1-f195.google.com with SMTP id a11-v6so1888381pgw.6 for ; Thu, 02 Aug 2018 15:51:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=4w4IN2J6dONrrlVeO1+L0Kz9qBIwIaC7ttYkBFQeQFw=; b=MJPtM5DrXi71NqaWEQYItiJlS3TD+nNAyTVAZSz56FSXdi41JPXEIZCHRfaKPO4EGa r9bnOJ8j0gTaHlb1zSUOXZYTYqTmHxwiIH5BGkUWd3Jcc5cQZ/Yq23cOPaClZMMODbr/ CojOQODYnJ/R98Ahr+wnJbTn5SrM8+olatYVs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=4w4IN2J6dONrrlVeO1+L0Kz9qBIwIaC7ttYkBFQeQFw=; b=ZjWnS+f48d7xyFFjzZX0UypaWPzC69Ga1CL2N9jnqTI1g7WgK25YMOe483u0oVvKlu bmSt2TsDDy5irDIcHMNCgaSvCyqgiUMR3/pUdH91WjxfB8WxYtWxbe2piEvn28b/3qwc ApjwYHbGrsFBo7CkHEvMKYLD5l9MV4aVtzyUkE/g897g3YFGUUDmH6O1ietFJ00cTqUY Rx9cRv957JLJoJqsYbkhQZ6tQCUIyOtPzF3dRUgDJwqnXdTaHyQ8W3dWdOXYFhd2B/sl s7rnisarTY4llNxvjr8ttDdctQO6+tb2/VBKYbUAzwqEsWaW/630CYRcENlNLdOMtzvd Y84g== X-Gm-Message-State: AOUpUlHzIWqCszqDX4eLUPM/WuhseXi4S4rW8vktgglZuJx8dkPEsAbB aawYCNH1/QkGqPKjpO0p5AtPtw== X-Google-Smtp-Source: AAOMgpfS7uWJ2m2fnCd3q5O44WlAj38sQsrNquS+SSvsE+4QOZ9ZAOZxHfW/J5fqtyqnrkchc4RsdA== X-Received: by 2002:a62:cac5:: with SMTP id y66-v6mr1437334pfk.187.1533250319247; Thu, 02 Aug 2018 15:51:59 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id 5-v6sm4465319pgc.86.2018.08.02.15.51.55 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 02 Aug 2018 15:51:56 -0700 (PDT) From: Kees Cook To: Herbert Xu Date: Thu, 2 Aug 2018 15:51:44 -0700 Message-Id: <20180802225152.19194-2-keescook@chromium.org> In-Reply-To: <20180802225152.19194-1-keescook@chromium.org> References: <20180802225152.19194-1-keescook@chromium.org> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Thu, 02 Aug 2018 22:51:59 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Thu, 02 Aug 2018 22:51:59 +0000 (UTC) for IP:'209.85.215.195' DOMAIN:'mail-pg1-f195.google.com' HELO:'mail-pg1-f195.google.com' FROM:'keescook@chromium.org' RCPT:'' X-RedHat-Spam-Score: -0.131 (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_PASS) 209.85.215.195 mail-pg1-f195.google.com 209.85.215.195 mail-pg1-f195.google.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.38 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: dm-devel@redhat.com Cc: Giovanni Cabiddu , linux-kernel@vger.kernel.org, Kees Cook , Mike Snitzer , Ard Biesheuvel , Rasmus Villemoes , Tudor-Dan Ambarus , Will Deacon , Matthew Wilcox , Arnd Bergmann , "David S. Miller" , dm-devel@redhat.com, Geert Uytterhoeven , David Woodhouse , qat-linux@intel.com, Andrew Morton , Thomas Gleixner , Alasdair Kergon , linux-crypto@vger.kernel.org Subject: [dm-devel] [PATCH v7 1/9] crypto: xcbc: Remove VLA usage X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]); Thu, 02 Aug 2018 22:52:08 +0000 (UTC) X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this uses the maximum blocksize and adds a sanity check. For xcbc, the blocksize must always be 16, so use that, since it's already being enforced during instantiation. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- crypto/xcbc.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/crypto/xcbc.c b/crypto/xcbc.c index 25c75af50d3f..c055f57fab11 100644 --- a/crypto/xcbc.c +++ b/crypto/xcbc.c @@ -57,15 +57,17 @@ struct xcbc_desc_ctx { u8 ctx[]; }; +#define XCBC_BLOCKSIZE 16 + static int crypto_xcbc_digest_setkey(struct crypto_shash *parent, const u8 *inkey, unsigned int keylen) { unsigned long alignmask = crypto_shash_alignmask(parent); struct xcbc_tfm_ctx *ctx = crypto_shash_ctx(parent); - int bs = crypto_shash_blocksize(parent); u8 *consts = PTR_ALIGN(&ctx->ctx[0], alignmask + 1); int err = 0; - u8 key1[bs]; + u8 key1[XCBC_BLOCKSIZE]; + int bs = sizeof(key1); if ((err = crypto_cipher_setkey(ctx->child, inkey, keylen))) return err; @@ -212,7 +214,7 @@ static int xcbc_create(struct crypto_template *tmpl, struct rtattr **tb) return PTR_ERR(alg); switch(alg->cra_blocksize) { - case 16: + case XCBC_BLOCKSIZE: break; default: goto out_put_alg; From patchwork Thu Aug 2 22:51:45 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10556085 X-Patchwork-Delegate: snitzer@redhat.com Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id EB34614E2 for ; Sun, 5 Aug 2018 08:51:29 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D900729913 for ; Sun, 5 Aug 2018 08:51:29 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id CC85A29916; Sun, 5 Aug 2018 08:51:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 7861D29913 for ; Sun, 5 Aug 2018 08:51:29 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7CAE7C0587EE; Sun, 5 Aug 2018 08:51:28 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 313FF30012C2; Sun, 5 Aug 2018 08:51:28 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D15C14EE1E; Sun, 5 Aug 2018 08:51:27 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w72Mq1af025868 for ; Thu, 2 Aug 2018 18:52:01 -0400 Received: by smtp.corp.redhat.com (Postfix) id 2CFD7177BE; Thu, 2 Aug 2018 22:52:01 +0000 (UTC) Delivered-To: dm-devel@redhat.com Received: from mx1.redhat.com (ext-mx01.extmail.prod.ext.phx2.redhat.com [10.5.110.25]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 251AF1948E for ; Thu, 2 Aug 2018 22:51:59 +0000 (UTC) Received: from mail-pg1-f195.google.com (mail-pg1-f195.google.com [209.85.215.195]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4CC0C81DE2 for ; Thu, 2 Aug 2018 22:51:58 +0000 (UTC) Received: by mail-pg1-f195.google.com with SMTP id k3-v6so1892134pgq.5 for ; Thu, 02 Aug 2018 15:51:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=aHfzmuE3dXR4IAoiUCBdTyidzm+NOXbAHoWt0SfC0Yk=; b=YK0sLQ6yx/nNf22z78FvybF7smSHZTnhCRXQxGyslT7EpdDx2alGo3541jQNsGp9vp 8pDZrDntU+idgZMIW2VDvcaO1N0zhTJCjJZIexUkW5A5TeQmfDQqalbe48DGnFU0buQf uEONOy+9a5tJLimhzzgbNSgnmtp8nSNISwRZA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=aHfzmuE3dXR4IAoiUCBdTyidzm+NOXbAHoWt0SfC0Yk=; b=dHrlfRed135FMa0MweVzqhss4iZVGpzYH7pc0afFmbzfmTtF1Tg2K0KL1UMzJHFVzd gX6HCKTnKbm1Rsu3/rOjpxycKC9BbH3M8OtrO3FDdb24Z3RVDQ35cL99ig5NEgaq0O72 FbuBBVcsBcjiZ70uStw/g3AV9JG7oBc5wblMdumjKpfbnFge54JcSSz3ZRdbbTJeawd7 HwJzeCPdoVoyFyrdXJb7chZtkNhKCakyQhHypwW/CrDDYDyUQBwyxfTdHVZSmhWj2Ncb kDZ+VjlTfSWNpzE0O7jlMcBUFrzDVgxnEKGuaafwaADk4FUobV4j//y0QgLIEicwaLPo G34g== X-Gm-Message-State: AOUpUlFssvdfxJLgRfBTgR5iQnBK3tILx8WT+p8Xk0dUuc6p+5x+4kDn SnwrBXXBUFy1bzMAs0T7iITnfg== X-Google-Smtp-Source: AAOMgpdxUZUIZzGXTUAHJB42T93KR5IqwOqZF7WaiQ/FktZbkan+JYAnOI7iUO0ZrKk468r1i6dY3g== X-Received: by 2002:a63:1902:: with SMTP id z2-v6mr1226160pgl.86.1533250317502; Thu, 02 Aug 2018 15:51:57 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id y3-v6sm6236173pfi.24.2018.08.02.15.51.55 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 02 Aug 2018 15:51:56 -0700 (PDT) From: Kees Cook To: Herbert Xu Date: Thu, 2 Aug 2018 15:51:45 -0700 