From patchwork Tue Aug 7 21:18:35 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10559213 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8A0C914E2 for ; Tue, 7 Aug 2018 21:19:28 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7A51C2A5F7 for ; Tue, 7 Aug 2018 21:19:28 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6E3F92A5FB; Tue, 7 Aug 2018 21:19:28 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 126362A5F7 for ; Tue, 7 Aug 2018 21:19:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727108AbeHGXfK (ORCPT ); Tue, 7 Aug 2018 19:35:10 -0400 Received: from mail-pg1-f195.google.com ([209.85.215.195]:33681 "EHLO mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726991AbeHGXfJ (ORCPT ); Tue, 7 Aug 2018 19:35:09 -0400 Received: by mail-pg1-f195.google.com with SMTP id r5-v6so48996pgv.0 for ; Tue, 07 Aug 2018 14:18:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=4w4IN2J6dONrrlVeO1+L0Kz9qBIwIaC7ttYkBFQeQFw=; b=g5V/+UNGYEfT8p5zd7CvV11zi8FsLPtOPGoByy0g0pK9yXQXBq6BBwKQ/BitwRJ/Kx NtQyPpWFPVCZBQdL7upAG2e+jOOdzhKhQwj54mO+9G0XvrNxFqqH0kwxOL6a8PeBgRhp hRdbvwuLOmZJGN1L98PblisEO6fQtcOtYkGdI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=4w4IN2J6dONrrlVeO1+L0Kz9qBIwIaC7ttYkBFQeQFw=; b=saq9bQ7f62X4i8eW1KsvM2Vv2o93thrEqetmugyQie2yIYyfFIGs8t88M1Bw+IoLUB En70yaIYEnh4mtLu/FaZCwdbClXcOqSSkmeyQZLuPZGHROvf1Zt2Q9sP1+qN/ElFwwfe Hrodmg4Lh9jjtHbFG5T7AFIl/TgbezFbmEcWF1gT2cohftY1kGiS9tM5BUDbtnyuzEkb OpdQXg2cSanLHgucqY9OsK0X2vYOQRRY8wNY80vbicHAwi5Fx+nqx9Q0icq+ocJmieLP VpKDErH0IIklLkcvDnXDUn2hARrixiFCbDNNoY/yKxzYE1JBO5H4JgjYhEvP6MlXkPua cLIw== X-Gm-Message-State: AOUpUlFSIoD21WOiELajh7YxhZrVHWsh+hxFe+g9zu2coWTIhJNfMXpM FiavGnrTtCjUwGi+M4ytI36b1Q== X-Google-Smtp-Source: AA+uWPweDT2px86p8FFXqoIHaMyvhT4hpp8xN9sY+uAYcGDk96DSBalzVK9wUIRp5OZbYyOZWY1KbA== X-Received: by 2002:a62:c00c:: with SMTP id x12-v6mr86359pff.216.1533676730040; Tue, 07 Aug 2018 14:18:50 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id o3-v6sm2262323pgp.3.2018.08.07.14.18.45 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 07 Aug 2018 14:18:46 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Eric Biggers , Ard Biesheuvel , Giovanni Cabiddu , Alasdair Kergon , Mike Snitzer , Tudor-Dan Ambarus , Andrew Morton , Thomas Gleixner , Geert Uytterhoeven , Arnd Bergmann , Will Deacon , Rasmus Villemoes , David Woodhouse , Matthew Wilcox , "David S. Miller" , "Gustavo A. R. Silva" , linux-crypto@vger.kernel.org, dm-devel@redhat.com, qat-linux@intel.com, linux-kernel@vger.kernel.org Subject: [PATCH v8 1/9] crypto: xcbc: Remove VLA usage Date: Tue, 7 Aug 2018 14:18:35 -0700 Message-Id: <20180807211843.47586-2-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180807211843.47586-1-keescook@chromium.org> References: <20180807211843.47586-1-keescook@chromium.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this uses the maximum blocksize and adds a sanity check. For xcbc, the blocksize must always be 16, so use that, since it's already being enforced during instantiation. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- crypto/xcbc.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/crypto/xcbc.c b/crypto/xcbc.c index 25c75af50d3f..c055f57fab11 100644 --- a/crypto/xcbc.c +++ b/crypto/xcbc.c @@ -57,15 +57,17 @@ struct xcbc_desc_ctx { u8 ctx[]; }; +#define XCBC_BLOCKSIZE 16 + static int crypto_xcbc_digest_setkey(struct crypto_shash *parent, const u8 *inkey, unsigned int keylen) { unsigned long alignmask = crypto_shash_alignmask(parent); struct xcbc_tfm_ctx *ctx = crypto_shash_ctx(parent); - int bs = crypto_shash_blocksize(parent); u8 *consts = PTR_ALIGN(&ctx->ctx[0], alignmask + 1); int err = 0; - u8 key1[bs]; + u8 key1[XCBC_BLOCKSIZE]; + int bs = sizeof(key1); if ((err = crypto_cipher_setkey(ctx->child, inkey, keylen))) return err; @@ -212,7 +214,7 @@ static int xcbc_create(struct crypto_template *tmpl, struct rtattr **tb) return PTR_ERR(alg); switch(alg->cra_blocksize) { - case 16: + case XCBC_BLOCKSIZE: break; default: goto out_put_alg; From patchwork Tue Aug 7 21:18:36 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10559215 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E1C531390 for ; Tue, 7 Aug 2018 21:19:32 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CE8B12A5F7 for ; Tue, 7 Aug 2018 21:19:32 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C220E2A5FB; Tue, 7 Aug 2018 21:19:32 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6647A2A5F7 for ; Tue, 7 Aug 2018 21:19:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726414AbeHGXfK (ORCPT ); Tue, 7 Aug 2018 19:35:10 -0400 Received: from mail-pg1-f195.google.com ([209.85.215.195]:46927 "EHLO mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727050AbeHGXfJ (ORCPT ); Tue, 7 Aug 2018 19:35:09 -0400 Received: by mail-pg1-f195.google.com with SMTP id f14-v6so19315pgv.13 for ; Tue, 07 Aug 2018 14:18:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=WKSfBoqqmwqW/7rTlYhIb2ASSav+oo5lfeHmCUUrk2I=; b=fRu17USj+VPtv3LEav9XxzknEFCskBJejbyi2YND9LHOBQC1cXwpSyhPgP+p3zOZgW WtBRKFmxTa4aGNJ9jKD7ItSWb6JKRGET9Pj++1oyH52TfO4HmQDANXNaN/gwXx8xahGX PWyhfcS99/Lh9FNkIh3SwqPAw+kR0t4yWDhEE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=WKSfBoqqmwqW/7rTlYhIb2ASSav+oo5lfeHmCUUrk2I=; b=lhcP3DgkzuxwawIgrKcZZLvuai+SsMI1NURESRWd5YSeePeq03U4vzT6TrVpFaimE+ EhKl+vkyYLJ4/8Fw/AnQM131QI8KCU1CLQhFciqyaxPBpGTCsTWnZ7F0XDGgy0ljEw+P