From patchwork Wed Jul 18 15:19:49 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ard Biesheuvel <ard.biesheuvel@linaro.org>
X-Patchwork-Id: 10532679
X-Patchwork-Delegate: snitzer@redhat.com
Return-Path: <dm-devel-bounces@redhat.com>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	2E18A601D2 for <patchwork-dm-devel@patchwork.kernel.org>;
	Wed, 18 Jul 2018 15:20:30 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 009312983A
	for <patchwork-dm-devel@patchwork.kernel.org>;
	Wed, 18 Jul 2018 15:20:30 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id F2BEF29828; Wed, 18 Jul 2018 15:20:29 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-7.8 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	MAILING_LIST_MULTI, RCVD_IN_DNSWL_HI,
	T_DKIM_INVALID autolearn=unavailable version=3.3.1
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
	(using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 77AE6296B9
	for <patchwork-dm-devel@patchwork.kernel.org>;
	Wed, 18 Jul 2018 15:20:22 +0000 (UTC)
Received: from smtp.corp.redhat.com
	(int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 27551308FBA3;
	Wed, 18 Jul 2018 15:20:11 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
	(colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 8A570608EF;
	Wed, 18 Jul 2018 15:20:10 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
	(lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id DBBD418037EF;
	Wed, 18 Jul 2018 15:20:09 +0000 (UTC)
Received: from smtp.corp.redhat.com
	(int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with
	ESMTP id w6IFK6Xi000506 for <dm-devel@listman.util.phx.redhat.com>;
	Wed, 18 Jul 2018 11:20:06 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 7F809608F2; Wed, 18 Jul 2018 15:20:06 +0000 (UTC)
Delivered-To: dm-devel@redhat.com
Received: from mx1.redhat.com (ext-mx19.extmail.prod.ext.phx2.redhat.com
	[10.5.110.48])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 73546608F8
	for <dm-devel@redhat.com>; Wed, 18 Jul 2018 15:20:00 +0000 (UTC)
Received: from mail-it0-f65.google.com (mail-it0-f65.google.com
	[209.85.214.65])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128
	bits)) (No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 520FF307D844
	for <dm-devel@redhat.com>; Wed, 18 Jul 2018 15:19:51 +0000 (UTC)
Received: by mail-it0-f65.google.com with SMTP id p4-v6so4673052itf.2
	for <dm-devel@redhat.com>; Wed, 18 Jul 2018 08:19:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
	h=mime-version:in-reply-to:references:from:date:message-id:subject:to
	:cc; bh=/hpJlyPTehmK42a6kJZbM8fWZcm6EoyU4opSxq9Gk/g=;
	b=GAKH4FbtM9YE5JjGPSszydmNkXGV+DZ9vVB17/+p3C7KqMCey+mseQd/xKNQ2gg8y0
	Lmpn+WEWbezPqrgXImJlmjdpyhabVqgsrf3cs6AhoB6/YdsbbmIEv/IuGi84H3s5rPYU
	Qt07FhuFRphFevlXuXSuy5rzs3I6mvLzjbzQA=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:mime-version:in-reply-to:references:from:date
	:message-id:subject:to:cc;
	bh=/hpJlyPTehmK42a6kJZbM8fWZcm6EoyU4opSxq9Gk/g=;
	b=Ckyxzmpcyb4PAYo1YNbMIFB5mgblhCTIyvR9l78yKuK8XIxUmwkkQ3/jCHD3GC9OXH
	gvrHNa/UWleMCXcEiKxYfpKY2Tk25208w4ql3TfsFCqF5kI7k3BZTAGeRkFMovqRJvdK