Message-Id: <20180802225152.19194-3-keescook@chromium.org> In-Reply-To: <20180802225152.19194-1-keescook@chromium.org> References: <20180802225152.19194-1-keescook@chromium.org> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Thu, 02 Aug 2018 22:51:58 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Thu, 02 Aug 2018 22:51:58 +0000 (UTC) for IP:'209.85.215.195' DOMAIN:'mail-pg1-f195.google.com' HELO:'mail-pg1-f195.google.com' FROM:'keescook@chromium.org' RCPT:'' X-RedHat-Spam-Score: -0.131 (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_PASS) 209.85.215.195 mail-pg1-f195.google.com 209.85.215.195 mail-pg1-f195.google.com X-Scanned-By: MIMEDefang 2.83 on 10.5.110.25 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: dm-devel@redhat.com Cc: Giovanni Cabiddu , linux-kernel@vger.kernel.org, Kees Cook , Mike Snitzer , Ard Biesheuvel , Rasmus Villemoes , Tudor-Dan Ambarus , Will Deacon , Matthew Wilcox , Arnd Bergmann , "David S. Miller" , dm-devel@redhat.com, Geert Uytterhoeven , David Woodhouse , qat-linux@intel.com, Andrew Morton , Thomas Gleixner , Alasdair Kergon , linux-crypto@vger.kernel.org Subject: [dm-devel] [PATCH v7 2/9] crypto: cbc: Remove VLA usage X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.26 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Sun, 05 Aug 2018 08:51:29 +0000 (UTC) X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this uses the upper bounds on blocksize. Since this is always a cipher blocksize, use the existing cipher max blocksize. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- include/crypto/cbc.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/include/crypto/cbc.h b/include/crypto/cbc.h index f5b8bfc22e6d..47db0aac2ab9 100644 --- a/include/crypto/cbc.h +++ b/include/crypto/cbc.h @@ -113,7 +113,9 @@ static inline int crypto_cbc_decrypt_inplace( unsigned int bsize = crypto_skcipher_blocksize(tfm); unsigned int nbytes = walk->nbytes; u8 *src = walk->src.virt.addr; - u8 last_iv[bsize]; + u8 last_iv[MAX_CIPHER_BLOCKSIZE]; + + BUG_ON(bsize > sizeof(last_iv)); /* Start of the last block. */ src += nbytes - (nbytes & (bsize - 1)) - bsize; From patchwork Thu Aug 2 22:51:46 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10556083 X-Patchwork-Delegate: snitzer@redhat.com Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8970514E2 for ; Sun, 5 Aug 2018 08:51:26 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 775E629913 for ; Sun, 5 Aug 2018 08:51:26 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6AF2F29916; Sun, 5 Aug 2018 08:51:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 06DA729913 for ; Sun, 5 Aug 2018 08:51:26 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0CA90356D6; Sun, 5 Aug 2018 08:51:25 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D90FD173A5; Sun, 5 Aug 2018 08:51:24 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 9B9244EE1E; Sun, 5 Aug 2018 08:51:24 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.25]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w72Mq1k3025903 for ; Thu, 2 Aug 2018 18:52:01 -0400 Received: by smtp.corp.redhat.com (Postfix) id EAFB82010CC6; Thu, 2 Aug 2018 22:52:01 +0000 (UTC) Delivered-To: dm-devel@redhat.com Received: from mx1.redhat.com (ext-mx07.extmail.prod.ext.phx2.redhat.com [10.5.110.31]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DE1AC2010CB5 for ; Thu, 2 Aug 2018 22:52:00 +0000 (UTC) Received: from mail-pg1-f193.google.com (mail-pg1-f193.google.com [209.85.215.193]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id CED47C00CB51 for ; Thu, 2 Aug 2018 22:51:58 +0000 (UTC) Received: by mail-pg1-f193.google.com with SMTP id k3-v6so1892141pgq.5 for ; Thu, 02 Aug 2018 15:51:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=cYqwOJ7ESFIZwb4gd+/rbe5MIJRsMeh+zsX7Pq9yPAY=; b=mTY19WAXKcACv2jHRUfcKmGhLkXkq85tiOxXJpcFj0PAX9lWdyvUM9LqDcHa6iBIG/ IiVeCwl6vqLnRdkeoxpKqO8dH/xl00FXb/lTnVVb0ztRX032O5A+wUw86q+fl6g1gK+e zB2UK6iF1LM/YHdusCOZ0lTsaU8j2aRNlKuyw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=cYqwOJ7ESFIZwb4gd+/rbe5MIJRsMeh+zsX7Pq9yPAY=; b=UOO/JgARfpFMXTZBBvOQhx6bTGJSeJVv3LORV5kQesKDLonG0xbhOYGjfgQQdzb8vT pdo6u0gMUdli1AlkrUhQAfEw5GaP7Rpwuob7M/Mv8ND3Bl/Ow7Sg2wG4GIWgqm824yoU Bgq9ldNoYXTrgSdDrhhuHTwvXdyMIv7IXqq584LXFJAcLTmYwixkI8VwMA1BoEsOBIR+ /Ny/Dyu0vu4Kz0EvJ1Ag7rN0gNpc/FuDghaVinAbofnXp4G/g+VktFpKBlBOocoX/kOo C6Ehy8IMQQ6QjYMam/rrkVEJZDnNELiFVUE5x5J74kyDR7JTK09EuuNl2Umz6d/zPwuj q/UQ== X-Gm-Message-State: AOUpUlGpz5ZyVZN9NXiinSmHp5jsY0sIZDQgDOQeGOZiHwimnHI0qbfN k/u9csAhV5V0ooeFSR6altlJYw== X-Google-Smtp-Source: AAOMgpc8iy9cvq8p6m9TZlGMtkIL+1L6+pA1vJtJHEVUn52NqhF7WjFMgLggNV//Jd9BU8b0PMhiqA== X-Received: by 2002:a63:f344:: with SMTP id t4-v6mr1222258pgj.428.1533250318354; Thu, 02 Aug 2018 15:51:58 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id q10-v6sm4050397pfh.124.2018.08.02.15.51.55 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 02 Aug 2018 15:51:56 -0700 (PDT) From: Kees Cook To: Herbert Xu Date: Thu, 2 Aug 2018 15:51:46 -0700 Message-Id: <20180802225152.19194-4-keescook@chromium.org> In-Reply-To: <20180802225152.19194-1-keescook@chromium.org> References: <20180802225152.19194-1-keescook@chromium.org> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Thu, 02 Aug 2018 22:51:58 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Thu, 02 Aug 2018 22:51:58 +0000 (UTC) for IP:'209.85.215.193' DOMAIN:'mail-pg1-f193.google.com' HELO:'mail-pg1-f193.google.com' FROM:'keescook@chromium.org' RCPT:'' X-RedHat-Spam-Score: -0.131 (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_PASS) 209.85.215.193 mail-pg1-f193.google.com 209.85.215.193 mail-pg1-f193.google.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.31 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.25 X-loop: dm-devel@redhat.com Cc: Giovanni Cabiddu , linux-kernel@vger.kernel.org, Kees Cook , Mike Snitzer , Ard Biesheuvel , Rasmus Villemoes , Tudor-Dan Ambarus , Will Deacon , Matthew Wilcox , Arnd Bergmann , "David S. Miller" , dm-devel@redhat.com, Geert Uytterhoeven , David Woodhouse , qat-linux@intel.com, Andrew Morton , Thomas Gleixner , Alasdair Kergon , linux-crypto@vger.kernel.org Subject: [dm-devel] [PATCH v7 3/9] crypto: ccm: Remove VLA usage X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Sun, 05 Aug 2018 08:51:25 +0000 (UTC) X-Virus-Scanned: ClamAV using ClamSMTP From: Ard Biesheuvel In the quest to remove all stack VLA usage from the kernel[1], this drops AHASH_REQUEST_ON_STACK by preallocating the ahash request area combined with the skcipher area (which are not used at the same time). [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Ard Biesheuvel Signed-off-by: Kees Cook --- crypto/ccm.