From patchwork Tue Aug 7 21:18:34 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 10559217 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A46E11390 for ; Tue, 7 Aug 2018 21:19:39 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 933732A5F7 for ; Tue, 7 Aug 2018 21:19:39 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 860A82A5FB; Tue, 7 Aug 2018 21:19:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1B85C2A5F7 for ; Tue, 7 Aug 2018 21:19:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727028AbeHGXfI (ORCPT ); Tue, 7 Aug 2018 19:35:08 -0400 Received: from mail-pg1-f193.google.com ([209.85.215.193]:40179 "EHLO mail-pg1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726975AbeHGXfH (ORCPT ); Tue, 7 Aug 2018 19:35:07 -0400 Received: by mail-pg1-f193.google.com with SMTP id x5-v6so33544pgp.7 for ; Tue, 07 Aug 2018 14:18:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id; bh=GJBSyw+dCuiZTzIvf1Q9003/4LB0dv3naSdwyLa2ocs=; b=RhU0h6e98v41YBg0ZTy8pO+7Hiags6PuRwMgeEBw9I/NLCb+XYXweLoCxCsuliDc4A 3pUYLszLvcrk+tYgO+zdpYA/XCCHQeztK476GkPzZkjuGR60QW1HvAxJPTOZf6XaRQVZ WxDWr9BY50M30cdj00cqiZNpSu5xVgPt55vl4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=GJBSyw+dCuiZTzIvf1Q9003/4LB0dv3naSdwyLa2ocs=; b=sxYiWwSmieUikT7aaPBCHvxWSbez3vSu2Axn3YscKfadO/A9lDeDt8GRnpkwFEGhJw E5S3rh8oYU4AqB2GvL8qLe05rmKPHs++MgOTt8a+mjtld4v2dU5bPWDr7zKI7U8vXRjt 2SPsMfJOMWrRDBbLCSL38JTHKCAUJNTVQ0DejDLw0Ns1JefZYpn+TCvPBjTTu7gm8+5E SrjGNUFgdAGSeGcKTQ53sjy1LzoRkOVOmiIdSiOksXKfLhpbdc0vI+nKFDzT7jyh6Y3w B36Dg7rSUXdfRJaCT8xOhMEyPIfmEy/8sQABRJOSbLGKhFoFUOgSCJgXklWtqM7wJAq0 +96w== X-Gm-Message-State: AOUpUlEtbADoB27opAssyD0BWD+ZOG/yONqGKu7fAt0XsTHKC56YA7y4 e/tU2gir9eMMHGJzxxaCfhT+Pw== X-Google-Smtp-Source: AA+uWPzzE9O/ThxdIf3TXndmKi44F3o9HTp6DWG1ku2hgDcUrYWab4GHX8PQ3ep49GXiFs/XqCZTXw== X-Received: by 2002:a62:9f85:: with SMTP id v5-v6mr81135pfk.27.1533676728213; Tue, 07 Aug 2018 14:18:48 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id x87-v6sm4465849pfa.143.2018.08.07.14.18.45 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 07 Aug 2018 14:18:46 -0700 (PDT) From: Kees Cook To: Herbert Xu Cc: Kees Cook , Eric Biggers , Ard Biesheuvel , Giovanni Cabiddu , Alasdair Kergon , Mike Snitzer , Tudor-Dan Ambarus , Andrew Morton , Thomas Gleixner , Geert Uytterhoeven , Arnd Bergmann , Will Deacon , Rasmus Villemoes , David Woodhouse , Matthew Wilcox , "David S. Miller" , "Gustavo A. R. Silva" , linux-crypto@vger.kernel.org, dm-devel@redhat.com, qat-linux@intel.com, linux-kernel@vger.kernel.org Subject: [PATCH v8 0/9] crypto: Remove VLA usage Date: Tue, 7 Aug 2018 14:18:34 -0700 Message-Id: <20180807211843.47586-1-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP v8 cover letter: I continue to hope this can land in v4.19, but I realize that's unlikely. It would be nice, though, if some of the "trivial" patches could get taken (e.g. cbc, xcbc, ccm VLA removals) so I don't have to keep repeating them. *fingers crossed* Series cover letter: This is nearly the last of the VLA removals[1], but it's one of the largest because crypto gets used in lots of places. After looking through code, usage, reading the threads Gustavo started, and comparing the use-cases to the other VLA removals that have landed in the kernel, I think this series is likely the best way forward to shut the door on VLAs forever. For background, the crypto stack usage is for callers to do an immediate bit of work that doesn't allocate new memory. This means that other VLA removal techniques (like just using kmalloc) aren't workable, and the next common technique is needed: examination of maximum stack usage and the addition of sanity checks. This series does that, and in several cases, these maximums were already implicit in the code. This series is intended to land via the crypto tree for 4.19, though it touches dm, networking, and a few other things as well, since there are dependent patches (new crypto #defines being used, etc). Thanks! -Kees [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Changelog: v8: - remove "impossible condition" BUG-check in cbc. v7: - refresh and reorganize without ahash->shash conversions - merge hash maximums for both shash and ahash v6: - make xcbc blocksize unconditional - add ahash-to-shash conversion patch series to entirely remove AHASH_REQUEST_ON_STACK from the kernel v5: - limit AHASH_REQUEST_ON_STACK size only to non-async hash wrapping. - sanity-check ahash reqsize only when doing shash wrapping. - remove frame_warn changes in favor of shash conversions and other fixes. - send ahash to shash conversion patches and other fixes separately. v4: - add back *_REQUEST_ON_STACK patches. - programmatically find stack sizes for *_REQUEST_ON_STACK patches. - whitelist some code that trips FRAME_WARN on 32-bit builds. - fix alignment patches. v3: - drop *_REQUEST_ON_STACK patches. The rest of this series is pretty straight-forward, and I'd like to get them tested in -next while we continue to chip away at the *_REQUEST_ON_STACK VLA removal patches separately. "Part 2" will continue with those. v2: - use 512 instead of PAGE_SIZE / 8 to avoid bloat on large-page archs. - swtich xcbc to "16" max universally. - fix typo in bounds check for dm buffer size. - examine actual reqsizes for skcipher and ahash instead of guessing. - improve names and comments for alg maxes Ard Biesheuvel (1): crypto: ccm: Remove VLA usage Kees Cook (8): crypto: xcbc: Remove VLA usage crypto: cbc: Remove VLA usage crypto: hash: Remove VLA usage dm: Remove VLA usage from hashes crypto alg: Introduce generic max blocksize and alignmask crypto: qat: Remove VLA usage crypto: shash: Remove VLA usage in unaligned hashing crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK crypto/ahash.c | 4 +-- crypto/algapi.c | 7 ++++- crypto/algif_hash.c | 2 +- crypto/ccm.c | 9 ++++--- crypto/shash.c | 33 ++++++++++++++---------- crypto/xcbc.c | 8 +++--- drivers/crypto/qat/qat_common/qat_algs.c | 8 ++++-- drivers/md/dm-integrity.c | 23 ++++++++++++----- drivers/md/dm-verity-fec.c | 5 +++- include/crypto/algapi.h | 4 ++- include/crypto/cbc.h | 2 +- include/crypto/hash.h | 6 ++++- include/crypto/internal/skcipher.h | 1 + include/crypto/skcipher.h | 4 ++- include/linux/compiler-gcc.h | 1 - 15 files changed, 79 insertions(+), 38 deletions(-)