C8MFgIWJNihk4YjUxgKbZZo6UHQMxLwhrcqf+tsLRG31G37gVL87tSpLSQ7OKGe7IJ5b biJ16d15JUg8hRDbpb0n6rKevrR31VAHXpQ8wF9EYCjqsMI1VqQffKa2oBmzSZEceoq5 EX1y5Pk1nboPgQ9SkUb8SuzoKGqScg4GBi/uW6e7bXjUnaMuK3aY0wn/gneQLKn4r97G ZL8A== X-Gm-Message-State: AOUpUlEjptjPzaK5XI4vZt5Z9xbHqAaQ9sDdbb30yghmyhpvRXuDmP2k +EWqoaCI//qSIuErfjI+6VMkXw== X-Google-Smtp-Source: AA+uWPyHehl2hGoOqA0NWSj3PgQvPdIYNMCpQkqgxVJpWVT0az2tRwqOzKUVxoyM+WRdlZ/GHZmZsw== X-Received: by 2002:a63:3444:: with SMTP id b65-v6mr74051pga.396.1533676730942; Tue, 07 Aug 2018 14:18:50 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id s66-v6sm2342549pgc.67.2018.08.07.14.18.45 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 07 Aug 2018 14:18:46 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Eric Biggers , Ard Biesheuvel , Giovanni Cabiddu , Alasdair Kergon , Mike Snitzer , Tudor-Dan Ambarus , Andrew Morton , Thomas Gleixner , Geert Uytterhoeven , Arnd Bergmann , Will Deacon , Rasmus Villemoes , David Woodhouse , Matthew Wilcox , "David S. Miller" , "Gustavo A. R. Silva" , linux-crypto@vger.kernel.org, dm-devel@redhat.com, qat-linux@intel.com, linux-kernel@vger.kernel.org Subject: [PATCH v8 2/9] crypto: cbc: Remove VLA usage Date: Tue, 7 Aug 2018 14:18:36 -0700 Message-Id: <20180807211843.47586-3-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180807211843.47586-1-keescook@chromium.org> References: <20180807211843.47586-1-keescook@chromium.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this uses the upper bounds on blocksize. Since this is always a cipher blocksize, use the existing cipher max blocksize. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- include/crypto/cbc.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/crypto/cbc.h b/include/crypto/cbc.h index f5b8bfc22e6d..3bf28beefa33 100644 --- a/include/crypto/cbc.h +++ b/include/crypto/cbc.h @@ -113,7 +113,7 @@ static inline int crypto_cbc_decrypt_inplace( unsigned int bsize = crypto_skcipher_blocksize(tfm); unsigned int nbytes = walk->nbytes; u8 *src = walk->src.virt.addr; - u8 last_iv[bsize]; + u8 last_iv[MAX_CIPHER_BLOCKSIZE]; /* Start of the last block. */ src += nbytes - (nbytes & (bsize - 1)) - bsize; From patchwork Tue Aug 7 21:18:37 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10559187 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 755F91390 for ; Tue, 7 Aug 2018 21:18:49 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 63A232A5F1 for ; Tue, 7 Aug 2018 21:18:49 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 550752A5F9; Tue, 7 Aug 2018 21:18:49 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F0C422A5F1 for ; Tue, 7 Aug 2018 21:18:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726628AbeHGXfG (ORCPT ); Tue, 7 Aug 2018 19:35:06 -0400 Received: from mail-pf1-f193.google.com ([209.85.210.193]:37415 "EHLO mail-pf1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726531AbeHGXfG (ORCPT ); Tue, 7 Aug 2018 19:35:06 -0400 Received: by mail-pf1-f193.google.com with SMTP id a26-v6so42927pfo.4 for ; Tue, 07 Aug 2018 14:18:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=cYqwOJ7ESFIZwb4gd+/rbe5MIJRsMeh+zsX7Pq9yPAY=; b=Zv2bO+EVmzrhlM21vJwiHRJYvGXpTVd9Hkfi2ozX4bgt1kgLyS4x69k84MZQAaFu5/ rVBPqEXFfYt+ujIFki/OJApGkEi+OiqVD8EtaQlq8fQAE6/sWtdNjk0Tlt1uJE7szewB Ll7wLkOdmIt/ZeTDS8XOyC0JeXjOxep+1Jlno= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=cYqwOJ7ESFIZwb4gd+/rbe5MIJRsMeh+zsX7Pq9yPAY=; b=NwRbc3D7LGky9785EG4d9AzRKqZjGhe7v6ArIf2OtHYeeRM1PgurHeShfcyDqF0+mQ gySoK5y51UST095o5OU3CaKPqDpMXAb3lAlpw1pbBXHUitgqek28lmy5VM+RYXw8ntc1 JvurZQ5iNOVXxZ7ohkgkEWk+Bcu/rpCndoiKIhnyCKJTOu+BDrepyHfQreeGGXvkrbkw 8MqCIOKnmjb8Z+u1ZnHXViX5dTBnIG8h1CVvp2D9yAycMvus1S/lBNvd3vK9Mn+1g9E7 bAb7JtC0TUuydD/94LcDFu1Hjmyb1rjqtzCXI4o7FKkL3vsj4idRRRqiWECLYC1eHpAO hYEw== X-Gm-Message-State: AOUpUlEC64+Y9z3VX76neEhwDRlbskbiMepw/ezbKYAamVQS+C8VrQGR bb7yiDEC8o664M1Hlgdtri3eVQ== X-Google-Smtp-Source: AA+uWPwI6gR03o6wXqR3s5ePfHIZtlWIz2JOu2KYxBWgqUu09/pueNIXYSRV2sMsshh5CODmT4qQug== X-Received: by 2002:a63:1c13:: with SMTP id c19-v6mr76678pgc.332.1533676727360; Tue, 07 Aug 2018 14:18:47 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id e126-v6sm5493576pfg.31.2018.08.07.14.18.45 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 07 Aug 2018 14:18:46 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Ard Biesheuvel , Eric Biggers , Giovanni Cabiddu , Alasdair Kergon , Mike Snitzer , Tudor-Dan Ambarus , Andrew Morton , Thomas Gleixner , Geert Uytterhoeven , Arnd Bergmann , Will Deacon , Rasmus Villemoes , David Woodhouse , Matthew Wilcox , "David S. Miller" , "Gustavo A. R. Silva" , linux-crypto@vger.kernel.org, dm-devel@redhat.com, qat-linux@intel.com, linux-kernel@vger.kernel.org Subject: [PATCH v8 3/9] crypto: ccm: Remove VLA usage Date: Tue, 7 Aug 2018 14:18:37 -0700 Message-Id: <20180807211843.47586-4-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180807211843.47586-1-keescook@chromium.org> References: <20180807211843.47586-1-keescook@chromium.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Ard Biesheuvel In the quest to remove all stack VLA usage from the kernel[1], this drops AHASH_REQUEST_ON_STACK by preallocating the ahash request area combined with the skcipher area (which are not used at the same time). [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Ard Biesheuvel Signed-off-by: Kees Cook --- crypto/ccm.