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/crypto/ccm.c b/crypto/ccm.c index 0a083342ec8c..b242fd0d3262 100644 --- a/crypto/ccm.c +++ b/crypto/ccm.c @@ -50,7 +50,10 @@ struct crypto_ccm_req_priv_ctx { u32 flags; struct scatterlist src[3]; struct scatterlist dst[3]; - struct skcipher_request skreq; + union { + struct ahash_request ahreq; + struct skcipher_request skreq; + }; }; struct cbcmac_tfm_ctx { @@ -181,7 +184,7 @@ static int crypto_ccm_auth(struct aead_request *req, struct scatterlist *plain, struct crypto_ccm_req_priv_ctx *pctx = crypto_ccm_reqctx(req); struct crypto_aead *aead = crypto_aead_reqtfm(req); struct crypto_ccm_ctx *ctx = crypto_aead_ctx(aead); - AHASH_REQUEST_ON_STACK(ahreq, ctx->mac); + struct ahash_request *ahreq = &pctx->ahreq; unsigned int assoclen = req->assoclen; struct scatterlist sg[3]; u8 *odata = pctx->odata; @@ -427,7 +430,7 @@ static int crypto_ccm_init_tfm(struct crypto_aead *tfm) crypto_aead_set_reqsize( tfm, align + sizeof(struct crypto_ccm_req_priv_ctx) + - crypto_skcipher_reqsize(ctr)); + max(crypto_ahash_reqsize(mac), crypto_skcipher_reqsize(ctr))); return 0; From patchwork Thu Aug 2 22:51:47 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10554297 X-Patchwork-Delegate: snitzer@redhat.com Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1888813BF for ; Thu, 2 Aug 2018 22:52:26 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 05A8A2C4E2 for ; Thu, 2 Aug 2018 22:52:26 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id ED6F32C4E8; Thu, 2 Aug 2018 22:52:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 8167D2C4E2 for ; Thu, 2 Aug 2018 22:52:25 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8EA23369CD; Thu, 2 Aug 2018 22:52:24 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6074FD3CCD; Thu, 2 Aug 2018 22:52:24 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 1B4A04A469; Thu, 2 Aug 2018 22:52:24 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w72Mq50P026211 for ; Thu, 2 Aug 2018 18:52:05 -0400 Received: by smtp.corp.redhat.com (Postfix) id AE1AD1062241; Thu, 2 Aug 2018 22:52:05 +0000 (UTC) Delivered-To: dm-devel@redhat.com Received: from mx1.redhat.com (ext-mx05.extmail.prod.ext.phx2.redhat.com [10.5.110.29]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A4EB010694C3 for ; Thu, 2 Aug 2018 22:52:02 +0000 (UTC) Received: from mail-pg1-f195.google.com (mail-pg1-f195.google.com [209.85.215.195]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A289B13A90 for ; Thu, 2 Aug 2018 22:52:01 +0000 (UTC) Received: by mail-pg1-f195.google.com with SMTP id h12-v6so1896262pgs.3 for ; Thu, 02 Aug 2018 15:52:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=f6HZhbULuwp1ONQvXFzzLM5M+BCFj7xnBsodxU5HF/8=; b=gDOTFSH0mCBlWwYAR3zE4E/NU4Ae68M1jZ2jlcToRp3C9d6cxCTDvXvfyrU8eUVCA+ tg0Fav652WJByf3rSA6iZmyZCVEChYE6VKtWEwB6X4FfhWMErgxk3PiMHA6tzxYTgl1a VceqcEG3m4dJBP9zVGYDbhCRq4cJknF64bF2s= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=f6HZhbULuwp1ONQvXFzzLM5M+BCFj7xnBsodxU5HF/8=; b=EIZj+EOo9Jq1OS+025N6/uakxGMrGxseAw7bgAFoqU/ji27v7vgCTEcv/6yA0Vc3XC z4mJN0qcHZF0mjnI5HLQ57UZhIH0HXqyqInMSnajOoT73UWaIC/REwkovWGkWEpSVwOy bjh7W9Lphp1puTKuAOjZ6b85TwymwPNlmWentXELv/KZilJI89by/rEEQqwmHZ11FlzL mWzNBCNPlwEu/xmPL6VDocKja2BRxdxtTW+flhy5UiqzACFANAYaGMQGQ2g2QRhplQbe vXrHBMfVFc4p+5Ty0lnFVS2zi8OgFC6DiC/JBjVT36T9iaVyM56e675oLGnspKvDeaa0 uAIQ== X-Gm-Message-State: AOUpUlGMv7EZkSQASeS2nmPp1yJ2P2VnqstP4xzKErNWGORkjXrHoT+g xi4Jg19b931YipAf3krLEnTtuw== X-Google-Smtp-Source: AAOMgpeq7b4A4TtOygBOe2UF5UT/NmKqS/7woheqoowHId5Vx0ISuomHOEX8ttSG/0TPY+FNq9uo2g== X-Received: by 2002:a63:1a49:: with SMTP id a9-v6mr1237556pgm.423.1533250321097; Thu, 02 Aug 2018 15:52:01 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id 87-v6sm6761280pfn.103.2018.08.02.15.51.55 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 02 Aug 2018 15:51:56 -0700 (PDT) From: Kees Cook To: Herbert Xu Date: Thu, 2 Aug 2018 15:51:47 -0700 Message-Id: <20180802225152.19194-5-keescook@chromium.org> In-Reply-To: <20180802225152.19194-1-keescook@chromium.org> References: <20180802225152.19194-1-keescook@chromium.org> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Thu, 02 Aug 2018 22:52:01 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Thu, 02 Aug 2018 22:52:01 +0000 (UTC) for IP:'209.85.215.195' DOMAIN:'mail-pg1-f195.google.com' HELO:'mail-pg1-f195.google.com' FROM:'keescook@chromium.org' RCPT:'' X-RedHat-Spam-Score: -0.131 (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_PASS) 209.85.215.195 mail-pg1-f195.google.com 209.85.215.195 mail-pg1-f195.google.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.29 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-loop: dm-devel@redhat.com Cc: Giovanni Cabiddu , linux-kernel@vger.kernel.org, Kees Cook , Mike Snitzer , Ard Biesheuvel , Rasmus Villemoes , Tudor-Dan Ambarus , Will Deacon , Matthew Wilcox , Arnd Bergmann , "David S. Miller" , dm-devel@redhat.com, Geert Uytterhoeven , David Woodhouse , qat-linux@intel.com, Andrew Morton , Thomas Gleixner , Alasdair Kergon , linux-crypto@vger.kernel.org Subject: [dm-devel] [PATCH v7 4/9] crypto: hash: Remove VLA usage X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.27 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Thu, 02 Aug 2018 22:52:25 +0000 (UTC) X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this removes the VLAs in SHASH_DESC_ON_STACK (via crypto_shash_descsize()) by using the maximum allowable size (which is now more clearly captured in a macro), along with a few other cases. Similar limits are turned into macros as well. A review of existing sizes shows that SHA512_DIGEST_SIZE (64) is the largest digest size and that sizeof(struct sha3_state) (360) is the largest descriptor size. The corresponding maximums are reduced. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- crypto/ahash.c | 4 ++-- crypto/algif_hash.c | 2 +- crypto/shash.c | 6 +++--- include/crypto/hash.h | 6 +++++- 4 files changed, 11 insertions(+), 7 deletions(-) diff --git a/crypto/ahash.c b/crypto/ahash.c index a64c143165b1..78aaf2158c43 100644 --- a/crypto/ahash.c +++ b/crypto/ahash.c @@ -550,8 +550,8 @@ static int ahash_prepare_alg(struct ahash_alg *alg) { struct crypto_alg *base = &alg->halg.base; - if (alg->halg.digestsize > PAGE_SIZE / 8 || - alg->halg.statesize > PAGE_SIZE / 8 || + if (alg->halg.digestsize > HASH_MAX_DIGESTSIZE || + alg->halg.statesize > HASH_MAX_STATESIZE || alg->halg.statesize == 0) return -EINVAL; diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c index bfcf595fd8f9..d0cde541beb6 100644 --- a/crypto/algif_hash.c +++ b/crypto/algif_hash.c @@ -239,7 +239,7 @@ static int hash_accept(struct socket *sock, struct socket *newsock, int flags, struct alg_sock *ask = alg_sk(sk); struct hash_ctx *ctx = ask->private; struct ahash_request *req = &ctx->req; - char state[crypto_ahash_statesize(crypto_ahash_reqtfm(req)) ? : 1]; + char state[HASH_MAX_STATESIZE]; struct sock *sk2; struct alg_sock *ask2; struct hash_ctx *ctx2; diff --git a/crypto/shash.c b/crypto/shash.c index 5d732c6bb4b2..86d76b5c626c 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -458,9 +458,9 @@ static int shash_prepare_alg(struct shash_alg *alg) { struct crypto_alg *base = &alg->base; - if (alg->digestsize > PAGE_SIZE / 8 || - alg->descsize > PAGE_SIZE / 8 || - alg->statesize > PAGE_SIZE / 8) + if (alg->digestsize > HASH_MAX_DIGESTSIZE || + alg->descsize > HASH_MAX_DESCSIZE || + alg->statesize > HASH_MAX_STATESIZE) return -EINVAL; base->cra_type = &crypto_shash_type; diff --git a/include/crypto/hash.h b/include/crypto/hash.h index 76e432cab75d..21587011ab0f 100644 --- a/include/crypto/hash.h +++ b/include/crypto/hash.h @@ -151,9 +151,13 @@ struct shash_desc { void *__ctx[] CRYPTO_MINALIGN_ATTR; }; +#define HASH_MAX_DIGESTSIZE 64 +#define HASH_MAX_DESCSIZE 360 +#define HASH_MAX_STATESIZE 512 + #define SHASH_DESC_ON_STACK(shash, ctx) \ char __##shash##_desc[sizeof(struct shash_desc) + \ - crypto_shash_descsize(ctx)] CRYPTO_MINALIGN_ATTR; \ + HASH_MAX_DESCSIZE] CRYPTO_MINALIGN_ATTR; \ struct shash_desc *shash = (struct shash_desc *)__##shash##_desc /** From patchwork Thu Aug 2 22:51:48 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10554301 X-Patchwork-Delegate: snitzer@redhat.com Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A2A9915E9 for ; Thu, 2 Aug 2018 22:52:32 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8DE082C4E2 for ; Thu, 2 Aug 2018 22:52:32 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 801422C4E8; Thu, 2 Aug 2018 22:52:32 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 04B212C4E2 for ; Thu, 2 Aug 2018 22:52:32 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C431F90257; Thu, 2 Aug 2018 22:52:30 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 95A8B1948E; Thu, 2 Aug 2018 22:52:30 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 583B218037EC; Thu, 2 Aug 2018 22:52:30 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w72Mq6WO026230 for ; Thu, 2 Aug 2018 18:52:06 -0400 Received: by smtp.corp.redhat.com (Postfix) id 30C5C1062241; Thu, 2 Aug 2018 22:52:06 +0000 (UTC) Delivered-To: dm-devel@redhat.com Received: from mx1.redhat.com (ext-mx16.extmail.prod.ext.phx2.redhat.com [10.5.110.45]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 29E1B1001F58 for ; Thu, 2 Aug 2018 22:52:06 +0000 (UTC) Received: from mail-pg1-f196.google.com (mail-pg1-f196.google.com [209.85.215.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id EACA53082A33 for ; Thu, 2 Aug 2018 22:52:03 +0000 (UTC) Received: by mail-pg1-f196.google.com with SMTP id k3-v6so1892230pgq.5 for ; Thu, 02 Aug 2018 15:52:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=XEthQhO55UFajYXolwRxBcBomydbdSRnD/7XsWAlazI=; b=UGt12nTwmHxhJQgBrDpAX55UtwLPk4N83/y1pbOn4tNkYzoY5ED+aYV9ih6WeESb5/ OQ2+P2UZ22n8h9mhOzG1oNpL6ctibvRjZJpMrmbQzdrg3yR+nK+C67PbnTwJbGRx/B+j cKwiAFQ3b9jqFq1FqJwQ1629OLXkehfL4TA88= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=XEthQhO55UFajYXolwRxBcBomydbdSRnD/7XsWAlazI=; b=Zei4qRKO6M1PiOUWTPzLBelZVD25hoLtlMqtwQDBnH/znozL+2t56dPfbbE+yqbnS9 FAY0LlKWuayCj3fa/UkT81AJZ/mXCcJsR1OCLzOrozdnWRwxkmoY7vochdmqrQdNP7vT E2Zoqe1apwgEZMF68diJMPrU7iTbu1Ej43lgrv/JQCPn8iIj1HDMDDd43xo3zmsf17nF lhikdZFghe8yU0hK6Q/PKb1eGue+dk8t9v6qUXnUlSNnbunqaWqk26D9+BJChk8/AiQS 4uT3hIRHXkXQRZ/cEiMnktgJsLRp08NE6s3vOrFHAY4230g2aOKb8P6VZtzcZOJTg4bq GxfQ== X-Gm-Message-State: AOUpUlGaZ2KoL0zsQ3B23DupmdH7PRD+TU76Ba8q8k6eSbfZ5dy3AihN VMGJGRCmtnpwa27Jm1HEbBSn0g== X-Google-Smtp-Source: AAOMgpdbbtksYbVv6VbveSuwIRrJjtZmIYHON1vFmCbpEYkI+B/m7rTm2gRqjDTBfLLx0D7e53ynWg== X-Received: by 2002:a62:9c17:: with SMTP id f23-v6mr1445023pfe.209.1533250323395; Thu, 02 Aug 2018 15:52:03 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id k79-v6sm7811453pfa.22.2018.08.02.15.51.58 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 02 Aug 2018 15:52:01 -0700 (PDT) From: Kees Cook To: Herbert Xu Date: Thu, 2 Aug 2018 15:51:48 -0700 Message-Id: <20180802225152.19194-6-keescook@chromium.org> In-Reply-To: <20180802225152.19194-1-keescook@chromium.org> References: <20180802225152.19194-1-keescook@chromium.org> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Thu, 02 Aug 2018 22:52:04 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Thu, 02 Aug 2018 22:52:04 +0000 (UTC) for IP:'209.85.215.196' DOMAIN:'mail-pg1-f196.google.com' HELO:'mail-pg1-f196.google.com' FROM:'keescook@chromium.org' RCPT:'' X-RedHat-Spam-Score: -0.131 (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_PASS) 209.85.215.196 mail-pg1-f196.google.com 209.85.215.196 mail-pg1-f196.google.com X-Scanned-By: MIMEDefang 2.84 on 10.5.110.45 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-loop: dm-devel@redhat.com Cc: Giovanni Cabiddu , linux-kernel@vger.kernel.org, Kees Cook , Mike Snitzer , Ard Biesheuvel , Rasmus Villemoes , Tudor-Dan Ambarus , Will Deacon , Matthew Wilcox , Arnd Bergmann , "David S. Miller" , dm-devel@redhat.com, Geert Uytterhoeven , David Woodhouse , qat-linux@intel.com, Andrew Morton , Thomas Gleixner , Alasdair Kergon , linux-crypto@vger.kernel.org Subject: [dm-devel] [PATCH v7 5/9] dm: Remove VLA usage from hashes X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Thu, 02 Aug 2018 22:52:31 +0000 (UTC) X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this uses the new HASH_MAX_DIGESTSIZE from the crypto layer to allocate the upper bounds on stack usage. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- drivers/md/dm-integrity.c | 23 +++++++++++++++++------ drivers/md/dm-verity-fec.c | 5 ++++- 2 files changed, 21 insertions(+), 7 deletions(-) diff --git a/drivers/md/dm-integrity.c b/drivers/md/dm-integrity.c index 86438b2f10dd..884edd7cf1d0 100644 --- a/drivers/md/dm-integrity.c +++ b/drivers/md/dm-integrity.c @@ -521,7 +521,12 @@ static void section_mac(struct dm_integrity_c *ic, unsigned section, __u8 result } memset(result + size, 0, JOURNAL_MAC_SIZE - size); } else { - __u8 digest[size]; + __u8 digest[HASH_MAX_DIGESTSIZE]; + + if (WARN_ON(size > sizeof(digest))) { + dm_integrity_io_error(ic, "digest_size", -EINVAL); + goto err; + } r = crypto_shash_final(desc, digest); if (unlikely(r)) { dm_integrity_io_error(ic, "crypto_shash_final", r); @@ -1244,7 +1249,7 @@ static void integrity_metadata(struct work_struct *w) struct bio *bio = dm_bio_from_per_bio_data(dio, sizeof(struct dm_integrity_io)); char *checksums; unsigned extra_space = unlikely(digest_size > ic->tag_size) ? digest_size - ic->tag_size : 0; - char checksums_onstack[ic->tag_size + extra_space]; + char checksums_onstack[HASH_MAX_DIGESTSIZE]; unsigned sectors_to_process = dio->range.n_sectors; sector_t sector = dio->range.logical_sector; @@ -1253,8 +1258,14 @@ static void integrity_metadata(struct work_struct *w) checksums = kmalloc((PAGE_SIZE >> SECTOR_SHIFT >> ic->sb->log2_sectors_per_block) * ic->tag_size + extra_space, GFP_NOIO | __GFP_NORETRY | __GFP_NOWARN); - if (!checksums) + if (!checksums) { checksums = checksums_onstack; + if (WARN_ON(extra_space && + digest_size > sizeof(checksums_onstack))) { + r = -EINVAL; + goto error; + } + } __bio_for_each_segment(bv, bio, iter, dio->orig_bi_iter) { unsigned pos; @@ -1466,7 +1477,7 @@ static bool __journal_read_write(struct dm_integrity_io *dio, struct bio *bio, } while (++s < ic->sectors_per_block); #ifdef INTERNAL_VERIFY if (ic->internal_hash) { - char checksums_onstack[max(crypto_shash_digestsize(ic->internal_hash), ic->tag_size)]; + char checksums_onstack[max(HASH_MAX_DIGESTSIZE, MAX_TAG_SIZE)]; integrity_sector_checksum(ic, logical_sector, mem + bv.bv_offset, checksums_onstack); if (unlikely(memcmp(checksums_onstack, journal_entry_tag(ic, je), ic->tag_size))) { @@ -1516,7 +1527,7 @@ static bool __journal_read_write(struct dm_integrity_io *dio, struct bio *bio, if (ic->internal_hash) { unsigned digest_size = crypto_shash_digestsize(ic->internal_hash); if (unlikely(digest_size > ic->tag_size)) { - char checksums_onstack[digest_size]; + char checksums_onstack[HASH_MAX_DIGESTSIZE]; integrity_sector_checksum(ic, logical_sector, (char *)js, checksums_onstack); memcpy(journal_entry_tag(ic, je), checksums_onstack, ic->tag_size); } else @@ -1937,7 +1948,7 @@ static void do_journal_write(struct dm_integrity_c *ic, unsigned write_start, unlikely(from_replay) && #endif ic->internal_hash) { - char test_tag[max(crypto_shash_digestsize(ic->internal_hash), ic->tag_size)]; + char test_tag[max_t(size_t, HASH_MAX_DIGESTSIZE, MAX_TAG_SIZE)]; integrity_sector_checksum(ic, sec + ((l - j) << ic->sb->log2_sectors_per_block), (char *)access_journal_data(ic, i, l), test_tag); diff --git a/drivers/md/dm-verity-fec.c b/drivers/md/dm-verity-fec.c index 684af08d0747..0ce04e5b4afb 100644 --- a/drivers/md/dm-verity-fec.c +++ b/drivers/md/dm-verity-fec.c @@ -212,12 +212,15 @@ static int fec_read_bufs(struct dm_verity *v, struct dm_verity_io *io, struct dm_verity_fec_io *fio = fec_io(io); u64 block, ileaved; u8 *bbuf, *rs_block; - u8 want_digest[v->digest_size]; + u8 want_digest[HASH_MAX_DIGESTSIZE]; unsigned n, k; if (neras) *neras = 0; + if (WARN_ON(v->digest_size > sizeof(want_digest))) + return -EINVAL; + /* * read each of the rsn data blocks that are part of the RS block, and * interleave contents to available bufs From patchwork Thu Aug 2 22:51:49 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10554295 X-Patchwork-Delegate: snitzer@redhat.com Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D7EF213BF for ; Thu, 2 Aug 2018 22:52:22 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C44CF2C4E2 for ; Thu, 2 Aug 2018 22:52:22 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id B7DA52C4E8; Thu, 2 Aug 2018 22:52:22 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 5768A2C4E2 for ; Thu, 2 Aug 2018 22:52:22 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 57CB910F05; Thu, 2 Aug 2018 22:52:21 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 28C66300165E; Thu, 2 Aug 2018 22:52:21 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id DD0DC4A465; Thu, 2 Aug 2018 22:52:20 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w72Mq54a026210 for ; Thu, 2 Aug 2018 18:52:05 -0400 Received: by smtp.corp.redhat.com (Postfix) id AC32C10694C9; Thu, 2 Aug 2018 22:52:05 +0000 (UTC) Delivered-To: dm-devel@redhat.com Received: from mx1.redhat.com (ext-mx18.extmail.prod.ext.phx2.redhat.com [10.5.110.47]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A47DE1062241 for ; Thu, 2 Aug 2018 22:52:03 +0000 (UTC) Received: from mail-pl0-f65.google.com (mail-pl0-f65.google.com [209.85.160.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id ADBC430820EB for ; Thu, 2 Aug 2018 22:52:02 +0000 (UTC) Received: by mail-pl0-f65.google.com with SMTP id b90-v6so889292plb.0 for ; Thu, 02 Aug 2018 15:52:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=om28ZBbqlVOdWVGgbNqly+1dcj2BlW29w8AmBA0lHYw=; b=gnuzfHVgztgCCNRm6Fo6hVqX8eYr4Cy0DA9YmvVEZUDPcqjuZTuvhJGfe6Fz9Ki6xL sKZ8btMCqEqKQNMkmLHPylQ6viMLow8hbJi3F/8F6G9iw3+/YDDWTvP53rMKzGye/TmY JNVxv2cWfyrs6XSqIQSGK6uJb+1xdTn80qCgY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=om28ZBbqlVOdWVGgbNqly+1dcj2BlW29w8AmBA0lHYw=; b=PehVgPWMGtRz+XBzpUlR5KDaqEwybl4eBamz6AEF3Vik2LtImnsEke0CbYu0NPqwCu ALkbR0a8XMpRbxYtxTTCXWDTgLSPUqrPflPT0sz8lJ3uyM3nTdUG/2w0zzFIRgJZX1lA mXIjO0/bewgerjA4F58RpDwdtmnn2K9GGGcAJAkB0A2VuekRNuugz3FVsUTh8yGPXKRw ygmtszRxePc2VD+EESmV/ulG+7AoYshkDkDy99JsbcjdwhgzOqsplIjkH5V/i8RYOvxS +R9JU6kCwUamw/IeRmWz9Rn3RAMjTFNfRmu5rmg7WJa7Tt1l5cUAi1ACW/+miytBwx5D qfmA== X-Gm-Message-State: AOUpUlEsJTXI3FZU4L0hzNA5y9REMWPc2XBjEHPsTBQmB5oY3S6IscDd SmS4KIY/cnZAKFXyk9eiwisiQw== X-Google-Smtp-Source: AAOMgpfmK6OmRV1X/DEFd8Nc1SsO6Or88hMnC6IN4nSKK0Vef7te6s/1iPxrNJYDR3XpRu8h4dF2Uw== X-Received: by 2002:a17:902:758c:: with SMTP id j12-v6mr1141313pll.195.1533250322224; Thu, 02 Aug 2018 15:52:02 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id a77-v6sm5911001pfj.38.2018.08.02.15.51.58 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 02 Aug 2018 15:52:01 -0700 (PDT) From: Kees Cook To: Herbert Xu Date: Thu, 2 Aug 2018 15:51:49 -0700 Message-Id: <20180802225152.19194-7-keescook@chromium.org> In-Reply-To: <20180802225152.19194-1-keescook@chromium.org> References: <20180802225152.19194-1-keescook@chromium.org> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Thu, 02 Aug 2018 22:52:02 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Thu, 02 Aug 2018 22:52:02 +0000 (UTC) for IP:'209.85.160.65' DOMAIN:'mail-pl0-f65.google.com' HELO:'mail-pl0-f65.google.com' FROM:'keescook@chromium.org' RCPT:'' X-RedHat-Spam-Score: -0.131 (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_PASS) 209.85.160.65 mail-pl0-f65.google.com 209.85.160.65 mail-pl0-f65.google.com X-Scanned-By: MIMEDefang 2.84 on 10.5.110.47 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-loop: dm-devel@redhat.com Cc: Giovanni Cabiddu , linux-kernel@vger.kernel.org, Kees Cook , Mike Snitzer , Ard Biesheuvel , Rasmus Villemoes , Tudor-Dan Ambarus , Will Deacon , Matthew Wilcox , Arnd Bergmann , "David S. Miller" , dm-devel@redhat.com, Geert Uytterhoeven , David Woodhouse , qat-linux@intel.com, Andrew Morton , Thomas Gleixner , Alasdair Kergon , linux-crypto@vger.kernel.org Subject: [dm-devel] [PATCH v7 6/9] crypto alg: Introduce generic max blocksize and alignmask X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.26 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Thu, 02 Aug 2018 22:52:21 +0000 (UTC) X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this exposes a new general upper bound on crypto blocksize and alignmask (higher than for the existing cipher limits) for VLA removal, and introduces new checks. At present, the highest cra_alignmask in the kernel is 63. The highest cra_blocksize is 144 (SHA3_224_BLOCK_SIZE, 18 8-byte words). For the new blocksize limit, I went with 160 (20 8-byte words). [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- crypto/algapi.c | 7 ++++++- include/crypto/algapi.h | 4 +++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/crypto/algapi.c b/crypto/algapi.c index c0755cf4f53f..496fc51bf215 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -57,9 +57,14 @@ static int crypto_check_alg(struct crypto_alg *alg) if (alg->cra_alignmask & (alg->cra_alignmask + 1)) return -EINVAL; - if (alg->cra_blocksize > PAGE_SIZE / 8) + /* General maximums for all algs. */ + if (alg->cra_alignmask > MAX_ALGAPI_ALIGNMASK) return -EINVAL; + if (alg->cra_blocksize > MAX_ALGAPI_BLOCKSIZE) + return -EINVAL; + + /* Lower maximums for specific alg types. */ if (!alg->cra_type && (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) { if (alg->cra_alignmask > MAX_CIPHER_ALIGNMASK) diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h index bd5e8ccf1687..21371ac8f355 100644 --- a/include/crypto/algapi.h +++ b/include/crypto/algapi.h @@ -20,8 +20,10 @@ /* * Maximum values for blocksize and alignmask, used to allocate * static buffers that are big enough for any combination of - * ciphers and architectures. + * algs and architectures. Ciphers have a lower maximum size. */ +#define MAX_ALGAPI_BLOCKSIZE 160 +#define MAX_ALGAPI_ALIGNMASK 63 #define MAX_CIPHER_BLOCKSIZE 16 #define MAX_CIPHER_ALIGNMASK 15 From patchwork Thu Aug 2 22:51:50 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10554299 X-Patchwork-Delegate: snitzer@redhat.com Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A0FE315E9 for ; Thu, 2 Aug 2018 22:52:29 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8DDF92C4E2 for ; Thu, 2 Aug 2018 22:52:29 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 819172C4E8; Thu, 2 Aug 2018 22:52:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 27EBC2C4E2 for ; Thu, 2 Aug 2018 22:52:29 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D1B8E308402C; Thu, 2 Aug 2018 22:52:27 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A9573D3CD3; Thu, 2 Aug 2018 22:52:27 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 684364A46C; Thu, 2 Aug 2018 22:52:27 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.25]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w72Mq57F026225 for ; Thu, 2 Aug 2018 18:52:05 -0400 Received: by smtp.corp.redhat.com (Postfix) id E7DA82010CC4; Thu, 2 Aug 2018 22:52:05 +0000 (UTC) Delivered-To: dm-devel@redhat.com Received: from mx1.redhat.com (ext-mx12.extmail.prod.ext.phx2.redhat.com [10.5.110.41]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DE07E2010CB5 for ; Thu, 2 Aug 2018 22:52:05 +0000 (UTC) Received: from mail-pg1-f195.google.com (mail-pg1-f195.google.com [209.85.215.195]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C35DB308A95A for ; Thu, 2 Aug 2018 22:52:04 +0000 (UTC) Received: by mail-pg1-f195.google.com with SMTP id f14-v6so1368254pgv.13 for ; Thu, 02 Aug 2018 15:52:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=BYgigRdBSanSiafl9f2cJhj28CjRYh2SZJXlKmlCU5M=; b=UigPxuBmykunqKnqzKm6827zR+OIUHu+pQcfKTB79/NYEvyqd31MiliHPuJtN5deOT +N9eKOPm4+oeOnMQ+MDJaJ/UzpjaG633esZqb11FZ+RSNlkQlUOUNhW4DtmCjOG2Mf5Q 6AiymdEPWVD0qNC28a134xAZhwZosbRR2UCAs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=BYgigRdBSanSiafl9f2cJhj28CjRYh2SZJXlKmlCU5M=; b=sKX1hLtfyClqJyIuX4dzxF3QCXOrQiVwlFZnm6HJNLnGI/nWa60zpfcfGDG7QJ8scZ 8cRQEcwSHQctkBQqpBn8fLV9G06G7u+pJV0oCKP2AKyKUCD0+rP9WROj188FdjCgOF1v PrvNN7q048i7HTCy6WUseQSsLEqsMoH9afwHCGkLdM7upldZ0NyWatsrLAZhKmoeKBXx MF9DNkgMxO60Pqz62NXfHb/ptwWbZTJX5Te737GMRiY+z/C6udGjYhnjYgNDF8zexPea PB3z/W7KY2o2CUtNUcO+HdVaIsKYr6357fkgB85oN50xuaqaDMSmem++9gyOtIAlQuIt Pvyg== X-Gm-Message-State: AOUpUlECrxqTMH4O9ro8IuGP0OvyIVmmI6RJoxMPks8wz/TTw5CaTRHf im6bLSo4k0cfQN1hpNY6ZUYOBg== X-Google-Smtp-Source: AAOMgpcsmlt5k1ouh7N1h9VGSIiu5UCKb8UkjRUwwxRPdVNfajQqQWMd397hcAqcnWnomxtvcYzX2g== X-Received: by 2002:a62:5cc1:: with SMTP id q184-v6mr1455794pfb.241.1533250324318; Thu, 02 Aug 2018 15:52:04 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id s16-v6sm4033868pfm.114.2018.08.02.15.51.58 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 02 Aug 2018 15:52:01 -0700 (PDT) From: Kees Cook To: Herbert Xu Date: Thu, 2 Aug 2018 15:51:50 -0700 Message-Id: <20180802225152.19194-8-keescook@chromium.org> In-Reply-To: <20180802225152.19194-1-keescook@chromium.org> References: <20180802225152.19194-1-keescook@chromium.org> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]); Thu, 02 Aug 2018 22:52:04 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]); Thu, 02 Aug 2018 22:52:04 +0000 (UTC) for IP:'209.85.215.195' DOMAIN:'mail-pg1-f195.google.com' HELO:'mail-pg1-f195.google.com' FROM:'keescook@chromium.org' RCPT:'' X-RedHat-Spam-Score: -0.131 (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_PASS) 209.85.215.195 mail-pg1-f195.google.com 209.85.215.195 mail-pg1-f195.google.com X-Scanned-By: MIMEDefang 2.84 on 10.5.110.41 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.25 X-loop: dm-devel@redhat.com Cc: Giovanni Cabiddu , linux-kernel@vger.kernel.org, Kees Cook , Mike Snitzer , Ard Biesheuvel , Rasmus Villemoes , Tudor-Dan Ambarus , Will Deacon , Matthew Wilcox , Arnd Bergmann , "David S. Miller" , dm-devel@redhat.com, Geert Uytterhoeven , David Woodhouse , qat-linux@intel.com, Andrew Morton , Thomas Gleixner , Alasdair Kergon , linux-crypto@vger.kernel.org Subject: [dm-devel] [PATCH v7 7/9] crypto: qat: Remove VLA usage X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.27 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.40]); Thu, 02 Aug 2018 22:52:28 +0000 (UTC) X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this uses the new upper bound for the stack buffer. Also adds a sanity check. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- drivers/crypto/qat/qat_common/qat_algs.