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/crypto/ccm.c b/crypto/ccm.c index 0a083342ec8c..b242fd0d3262 100644 --- a/crypto/ccm.c +++ b/crypto/ccm.c @@ -50,7 +50,10 @@ struct crypto_ccm_req_priv_ctx { u32 flags; struct scatterlist src[3]; struct scatterlist dst[3]; - struct skcipher_request skreq; + union { + struct ahash_request ahreq; + struct skcipher_request skreq; + }; }; struct cbcmac_tfm_ctx { @@ -181,7 +184,7 @@ static int crypto_ccm_auth(struct aead_request *req, struct scatterlist *plain, struct crypto_ccm_req_priv_ctx *pctx = crypto_ccm_reqctx(req); struct crypto_aead *aead = crypto_aead_reqtfm(req); struct crypto_ccm_ctx *ctx = crypto_aead_ctx(aead); - AHASH_REQUEST_ON_STACK(ahreq, ctx->mac); + struct ahash_request *ahreq = &pctx->ahreq; unsigned int assoclen = req->assoclen; struct scatterlist sg[3]; u8 *odata = pctx->odata; @@ -427,7 +430,7 @@ static int crypto_ccm_init_tfm(struct crypto_aead *tfm) crypto_aead_set_reqsize( tfm, align + sizeof(struct crypto_ccm_req_priv_ctx) + - crypto_skcipher_reqsize(ctr)); + max(crypto_ahash_reqsize(mac), crypto_skcipher_reqsize(ctr))); return 0; From patchwork Tue Aug 7 21:18:38 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10559219 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1099314E2 for ; Tue, 7 Aug 2018 21:19:42 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 017762A5F7 for ; Tue, 7 Aug 2018 21:19:42 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E997D2A5FB; Tue, 7 Aug 2018 21:19:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9482B2A5F7 for ; Tue, 7 Aug 2018 21:19:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726996AbeHGXfI (ORCPT ); Tue, 7 Aug 2018 19:35:08 -0400 Received: from mail-pf1-f193.google.com ([209.85.210.193]:35877 "EHLO mail-pf1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726979AbeHGXfH (ORCPT ); Tue, 7 Aug 2018 19:35:07 -0400 Received: by mail-pf1-f193.google.com with SMTP id b11-v6so44683pfo.3 for ; Tue, 07 Aug 2018 14:18:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=f6HZhbULuwp1ONQvXFzzLM5M+BCFj7xnBsodxU5HF/8=; b=AQHeD2EmOI4vzY7tE412tf3d4wZqk04hm56bZ/zFfnsovVcaoBMwGdDWkXviKDWyxJ ucqcMKo8jU+qU611qS/iWtCST1ndKdgUlDJ8W5SNkkumFu5u+Fdm0H5+jkUtByWcOIFw 3wmThKCMx52Qi3kXdqdwF55mm1JDmlVlvitqk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=f6HZhbULuwp1ONQvXFzzLM5M+BCFj7xnBsodxU5HF/8=; b=snS4dK2Ch93BI2bg9UmdXXS0ge3JulUZKiKI0AQ/4HHRtoHkzE6flxIiOc6MaFCOxS CLqHZ5Y6zn2SM+ljue7Foxe8yv7Cws9PXW4M956RbYmMLfEO5yUU4cfwCSsHIo/FFlod aPnFsLGRTIbeqZA+j7C/IfX3pjxiZiZym1eYfnK3Lzfti94aMlYjVXnmelmM4iZwO45q Rsmi5Zrk/y2kEoYx3If5OhuHQDV+EMvzNWafFoK3ncVDlgoDCvBL28J+ZruAPOyq/AKE P5nJT1REdcV5UFahUFtyppDfHeEK/MrD2x9G7LT1VZcFKckM5X0oBpbTc10YVvD/7wrs j3aQ== X-Gm-Message-State: AOUpUlEzbiSvYDlcD8vZTXR1v/PPNKQFDkzYB3tiG0RoYqLTAiVbeOTK O9eKuU3/SB3cqvALv2/uL19wvQ== X-Google-Smtp-Source: AA+uWPz7TlOZp/tUQOjm8R9P8CZVtiqrjZvWZABnvvBzUz2TYqWx7ZblM9dc7tVuqvb5ueDtsTT6CA== X-Received: by 2002:a63:c50c:: with SMTP id f12-v6mr87199pgd.88.1533676729111; Tue, 07 Aug 2018 14:18:49 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id v4-v6sm2382904pgr.36.2018.08.07.14.18.45 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 07 Aug 2018 14:18:46 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Eric Biggers , Ard Biesheuvel , Giovanni Cabiddu , Alasdair Kergon , Mike Snitzer , Tudor-Dan Ambarus , Andrew Morton , Thomas Gleixner , Geert Uytterhoeven , Arnd Bergmann , Will Deacon , Rasmus Villemoes , David Woodhouse , Matthew Wilcox , "David S. Miller" , "Gustavo A. R. Silva" , linux-crypto@vger.kernel.org, dm-devel@redhat.com, qat-linux@intel.com, linux-kernel@vger.kernel.org Subject: [PATCH v8 4/9] crypto: hash: Remove VLA usage Date: Tue, 7 Aug 2018 14:18:38 -0700 Message-Id: <20180807211843.47586-5-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180807211843.47586-1-keescook@chromium.org> References: <20180807211843.47586-1-keescook@chromium.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this removes the VLAs in SHASH_DESC_ON_STACK (via crypto_shash_descsize()) by using the maximum allowable size (which is now more clearly captured in a macro), along with a few other cases. Similar limits are turned into macros as well. A review of existing sizes shows that SHA512_DIGEST_SIZE (64) is the largest digest size and that sizeof(struct sha3_state) (360) is the largest descriptor size. The corresponding maximums are reduced. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- crypto/ahash.c | 4 ++-- crypto/algif_hash.c | 2 +- crypto/shash.c | 6 +++--- include/crypto/hash.h | 6 +++++- 4 files changed, 11 insertions(+), 7 deletions(-) diff --git a/crypto/ahash.c b/crypto/ahash.c index a64c143165b1..78aaf2158c43 100644 --- a/crypto/ahash.c +++ b/crypto/ahash.c @@ -550,8 +550,8 @@ static int ahash_prepare_alg(struct ahash_alg *alg) { struct crypto_alg *base = &alg->halg.base; - if (alg->halg.digestsize > PAGE_SIZE / 8 || - alg->halg.statesize > PAGE_SIZE / 8 || + if (alg->halg.digestsize > HASH_MAX_DIGESTSIZE || + alg->halg.statesize > HASH_MAX_STATESIZE || alg->halg.statesize == 0) return -EINVAL; diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c index bfcf595fd8f9..d0cde541beb6 100644 --- a/crypto/algif_hash.c +++ b/crypto/algif_hash.c @@ -239,7 +239,7 @@ static int hash_accept(struct socket *sock, struct socket *newsock, int flags, struct alg_sock *ask = alg_sk(sk); struct hash_ctx *ctx = ask->private; struct ahash_request *req = &ctx->req; - char state[crypto_ahash_statesize(crypto_ahash_reqtfm(req)) ? : 1]; + char state[HASH_MAX_STATESIZE]; struct sock *sk2; struct alg_sock *ask2; struct hash_ctx *ctx2; diff --git a/crypto/shash.c b/crypto/shash.c index 5d732c6bb4b2..86d76b5c626c 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -458,9 +458,9 @@ static int shash_prepare_alg(struct shash_alg *alg) { struct crypto_alg *base = &alg->base; - if (alg->digestsize > PAGE_SIZE / 8 || - alg->descsize > PAGE_SIZE / 8 || - alg->statesize > PAGE_SIZE / 8) + if (alg->digestsize > HASH_MAX_DIGESTSIZE || + alg->descsize > HASH_MAX_DESCSIZE || + alg->statesize > HASH_MAX_STATESIZE) return -EINVAL; base->cra_type = &crypto_shash_type; diff --git a/include/crypto/hash.h b/include/crypto/hash.h index 76e432cab75d..21587011ab0f 100644 --- a/include/crypto/hash.h +++ b/include/crypto/hash.h @@ -151,9 +151,13 @@ struct shash_desc { void *__ctx[] CRYPTO_MINALIGN_ATTR; }; +#define HASH_MAX_DIGESTSIZE 64 +#define HASH_MAX_DESCSIZE 360 +#define HASH_MAX_STATESIZE 512 + #define SHASH_DESC_ON_STACK(shash, ctx) \ char __##shash##_desc[sizeof(struct shash_desc) + \ - crypto_shash_descsize(ctx)] CRYPTO_MINALIGN_ATTR; \ + HASH_MAX_DESCSIZE] CRYPTO_MINALIGN_ATTR; \ struct shash_desc *shash = (struct shash_desc *)__##shash##_desc /** From patchwork Tue Aug 7 21:18:39 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10559211 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B00B314E2 for ; Tue, 7 Aug 2018 21:19:17 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9F7A42A5F7 for ; Tue, 7 Aug 2018 21:19:17 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 906C42A5FB; Tue, 7 Aug 2018 21:19:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1BFC42A5F7 for ; Tue, 7 Aug 2018 21:19:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727194AbeHGXfL (ORCPT ); Tue, 7 Aug 2018 19:35:11 -0400 Received: from mail-pg1-f195.google.com ([209.85.215.195]:41534 "EHLO mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727133AbeHGXfL (ORCPT ); Tue, 7 Aug 2018 19:35:11 -0400 Received: by mail-pg1-f195.google.com with SMTP id z8-v6so31262pgu.8 for ; Tue, 07 Aug 2018 14:18:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=XEthQhO55UFajYXolwRxBcBomydbdSRnD/7XsWAlazI=; b=VoVHiYp/gXE0LJZ4QS++bRem24LHShZuFLMwHmZ6sXT8hqF3SxF6Xz3ZLAPt4euDaK ECglSyfn4uIjsXvvu166YDFD3+2sSulnh6CNhIKbqXjy0OYbNqcqwypWBk1ZeNL150yF g1toA2/NMcNYkvjuhyFfr78SRyz1fwP+5hmbE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=XEthQhO55UFajYXolwRxBcBomydbdSRnD/7XsWAlazI=; b=p20ANQ9XKX7wIOyGZt/z77o00AdoW/dx4MNKsXxI4d3FkJzpJKgFzQfoD6YtxBimCX zCzxtOx749EWZu8KifCd2MIZDvSjl+wxJTez8LK1aKZueHHOL/waaZiH9vqiKukCeE34 0R0f+ZO0JZQRYp0tnalPSpP2O60DQxtTvCq9hAhXZ+0g0tXn8EDMoapjHnFZtGZSyrui /T/AVAzrOR4jtLiSu3xamL1m5diUc8ri5NAqjNGPks33mzR+GDMRp1oeA/zQGfImB8qB uSIdi2XS+jyAwURt6KmCZ6F+Wvl/FHTIMD7H3qrQK4IdP5FWr53toFXgqk6+UWD8epcv RHag== X-Gm-Message-State: AOUpUlH2kg5B+BjQsARZWd0z8KRqmz2724ekFuwIU8qa7XAwgogo1mR4 NjlyVoP7sD3srqFAceErmdvpoQ== X-Google-Smtp-Source: AA+uWPz/fe343Jl33/i+Gyzys8F0zdRXEvuDKIjAnH6YJeFS0cii+juo5vag4tBCo9TKCgLcL6wJIg== X-Received: by 2002:a63:d518:: with SMTP id c24-v6mr58049pgg.357.1533676732370; Tue, 07 Aug 2018 14:18:52 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id u83-v6sm8585411pfj.37.2018.08.07.14.18.47 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 07 Aug 2018 14:18:51 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Eric Biggers , Ard Biesheuvel , Giovanni Cabiddu , Alasdair Kergon , Mike Snitzer , Tudor-Dan Ambarus , Andrew Morton , Thomas Gleixner , Geert Uytterhoeven , Arnd Bergmann , Will Deacon , Rasmus Villemoes , David Woodhouse , Matthew Wilcox , "David S. Miller" , "Gustavo A. R. Silva" , linux-crypto@vger.kernel.org, dm-devel@redhat.com, qat-linux@intel.com, linux-kernel@vger.kernel.org Subject: [PATCH v8 5/9] dm: Remove VLA usage from hashes Date: Tue, 7 Aug 2018 14:18:39 -0700 Message-Id: <20180807211843.47586-6-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180807211843.47586-1-keescook@chromium.org> References: <20180807211843.47586-1-keescook@chromium.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this uses the new HASH_MAX_DIGESTSIZE from the crypto layer to allocate the upper bounds on stack usage. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook Acked-by: Mike Snitzer --- drivers/md/dm-integrity.c | 23 +++++++++++++++++------ drivers/md/dm-verity-fec.c | 5 ++++- 2 files changed, 21 insertions(+), 7 deletions(-) diff --git a/drivers/md/dm-integrity.c b/drivers/md/dm-integrity.c index 86438b2f10dd..884edd7cf1d0 100644 --- a/drivers/md/dm-integrity.c +++ b/drivers/md/dm-integrity.c @@ -521,7 +521,12 @@ static void section_mac(struct dm_integrity_c *ic, unsigned section, __u8 result } memset(result + size, 0, JOURNAL_MAC_SIZE - size); } else { - __u8 digest[size]; + __u8 digest[HASH_MAX_DIGESTSIZE]; + + if (WARN_ON(size > sizeof(digest))) { + dm_integrity_io_error(ic, "digest_size", -EINVAL); + goto err; + } r = crypto_shash_final(desc, digest); if (unlikely(r)) { dm_integrity_io_error(ic, "crypto_shash_final", r); @@ -1244,7 +1249,7 @@ static void integrity_metadata(struct work_struct *w) struct bio *bio = dm_bio_from_per_bio_data(dio, sizeof(struct dm_integrity_io)); char *checksums; unsigned extra_space = unlikely(digest_size > ic->tag_size) ? digest_size - ic->tag_size : 0; - char checksums_onstack[ic->tag_size + extra_space]; + char checksums_onstack[HASH_MAX_DIGESTSIZE]; unsigned sectors_to_process = dio->range.n_sectors; sector_t sector = dio->range.logical_sector; @@ -1253,8 +1258,14 @@ static void integrity_metadata(struct work_struct *w) checksums = kmalloc((PAGE_SIZE >> SECTOR_SHIFT >> ic->sb->log2_sectors_per_block) * ic->tag_size + extra_space, GFP_NOIO | __GFP_NORETRY | __GFP_NOWARN); - if (!checksums) + if (!checksums) { checksums = checksums_onstack; + if (WARN_ON(extra_space && + digest_size > sizeof(checksums_onstack))) { + r = -EINVAL; + goto error; + } + } __bio_for_each_segment(bv, bio, iter, dio->orig_bi_iter) { unsigned pos; @@ -1466,7 +1477,7 @@ static bool __journal_read_write(struct dm_integrity_io *dio, struct bio *bio, } while (++s < ic->sectors_per_block); #ifdef INTERNAL_VERIFY if (ic->internal_hash) { - char checksums_onstack[max(crypto_shash_digestsize(ic->internal_hash), ic->tag_size)]; + char checksums_onstack[max(HASH_MAX_DIGESTSIZE, MAX_TAG_SIZE)]; integrity_sector_checksum(ic, logical_sector, mem + bv.bv_offset, checksums_onstack); if (unlikely(memcmp(checksums_onstack, journal_entry_tag(ic, je), ic->tag_size))) { @@ -1516,7 +1527,7 @@ static bool __journal_read_write(struct dm_integrity_io *dio, struct bio *bio, if (ic->internal_hash) { unsigned digest_size = crypto_shash_digestsize(ic->internal_hash); if (unlikely(digest_size > ic->tag_size)) { - char checksums_onstack[digest_size]; + char checksums_onstack[HASH_MAX_DIGESTSIZE]; integrity_sector_checksum(ic, logical_sector, (char *)js, checksums_onstack); memcpy(journal_entry_tag(ic, je), checksums_onstack, ic->tag_size); } else @@ -1937,7 +1948,7 @@ static void do_journal_write(struct dm_integrity_c *ic, unsigned write_start, unlikely(from_replay) && #endif ic->internal_hash) { - char test_tag[max(crypto_shash_digestsize(ic->internal_hash), ic->tag_size)]; + char test_tag[max_t(size_t, HASH_MAX_DIGESTSIZE, MAX_TAG_SIZE)]; integrity_sector_checksum(ic, sec + ((l - j) << ic->sb->log2_sectors_per_block), (char *)access_journal_data(ic, i, l), test_tag); diff --git a/drivers/md/dm-verity-fec.c b/drivers/md/dm-verity-fec.c index 684af08d0747..0ce04e5b4afb 100644 --- a/drivers/md/dm-verity-fec.c +++ b/drivers/md/dm-verity-fec.c @@ -212,12 +212,15 @@ static int fec_read_bufs(struct dm_verity *v, struct dm_verity_io *io, struct dm_verity_fec_io *fio = fec_io(io); u64 block, ileaved; u8 *bbuf, *rs_block; - u8 want_digest[v->digest_size]; + u8 want_digest[HASH_MAX_DIGESTSIZE]; unsigned n, k; if (neras) *neras = 0; + if (WARN_ON(v->digest_size > sizeof(want_digest))) + return -EINVAL; + /* * read each of the rsn data blocks that are part of the RS block, and * interleave contents to available bufs From patchwork Tue Aug 7 21:18:40 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10559191 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5464D14E2 for ; Tue, 7 Aug 2018 21:18:56 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 455B12A5F1 for ; Tue, 7 Aug 2018 21:18:56 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 38B5F2A5F9; Tue, 7 Aug 2018 21:18:56 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D57C42A5F1 for ; Tue, 7 Aug 2018 21:18:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727048AbeHGXfM (ORCPT ); Tue, 7 Aug 2018 19:35:12 -0400 Received: from mail-pg1-f193.google.com ([209.85.215.193]:36380 "EHLO mail-pg1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727169AbeHGXfL (ORCPT ); Tue, 7 Aug 2018 19:35:11 -0400 Received: by mail-pg1-f193.google.com with SMTP id h12-v6so42840pgs.3 for ; Tue, 07 Aug 2018 14:18:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=om28ZBbqlVOdWVGgbNqly+1dcj2BlW29w8AmBA0lHYw=; b=nArgZqlYDDgAq8YX/jvWimxGlDBI68qUF1jtzrItHrtzN3msuSa2epxNtb01j1mOa/ ca39AMvJj1q9mhidQmpE/bdZxNACdzIxjOLkMyuwCfO8eV7kfrw85ZO3lfZXU/Z1ZpWP crX2EF+lPcXz/pZMXPOg/uW4XV4QfIoCAN1Rg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=om28ZBbqlVOdWVGgbNqly+1dcj2BlW29w8AmBA0lHYw=; b=eDHS4IyIke/MYU74QWqpK7jDAxKdNN6JSkuN9O+lLPMv1BpQIzOV+N4Nhvy8c5R27Q 5O1gi8QTwPk0FMM1YRYH8CLtYgwbcalxRNhGkNQ3y6gZ10hfxn7c9HjNDAhTlhMKfXfl sMR6NufvOVuZqy+VqJFvXAPQ/X+QW410wN/qlWlTBdJnz+gGFthtKX60iVyuly49EY6Z hYBMml+mikskY2RyquwvEtZeIwpeTZOClKOPddlTFHHewjxJ135P16S3QWdvbiIiiXO3 a5wH+85Qun6h2HhJRoGcLixxfIWbUhvQlLXIBMbSWeff1i27zH3ixEnoefY1sBLNQ3OX kvqw== X-Gm-Message-State: AOUpUlHlQQtNTwEiCsK/NavYFMrKhmJbIOjEOrycyCUJ5gYN5Urc//Lh H+9EBQXwj9Vt17qV1gMlJwTeJg== X-Google-Smtp-Source: AA+uWPxCZWHFGrG9CATf1gLBhHbwJ5GzpSEYlL5Eskb5hpUBJH8fTI6RS9rnBo5vAeWQvw/CzTVYWA== X-Received: by 2002:a63:7a0a:: with SMTP id v10-v6mr71065pgc.444.1533676733215; Tue, 07 Aug 2018 14:18:53 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id b64-v6sm3357099pfg.66.2018.08.07.14.18.47 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 07 Aug 2018 14:18:50 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Eric Biggers , Ard Biesheuvel , Giovanni Cabiddu , Alasdair Kergon , Mike Snitzer , Tudor-Dan Ambarus , Andrew Morton , Thomas Gleixner , Geert Uytterhoeven , Arnd Bergmann , Will Deacon , Rasmus Villemoes , David Woodhouse , Matthew Wilcox , "David S. Miller" , "Gustavo A. R. Silva" , linux-crypto@vger.kernel.org, dm-devel@redhat.com, qat-linux@intel.com, linux-kernel@vger.kernel.org Subject: [PATCH v8 6/9] crypto alg: Introduce generic max blocksize and alignmask Date: Tue, 7 Aug 2018 14:18:40 -0700 Message-Id: <20180807211843.47586-7-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180807211843.47586-1-keescook@chromium.org> References: <20180807211843.47586-1-keescook@chromium.