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/qat/qat_common/qat_algs.c b/drivers/crypto/qat/qat_common/qat_algs.c index 1138e41d6805..a28edf7b792f 100644 --- a/drivers/crypto/qat/qat_common/qat_algs.c +++ b/drivers/crypto/qat/qat_common/qat_algs.c @@ -153,8 +153,8 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash, struct sha512_state sha512; int block_size = crypto_shash_blocksize(ctx->hash_tfm); int digest_size = crypto_shash_digestsize(ctx->hash_tfm); - char ipad[block_size]; - char opad[block_size]; + char ipad[MAX_ALGAPI_BLOCKSIZE]; + char opad[MAX_ALGAPI_BLOCKSIZE]; __be32 *hash_state_out; __be64 *hash512_state_out; int i, offset; @@ -164,6 +164,10 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash, shash->tfm = ctx->hash_tfm; shash->flags = 0x0; + if (WARN_ON(block_size > sizeof(ipad) || + sizeof(ipad) != sizeof(opad))) + return -EINVAL; + if (auth_keylen > block_size) { int ret = crypto_shash_digest(shash, auth_key, auth_keylen, ipad); From patchwork Thu Aug 2 22:51:51 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10556089 X-Patchwork-Delegate: snitzer@redhat.com Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B86D3157D for ; Sun, 5 Aug 2018 08:51:37 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A701729916 for ; Sun, 5 Aug 2018 08:51:37 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 994382991E; Sun, 5 Aug 2018 08:51:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=unavailable version=3.3.1 Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 3258329916 for ; Sun, 5 Aug 2018 08:51:37 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 145D0601F; Sun, 5 Aug 2018 08:51:36 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8509661B96; Sun, 5 Aug 2018 08:51:35 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 3C0111800B6B; Sun, 5 Aug 2018 08:51:35 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w72MqCCE026269 for ; Thu, 2 Aug 2018 18:52:12 -0400 Received: by smtp.corp.redhat.com (Postfix) id 3F703600C7; Thu, 2 Aug 2018 22:52:12 +0000 (UTC) Delivered-To: dm-devel@redhat.com Received: from mx1.redhat.com (ext-mx08.extmail.prod.ext.phx2.redhat.com [10.5.110.32]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 34F90600C5 for ; Thu, 2 Aug 2018 22:52:08 +0000 (UTC) Received: from mail-pg1-f194.google.com (mail-pg1-f194.google.com [209.85.215.194]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0DD27C057F92 for ; Thu, 2 Aug 2018 22:52:07 +0000 (UTC) Received: by mail-pg1-f194.google.com with SMTP id h12-v6so1896349pgs.3 for ; Thu, 02 Aug 2018 15:52:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Ok95ycGnZuw2CZpO4KgRNxj4QX0cXIlEQlrBt5ewdsw=; b=gTSIjP+BXLrO2IicbnHBes4QeogFvcVEPlBh6HW/dJmhxKmm2PRY92QWTE5qvxgKv5 nUnJ3qbKIKsx1RNyphjxyxxRicPleCpQPJWSL+GSzteLUbAZa7BKa/rUPL3YE7lf7gET Sc4RXeQOLoBYd7tPQGW/nhp+8KlfHwLJqf4c8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Ok95ycGnZuw2CZpO4KgRNxj4QX0cXIlEQlrBt5ewdsw=; b=TvbVsguGpcV5Z658+KnMOS4OAThwEkfRqp3xyxfmNbr991uOJBtXO7i/deUWc4aY1+ XozIeSA/dkwubUPxsy/XP13iaMc/Pz28iLMc4GPefX6kGf6WZLOts2sZGe27pY5GJyio KmXZ6fiye3nxkSqZyy0FwVWS53q1EfJH76LhPXXTCNpYE3aZLUh9Kv6OwtPO2/FyVuVP yOLnoryqo/+ScJiQ+IaJI7EjIQHIwfo5j3NZ4684pLdWnf6LQEryM/LSPuXt7XKoapHw I61zspG1zYcirElpWQTbv7vHzZXb60vNmyMx/AaGElTt+pQkbqI0OYl0KaeXs/xogTsh kAhg== X-Gm-Message-State: AOUpUlHq29GwmM6mO0vi/3ncAeFC3mE0HJDzJcsR/Rv0vvgVA0dMPcDh KJR4SbmvoDt1DSjzy+RN+06dqw== X-Google-Smtp-Source: AAOMgpcIKNAsPE4xgqD+LPYAJrI0futpo4xXl95pAv66fpabVHFtxBe0/N7mY4z7z4v2OAq0Vc+lMQ== X-Received: by 2002:a63:380d:: with SMTP id f13-v6mr1267746pga.124.1533250326535; Thu, 02 Aug 2018 15:52:06 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id k64-v6sm5576852pfg.141.2018.08.02.15.51.58 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 02 Aug 2018 15:52:01 -0700 (PDT) From: Kees Cook To: Herbert Xu Date: Thu, 2 Aug 2018 15:51:51 -0700 Message-Id: <20180802225152.19194-9-keescook@chromium.org> In-Reply-To: <20180802225152.19194-1-keescook@chromium.org> References: <20180802225152.19194-1-keescook@chromium.org> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 02 Aug 2018 22:52:07 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 02 Aug 2018 22:52:07 +0000 (UTC) for IP:'209.85.215.194' DOMAIN:'mail-pg1-f194.google.com' HELO:'mail-pg1-f194.google.com' FROM:'keescook@chromium.org' RCPT:'' X-RedHat-Spam-Score: -0.131 (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_PASS) 209.85.215.194 mail-pg1-f194.google.com 209.85.215.194 mail-pg1-f194.google.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.32 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: dm-devel@redhat.com Cc: Giovanni Cabiddu , linux-kernel@vger.kernel.org, Kees Cook , Mike Snitzer , Ard Biesheuvel , Rasmus Villemoes , Tudor-Dan Ambarus , Will Deacon , Matthew Wilcox , Arnd Bergmann , "David S. Miller" , dm-devel@redhat.com, Geert Uytterhoeven , David Woodhouse , qat-linux@intel.com, Andrew Morton , Thomas Gleixner , Alasdair Kergon , linux-crypto@vger.kernel.org Subject: [dm-devel] [PATCH v7 8/9] crypto: shash: Remove VLA usage in unaligned hashing X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Sun, 05 Aug 2018 08:51:36 +0000 (UTC) X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this uses the newly defined max alignment to perform unaligned hashing to avoid VLAs, and drops the helper function while adding sanity checks on the resulting buffer sizes. Additionally, the __aligned_largest macro is removed since this helper was the only user. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- crypto/shash.c | 27 ++++++++++++++++----------- include/linux/compiler-gcc.h | 1 - 2 files changed, 16 insertions(+), 12 deletions(-) diff --git a/crypto/shash.c b/crypto/shash.c index 86d76b5c626c..d21f04d70dce 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -73,13 +73,6 @@ int crypto_shash_setkey(struct crypto_shash *tfm, const u8 *key, } EXPORT_SYMBOL_GPL(crypto_shash_setkey); -static inline unsigned int shash_align_buffer_size(unsigned len, - unsigned long mask) -{ - typedef u8 __aligned_largest u8_aligned; - return len + (mask & ~(__alignof__(u8_aligned) - 1)); -} - static int shash_update_unaligned(struct shash_desc *desc, const u8 *data, unsigned int len) { @@ -88,11 +81,17 @@ static int shash_update_unaligned(struct shash_desc *desc, const u8 *data, unsigned long alignmask = crypto_shash_alignmask(tfm); unsigned int unaligned_len = alignmask + 1 - ((unsigned long)data & alignmask); - u8 ubuf[shash_align_buffer_size(unaligned_len, alignmask)] - __aligned_largest; + /* + * We cannot count on __aligned() working for large values: + * https://patchwork.kernel.org/patch/9507697/ + */ + u8 ubuf[MAX_ALGAPI_ALIGNMASK * 2]; u8 *buf = PTR_ALIGN(&ubuf[0], alignmask + 1); int err; + if (WARN_ON(buf + unaligned_len > ubuf + sizeof(ubuf))) + return -EINVAL; + if (unaligned_len > len) unaligned_len = len; @@ -124,11 +123,17 @@ static int shash_final_unaligned(struct shash_desc *desc, u8 *out) unsigned long alignmask = crypto_shash_alignmask(tfm); struct shash_alg *shash = crypto_shash_alg(tfm); unsigned int ds = crypto_shash_digestsize(tfm); - u8 ubuf[shash_align_buffer_size(ds, alignmask)] - __aligned_largest; + /* + * We cannot count on __aligned() working for large values: + * https://patchwork.kernel.org/patch/9507697/ + */ + u8 ubuf[MAX_ALGAPI_ALIGNMASK + HASH_MAX_DIGESTSIZE]; u8 *buf = PTR_ALIGN(&ubuf[0], alignmask + 1); int err; + if (WARN_ON(buf + ds > ubuf + sizeof(ubuf))) + return -EINVAL; + err = shash->final(desc, buf); if (err) goto out; diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h index f1a7492a5cc8..1f1cdef36a82 100644 --- a/include/linux/compiler-gcc.h +++ b/include/linux/compiler-gcc.h @@ -125,7 +125,6 @@ */ #define __pure __attribute__((pure)) #define __aligned(x) __attribute__((aligned(x))) -#define __aligned_largest __attribute__((aligned)) #define __printf(a, b) __attribute__((format(printf, a, b))) #define __scanf(a, b) __attribute__((format(scanf, a, b))) #define __attribute_const__ __attribute__((__const__)) From patchwork Thu Aug 2 22:51:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10556087 X-Patchwork-Delegate: snitzer@redhat.com Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6E92914E2 for ; Sun, 5 Aug 2018 08:51:34 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5E78329913 for ; Sun, 5 Aug 2018 08:51:34 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 525A629916; Sun, 5 Aug 2018 08:51:34 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id EA59529913 for ; Sun, 5 Aug 2018 08:51:33 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8AB43307DA3E; Sun, 5 Aug 2018 08:51:32 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 28D33784D1; Sun, 5 Aug 2018 08:51:32 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id BB4764EE13; Sun, 5 Aug 2018 08:51:31 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w72Mq91l026259 for ; Thu, 2 Aug 2018 18:52:09 -0400 Received: by smtp.corp.redhat.com (Postfix) id 662016FDC1; Thu, 2 Aug 2018 22:52:09 +0000 (UTC) Delivered-To: dm-devel@redhat.com Received: from mx1.redhat.com (ext-mx10.extmail.prod.ext.phx2.redhat.com [10.5.110.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5C8556F969 for ; Thu, 2 Aug 2018 22:52:06 +0000 (UTC) Received: from mail-pg1-f194.google.com (mail-pg1-f194.google.com [209.85.215.194]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9DEBE5D5EE for ; Thu, 2 Aug 2018 22:52:05 +0000 (UTC) Received: by mail-pg1-f194.google.com with SMTP id y4-v6so1886649pgp.9 for ; Thu, 02 Aug 2018 15:52:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=xi1UiijgPtH3bEbgxLJTLT+H3zXPa7fDlbmxyBVC5QY=; b=eGPrL4Iqvi3fpF1UY/SdATbOG42TY0YaGFjLLGUxOxa7eMQXe+hgudakAAfjPgcNX7 0zhtrJMEJmCqEGxJEoF3x/apLx+ZXnGBOE7RpL6dY57u0asc22zOwbYMf3Djpurzvmmb p4Sc0ZPKzdhueTt1z0KUh54g813kl0b4f61qc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=xi1UiijgPtH3bEbgxLJTLT+H3zXPa7fDlbmxyBVC5QY=; b=KeW4XXazPlm9WZKkHfTtomg0b1LRMyRmOcPu42zAGlHjxek3upUNGstUsiwaoYTiCe v9CdsBVA4rE+IuEj+xpM9wW3SWXjvQk3PA3qc6WQFsakVULrV5GXH9hMGck+2oFvo9G8 X/9OnqB8OCSlIEOv1LhnONdwMjrh7XJZSyMjUcwT64itDtQLwUJQxdANn64faGUsWwDu c18aJcChNDddznji+ZJGphZXX/T9AM3WjETYZTh6qwr0nmBpvwrV4hiazBWUgxIdWJgc eZkyhOAq6gYtUOKTHze8JsAEHB8kOCFU2RHCbun8LzoHVdUmd8S1S6NyYFsfc53e4hSK DDrA== X-Gm-Message-State: AOUpUlFT/7hjDrj/Q8wnvJXQej8PWd1MHuVo0VYmKQ+jvDDj136LpzJO 66owJiqLCqAZOLmZ0z1EQdSOTA== X-Google-Smtp-Source: AAOMgpc/uRMA4sPxhEFJiLaj5SOCRI4SkxWo1T6OF/GJjTPO/dJWYQNE4mYnveDfWTGqXs7TfoSZAw== X-Received: by 2002:a63:314f:: with SMTP id x76-v6mr1184591pgx.373.1533250325177; Thu, 02 Aug 2018 15:52:05 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id n26-v6sm2848324pgv.78.2018.08.02.15.51.59 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 02 Aug 2018 15:52:01 -0700 (PDT) From: Kees Cook To: Herbert Xu Date: Thu, 2 Aug 2018 15:51:52 -0700 Message-Id: <20180802225152.19194-10-keescook@chromium.org> In-Reply-To: <20180802225152.19194-1-keescook@chromium.org> References: <20180802225152.19194-1-keescook@chromium.org> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Thu, 02 Aug 2018 22:52:05 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Thu, 02 Aug 2018 22:52:05 +0000 (UTC) for IP:'209.85.215.194' DOMAIN:'mail-pg1-f194.google.com' HELO:'mail-pg1-f194.google.com' FROM:'keescook@chromium.org' RCPT:'' X-RedHat-Spam-Score: -0.131 (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_PASS) 209.85.215.194 mail-pg1-f194.google.com 209.85.215.194 mail-pg1-f194.google.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.39 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: dm-devel@redhat.com Cc: Giovanni Cabiddu , linux-kernel@vger.kernel.org, Kees Cook , Mike Snitzer , Ard Biesheuvel , Rasmus Villemoes , Tudor-Dan Ambarus , Will Deacon , Matthew Wilcox , Arnd Bergmann , "David S. Miller" , dm-devel@redhat.com, Geert Uytterhoeven , David Woodhouse , qat-linux@intel.com, Andrew Morton , Thomas Gleixner , Alasdair Kergon , linux-crypto@vger.kernel.org Subject: [dm-devel] [PATCH v7 9/9] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]); Sun, 05 Aug 2018 08:51:33 +0000 (UTC) X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this caps the skcipher request size similar to other limits and adds a sanity check at registration. Looking at instrumented tcrypt output, the largest is for lrw: crypt: testing lrw(aes) crypto_skcipher_set_reqsize: 8 crypto_skcipher_set_reqsize: 88 crypto_skcipher_set_reqsize: 472 [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- include/crypto/internal/skcipher.h | 1 + include/crypto/skcipher.h | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/include/crypto/internal/skcipher.h b/include/crypto/internal/skcipher.h index e42f7063f245..5035482cbe68 100644 --- a/include/crypto/internal/skcipher.h +++ b/include/crypto/internal/skcipher.h @@ -130,6 +130,7 @@ static inline struct crypto_skcipher *crypto_spawn_skcipher( static inline void crypto_skcipher_set_reqsize( struct crypto_skcipher *skcipher, unsigned int reqsize) { + BUG_ON(reqsize > SKCIPHER_MAX_REQSIZE); skcipher->reqsize = reqsize; } diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h index 2f327f090c3e..c48e194438cf 100644 --- a/include/crypto/skcipher.h +++ b/include/crypto/skcipher.h @@ -139,9 +139,11 @@ struct skcipher_alg { struct crypto_alg base; }; +#define SKCIPHER_MAX_REQSIZE 472 + #define SKCIPHER_REQUEST_ON_STACK(name, tfm) \ char __##name##_desc[sizeof(struct skcipher_request) + \ - crypto_skcipher_reqsize(tfm)] CRYPTO_MINALIGN_ATTR; \ + SKCIPHER_MAX_REQSIZE] CRYPTO_MINALIGN_ATTR; \ struct skcipher_request *name = (void *)__##name##_desc /**