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this exposes a new general upper bound on crypto blocksize and alignmask (higher than for the existing cipher limits) for VLA removal, and introduces new checks. At present, the highest cra_alignmask in the kernel is 63. The highest cra_blocksize is 144 (SHA3_224_BLOCK_SIZE, 18 8-byte words). For the new blocksize limit, I went with 160 (20 8-byte words). [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- crypto/algapi.c | 7 ++++++- include/crypto/algapi.h | 4 +++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/crypto/algapi.c b/crypto/algapi.c index c0755cf4f53f..496fc51bf215 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -57,9 +57,14 @@ static int crypto_check_alg(struct crypto_alg *alg) if (alg->cra_alignmask & (alg->cra_alignmask + 1)) return -EINVAL; - if (alg->cra_blocksize > PAGE_SIZE / 8) + /* General maximums for all algs. */ + if (alg->cra_alignmask > MAX_ALGAPI_ALIGNMASK) return -EINVAL; + if (alg->cra_blocksize > MAX_ALGAPI_BLOCKSIZE) + return -EINVAL; + + /* Lower maximums for specific alg types. */ if (!alg->cra_type && (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) { if (alg->cra_alignmask > MAX_CIPHER_ALIGNMASK) diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h index bd5e8ccf1687..21371ac8f355 100644 --- a/include/crypto/algapi.h +++ b/include/crypto/algapi.h @@ -20,8 +20,10 @@ /* * Maximum values for blocksize and alignmask, used to allocate * static buffers that are big enough for any combination of - * ciphers and architectures. + * algs and architectures. Ciphers have a lower maximum size. */ +#define MAX_ALGAPI_BLOCKSIZE 160 +#define MAX_ALGAPI_ALIGNMASK 63 #define MAX_CIPHER_BLOCKSIZE 16 #define MAX_CIPHER_ALIGNMASK 15 From patchwork Tue Aug 7 21:18:41 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10559193 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4D7FA14E2 for ; Tue, 7 Aug 2018 21:18:57 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3EECB2A5F1 for ; Tue, 7 Aug 2018 21:18:57 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 323732A5F9; Tue, 7 Aug 2018 21:18:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CC9F32A5F1 for ; Tue, 7 Aug 2018 21:18:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727245AbeHGXfN (ORCPT ); Tue, 7 Aug 2018 19:35:13 -0400 Received: from mail-pg1-f193.google.com ([209.85.215.193]:42207 "EHLO mail-pg1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727240AbeHGXfM (ORCPT ); Tue, 7 Aug 2018 19:35:12 -0400 Received: by mail-pg1-f193.google.com with SMTP id y4-v6so29190pgp.9 for ; Tue, 07 Aug 2018 14:18:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=BYgigRdBSanSiafl9f2cJhj28CjRYh2SZJXlKmlCU5M=; b=bwj5h6LGT5ACmPMZYi0LG2N5D3F3SAfB8C3avF/CBbiNS2h591ypLOSakoTAgXKWvx +KgSLVleYXJfmoNPYhoNW5ZtD3uU9iNTmljRuHQ4YceMx9t9s5sj7k1Gf13Dev+AhMkp RJ4rdVkBDipUY4OISqzdenyjqwZzZ5r2punaU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=BYgigRdBSanSiafl9f2cJhj28CjRYh2SZJXlKmlCU5M=; b=FNg5GqLgtCi32qSdN6htbb33lugeMBN749yVgMkNigOy+UazShxfpfXyUDhLyqiyjJ WYQfTMKblrsACytuSnZ5DjMt/IzP0lD3zwTfNcpFvwrN9eObeyuoXcxl6n1A7HVXajFT n0XGuu/sDN2bOlfxS+uJfdVIDO9YCsliXQbT5nXSSg+4Lnt9JfkH+5NN6EXrLmL+uwTh VtwwHRYPcUjwvvnZDNNR62ShoCIP5d8wrcn/V4kBL6jDevM00SB/MjrxVF5OL47eF7Be Iv10PoHbrDC/H5alL0TNCCAjdppMQE/SN7V5Me1y5NdfwRbUt5FEmZDoxxHHGAj1xfmP lfPA== X-Gm-Message-State: AOUpUlE3y4xbcnZ+pzLaok6xnAoFXsODQBxUtgyudC7vJlgSzOjunS62 k2vv96r8XPjCjArLmsVWEarvhg== X-Google-Smtp-Source: AA+uWPzWrOD4jORAMy82cXxo0SdYwj2E6H6kKBNGSN37J9htUZlVJoc9NYofkG3pnVQH2YMRywv3ng== X-Received: by 2002:a62:864a:: with SMTP id x71-v6mr81675pfd.252.1533676734090; Tue, 07 Aug 2018 14:18:54 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id g2-v6sm3688232pfb.79.2018.08.07.14.18.48 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 07 Aug 2018 14:18:51 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Eric Biggers , Ard Biesheuvel , Giovanni Cabiddu , Alasdair Kergon , Mike Snitzer , Tudor-Dan Ambarus , Andrew Morton , Thomas Gleixner , Geert Uytterhoeven , Arnd Bergmann , Will Deacon , Rasmus Villemoes , David Woodhouse , Matthew Wilcox , "David S. Miller" , "Gustavo A. R. Silva" , linux-crypto@vger.kernel.org, dm-devel@redhat.com, qat-linux@intel.com, linux-kernel@vger.kernel.org Subject: [PATCH v8 7/9] crypto: qat: Remove VLA usage Date: Tue, 7 Aug 2018 14:18:41 -0700 Message-Id: <20180807211843.47586-8-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180807211843.47586-1-keescook@chromium.org> References: <20180807211843.47586-1-keescook@chromium.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this uses the new upper bound for the stack buffer. Also adds a sanity check. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- drivers/crypto/qat/qat_common/qat_algs.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/qat/qat_common/qat_algs.c b/drivers/crypto/qat/qat_common/qat_algs.c index 1138e41d6805..a28edf7b792f 100644 --- a/drivers/crypto/qat/qat_common/qat_algs.c +++ b/drivers/crypto/qat/qat_common/qat_algs.c @@ -153,8 +153,8 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash, struct sha512_state sha512; int block_size = crypto_shash_blocksize(ctx->hash_tfm); int digest_size = crypto_shash_digestsize(ctx->hash_tfm); - char ipad[block_size]; - char opad[block_size]; + char ipad[MAX_ALGAPI_BLOCKSIZE]; + char opad[MAX_ALGAPI_BLOCKSIZE]; __be32 *hash_state_out; __be64 *hash512_state_out; int i, offset; @@ -164,6 +164,10 @@ static int qat_alg_do_precomputes(struct icp_qat_hw_auth_algo_blk *hash, shash->tfm = ctx->hash_tfm; shash->flags = 0x0; + if (WARN_ON(block_size > sizeof(ipad) || + sizeof(ipad) != sizeof(opad))) + return -EINVAL; + if (auth_keylen > block_size) { int ret = crypto_shash_digest(shash, auth_key, auth_keylen, ipad); From patchwork Tue Aug 7 21:18:42 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10559201 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1135114E2 for ; Tue, 7 Aug 2018 21:19:03 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 01BEF2A5F7 for ; Tue, 7 Aug 2018 21:19:03 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E9FCC2A604; Tue, 7 Aug 2018 21:19:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7DF642A5F7 for ; Tue, 7 Aug 2018 21:19:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727312AbeHGXfP (ORCPT ); Tue, 7 Aug 2018 19:35:15 -0400 Received: from mail-pg1-f194.google.com ([209.85.215.194]:35226 "EHLO mail-pg1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727169AbeHGXfO (ORCPT ); Tue, 7 Aug 2018 19:35:14 -0400 Received: by mail-pg1-f194.google.com with SMTP id w10-v6so44613pgv.2 for ; Tue, 07 Aug 2018 14:18:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Ok95ycGnZuw2CZpO4KgRNxj4QX0cXIlEQlrBt5ewdsw=; b=bPGffoD9rbJL4c/louH8PZgWEcj/0pFdULql4VoF1ESdHWJ0mlucjTp5yC2COebNDK K0cIuZI1yfNerOQBMAyliPuUXBfO03mNJgyfikZ6OG7MX0fc/OoZhSKN2FL5TnncfaO0 EQmxRPU5OCO0/O6NkGwo3TkraTUFsnoxT7I0M= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Ok95ycGnZuw2CZpO4KgRNxj4QX0cXIlEQlrBt5ewdsw=; b=cucj8IEeR3ZnxEwHLMG91sZWUgkg895s/NLzGd9E+c3h0sTIIz1fu5WkBz1VJ8DZ+T Vufq0CSTxDLO5qU6ZZVKkqv0jnL3BpF9kacjro0NT44jk4f4c9Ci41egwPgX7kBZRYAP iK+zkWHF70L/kkyoLrUNj+E1Ty+WN9FBiHe8ncP3GZyoG3ClFrOCQ5w5oP/ghETsREqs nPX8yOZ+pzLPgJge85gSAts5dd6IciDeYF8Ha5B2kXB8xMpyv44zWSRJEjzbBozeXH/6 mL13KE3dCWI5UjqtrSmGltWVCtDEtvK4f9gtjao5cAPQ0OaJDRzrNGW0rKn90/j/zd5l rofA== X-Gm-Message-State: AOUpUlHgPIAvOY1hTH3UrDV89ANENrS8XMoiZfpVaIuKQVjhCvBEsQk0 aBEy0+z3s81vTDS0110t3TIyCg== X-Google-Smtp-Source: AA+uWPwOtqnylJHlmzaePG/v0QzJf95yXCNri2Pa1z72+V7yLUjW5xDl+aWaiF/nzsHsG6cm8l9OFQ== X-Received: by 2002:a63:c80e:: with SMTP id z14-v6mr66638pgg.77.1533676735935; Tue, 07 Aug 2018 14:18:55 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id c88-v6sm3519007pfe.132.2018.08.07.14.18.48 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 07 Aug 2018 14:18:51 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Eric Biggers , Ard Biesheuvel , Giovanni Cabiddu , Alasdair Kergon , Mike Snitzer , Tudor-Dan Ambarus , Andrew Morton , Thomas Gleixner , Geert Uytterhoeven , Arnd Bergmann , Will Deacon , Rasmus Villemoes , David Woodhouse , Matthew Wilcox , "David S. Miller" , "Gustavo A. R. Silva" , linux-crypto@vger.kernel.org, dm-devel@redhat.com, qat-linux@intel.com, linux-kernel@vger.kernel.org Subject: [PATCH v8 8/9] crypto: shash: Remove VLA usage in unaligned hashing Date: Tue, 7 Aug 2018 14:18:42 -0700 Message-Id: <20180807211843.47586-9-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180807211843.47586-1-keescook@chromium.org> References: <20180807211843.47586-1-keescook@chromium.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this uses the newly defined max alignment to perform unaligned hashing to avoid VLAs, and drops the helper function while adding sanity checks on the resulting buffer sizes. Additionally, the __aligned_largest macro is removed since this helper was the only user. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- crypto/shash.c | 27 ++++++++++++++++----------- include/linux/compiler-gcc.h | 1 - 2 files changed, 16 insertions(+), 12 deletions(-) diff --git a/crypto/shash.c b/crypto/shash.c index 86d76b5c626c..d21f04d70dce 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -73,13 +73,6 @@ int crypto_shash_setkey(struct crypto_shash *tfm, const u8 *key, } EXPORT_SYMBOL_GPL(crypto_shash_setkey); -static inline unsigned int shash_align_buffer_size(unsigned len, - unsigned long mask) -{ - typedef u8 __aligned_largest u8_aligned; - return len + (mask & ~(__alignof__(u8_aligned) - 1)); -} - static int shash_update_unaligned(struct shash_desc *desc, const u8 *data, unsigned int len) { @@ -88,11 +81,17 @@ static int shash_update_unaligned(struct shash_desc *desc, const u8 *data, unsigned long alignmask = crypto_shash_alignmask(tfm); unsigned int unaligned_len = alignmask + 1 - ((unsigned long)data & alignmask); - u8 ubuf[shash_align_buffer_size(unaligned_len, alignmask)] - __aligned_largest; + /* + * We cannot count on __aligned() working for large values: + * https://patchwork.kernel.org/patch/9507697/ + */ + u8 ubuf[MAX_ALGAPI_ALIGNMASK * 2]; u8 *buf = PTR_ALIGN(&ubuf[0], alignmask + 1); int err; + if (WARN_ON(buf + unaligned_len > ubuf + sizeof(ubuf))) + return -EINVAL; + if (unaligned_len > len) unaligned_len = len; @@ -124,11 +123,17 @@ static int shash_final_unaligned(struct shash_desc *desc, u8 *out) unsigned long alignmask = crypto_shash_alignmask(tfm); struct shash_alg *shash = crypto_shash_alg(tfm); unsigned int ds = crypto_shash_digestsize(tfm); - u8 ubuf[shash_align_buffer_size(ds, alignmask)] - __aligned_largest; + /* + * We cannot count on __aligned() working for large values: + * https://patchwork.kernel.org/patch/9507697/ + */ + u8 ubuf[MAX_ALGAPI_ALIGNMASK + HASH_MAX_DIGESTSIZE]; u8 *buf = PTR_ALIGN(&ubuf[0], alignmask + 1); int err; + if (WARN_ON(buf + ds > ubuf + sizeof(ubuf))) + return -EINVAL; + err = shash->final(desc, buf); if (err) goto out; diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h index f1a7492a5cc8..1f1cdef36a82 100644 --- a/include/linux/compiler-gcc.h +++ b/include/linux/compiler-gcc.h @@ -125,7 +125,6 @@ */ #define __pure __attribute__((pure)) #define __aligned(x) __attribute__((aligned(x))) -#define __aligned_largest __attribute__((aligned)) #define __printf(a, b) __attribute__((format(printf, a, b))) #define __scanf(a, b) __attribute__((format(scanf, a, b))) #define __attribute_const__ __attribute__((__const__)) From patchwork Tue Aug 7 21:18:43 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10559209 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 855FA1390 for ; Tue, 7 Aug 2018 21:19:09 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 75E752A5F7 for ; Tue, 7 Aug 2018 21:19:09 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6A3B02A5FB; Tue, 7 Aug 2018 21:19:09 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 168E92A5F7 for ; Tue, 7 Aug 2018 21:19:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727240AbeHGXfO (ORCPT ); Tue, 7 Aug 2018 19:35:14 -0400 Received: from mail-pg1-f196.google.com ([209.85.215.196]:40188 "EHLO mail-pg1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727169AbeHGXfN (ORCPT ); Tue, 7 Aug 2018 19:35:13 -0400 Received: by mail-pg1-f196.google.com with SMTP id x5-v6so33651pgp.7 for ; Tue, 07 Aug 2018 14:18:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=xi1UiijgPtH3bEbgxLJTLT+H3zXPa7fDlbmxyBVC5QY=; b=MolSfpaKz70ZU2b1072Jk1SbatLRIM91vChMXrA2xIqNwfxBezcEU2kqo4c2Wno5rh 6QwpE0T2sBrl+rxI8Nxqt0spLN6nEyODTgD28prp0sGMxIV2Mb49rWrW9A0Iz20U3/tm I6ZgxWs75yLRyZGwq2XZx2PttDL0r6w0zlggU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=xi1UiijgPtH3bEbgxLJTLT+H3zXPa7fDlbmxyBVC5QY=; b=eEbSKL6IQRRqgU+U1H1P+xG1/azka5yFceRPE7eFvnj8vOkubYPt1wE5pM0eqPPr2d KX1KPCAAXYG9KEHZ//kc+kNevlDnfo3SkyF3KfM9oWaiolCfgJbv7DI3PEcSyM2iBeTn X88h/koPkCOAoeqWSlx0HSHh8Z+sPHX6MScK6MqdOp8uSzbS9JC6r9NJehG/zdPyI9VY dXytltx3KGwtB/I4QI/XBrffEBkDQJrNq0Qzf6pI2q16hDdkCZsBnh4uwxtxd/qjOpeH uO28Cn3kDOjSYXGJCyuwRTwWkvS6wsHVyG2kwOHyAPuFJ1RPCYDIS1VkSeR2nnbghpX9 rEtA== X-Gm-Message-State: AOUpUlHkRSKppWfzmVaeGMfecqYXJ5LQiI3eo4GyFNKLICep5gmZNK5x 45MrcLNqwVCuQlYQUVPXqUoFMg== X-Google-Smtp-Source: AA+uWPyFXh2Ih2BWYqPM8DkJ+vqdAAp3AfsudSnI3WJ1RwOCXImn5IqCJVa14q7zc2+GF1suv4yY6g== X-Received: by 2002:a62:8559:: with SMTP id u86-v6mr105034pfd.32.1533676735035; Tue, 07 Aug 2018 14:18:55 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id b68-v6sm422503pfd.74.2018.08.07.14.18.49 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 07 Aug 2018 14:18:51 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Eric Biggers , Ard Biesheuvel , Giovanni Cabiddu , Alasdair Kergon , Mike Snitzer , Tudor-Dan Ambarus , Andrew Morton , Thomas Gleixner , Geert Uytterhoeven , Arnd Bergmann , Will Deacon , Rasmus Villemoes , David Woodhouse , Matthew Wilcox , "David S. Miller" , "Gustavo A. R. Silva" , linux-crypto@vger.kernel.org, dm-devel@redhat.com, qat-linux@intel.com, linux-kernel@vger.kernel.org Subject: [PATCH v8 9/9] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK Date: Tue, 7 Aug 2018 14:18:43 -0700 Message-Id: <20180807211843.47586-10-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180807211843.47586-1-keescook@chromium.org> References: <20180807211843.47586-1-keescook@chromium.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP In the quest to remove all stack VLA usage from the kernel[1], this caps the skcipher request size similar to other limits and adds a sanity check at registration. Looking at instrumented tcrypt output, the largest is for lrw: crypt: testing lrw(aes) crypto_skcipher_set_reqsize: 8 crypto_skcipher_set_reqsize: 88 crypto_skcipher_set_reqsize: 472 [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook --- include/crypto/internal/skcipher.h | 1 + include/crypto/skcipher.h | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/include/crypto/internal/skcipher.h b/include/crypto/internal/skcipher.h index e42f7063f245..5035482cbe68 100644 --- a/include/crypto/internal/skcipher.h +++ b/include/crypto/internal/skcipher.h @@ -130,6 +130,7 @@ static inline struct crypto_skcipher *crypto_spawn_skcipher( static inline void crypto_skcipher_set_reqsize( struct crypto_skcipher *skcipher, unsigned int reqsize) { + BUG_ON(reqsize > SKCIPHER_MAX_REQSIZE); skcipher->reqsize = reqsize; } diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h index 2f327f090c3e..c48e194438cf 100644 --- a/include/crypto/skcipher.h +++ b/include/crypto/skcipher.h @@ -139,9 +139,11 @@ struct skcipher_alg { struct crypto_alg base; }; +#define SKCIPHER_MAX_REQSIZE 472 + #define SKCIPHER_REQUEST_ON_STACK(name, tfm) \ char __##name##_desc[sizeof(struct skcipher_request) + \ - crypto_skcipher_reqsize(tfm)] CRYPTO_MINALIGN_ATTR; \ + SKCIPHER_MAX_REQSIZE] CRYPTO_MINALIGN_ATTR; \ struct skcipher_request *name = (void *)__##name##_desc /**