	qPGG3hDO4mifILxMlCwtuTGXtBAa+sBMbZc4MqdFBQkXe0IyaHynPekcBYEWFLOxguMN
	NX2CPmY3YcGhaaEdCMV6NwqXWK0Z0pYj/0pKdsISnJ5bcR7/SX7Q1GiSNPQeCGx0AS+c
	NrJaNKwT1/znAirI8GHl8SzWeHbpJ4+245R3QcSP1s9jem0hyapPiOxa5AS7VGt6IAjb
	uQsA==
X-Gm-Message-State: AOUpUlEkXPQdvhpuJH1lmDq2PcVf2b6QCuUNIcbXqivLWKfeFVYNOada
	n4296IQALSyqbvpmUmlTFR74xWwPzD1UVZ+gKUALrg==
X-Google-Smtp-Source: 
 AAOMgpehduyixesWI2rnFZkJUlUrGAAiEYg3fpjRd8PPqic5/LUjdhcaf0o7T2o8tz0H4LNuFDrUEYLBcNQG6p7YnHA=
X-Received: by 2002:a02:35a:: with SMTP id
	y87-v6mr5922270jad.2.1531927190635;
	Wed, 18 Jul 2018 08:19:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a6b:ac05:0:0:0:0:0 with HTTP; Wed, 18 Jul 2018 08:19:49
	-0700 (PDT)
In-Reply-To: 
 <CAKv+Gu-cOV6uo6MpLxr9uQSTT-ku_wn9+D7CC4+3maJtvcaGoA@mail.gmail.com>
References: <20180711203619.1020-1-keescook@chromium.org>
	<20180711203619.1020-12-keescook@chromium.org>
	<CAK8P3a3356dbruUfS_+fj9f+X-0jbNE8WMe5sWhJmuRY9Nvcbg@mail.gmail.com>
	<20180713004038.lwibdesz7ohhoind@gondor.apana.org.au>
	<CAGXu5jLYmC7U=bucFZCLsSXNX=T4WhCccR6hx9dwROYF+ZMt0Q@mail.gmail.com>
	<20180713034406.zwu2pkp3f2onybxs@gondor.apana.org.au>
	<CAGXu5jLR0zJ6b9axJuG_uvttNShNcN3rhQKGVjW37qPd9saY-Q@mail.gmail.com>
	<20180713052029.cfo24bsr5swtbdja@gondor.apana.org.au>
	<CAGXu5jLG4gE44z9cXL3-D1bjbZB1RgTnTsb3PWhU7B3NdRrwVg@mail.gmail.com>
	<CAK8P3a3nk4-EewKTXcLENTb86r1+bJz_WrkJoJt+D1uTwcpxPA@mail.gmail.com>
	<CAGXu5j+Q_jc_f9VybyoJqmV7_Q-3hqnC-pOubfNsi7uyAROVrQ@mail.gmail.com>
	<CAK8P3a3Dh+g=v++BMCtmmiOSnVu4CEUgss0U7BZS_K45aTddqg@mail.gmail.com>
	<CAKv+Gu-cOV6uo6MpLxr9uQSTT-ku_wn9+D7CC4+3maJtvcaGoA@mail.gmail.com>
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date: Thu, 19 Jul 2018 00:19:49 +0900
Message-ID: 
 <CAKv+Gu8e9sm42NKwQvQzD33JTHSaEY2q7sm0W0065dDz_rzSaA@mail.gmail.com>
To: Arnd Bergmann <arnd@arndb.de>
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
	(mx1.redhat.com [10.5.110.48]);
	Wed, 18 Jul 2018 15:19:51 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com
	[10.5.110.48]);
	Wed, 18 Jul 2018 15:19:51 +0000 (UTC) for IP:'209.85.214.65'
	DOMAIN:'mail-it0-f65.google.com' HELO:'mail-it0-f65.google.com'
	FROM:'ard.biesheuvel@linaro.org' RCPT:''
X-RedHat-Spam-Score: -0.131  (DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU,
	RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL,
	SPF_PASS) 209.85.214.65 mail-it0-f65.google.com 209.85.214.65
	mail-it0-f65.google.com <ard.biesheuvel@linaro.org>
X-Scanned-By: MIMEDefang 2.84 on 10.5.110.48
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-loop: dm-devel@redhat.com
Cc: Giovanni Cabiddu <giovanni.cabiddu@intel.com>,
	Kees Cook <keescook@chromium.org>, Mike Snitzer <snitzer@redhat.com>,
	"Gustavo A. R. Silva" <gustavo@embeddedor.com>,
	Eric Biggers <ebiggers@google.com>, qat-linux@intel.com,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	Masahiro Yamada <yamada.masahiro@socionext.com>, dm-devel@redhat.com,
	"open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
	<linux-crypto@vger.kernel.org>, Rabin Vincent <rabinv@axis.com>,
	Lars Persson <larper@axis.com>, Tim Chen <tim.c.chen@linux.intel.com>,
	"David S. Miller" <davem@davemloft.net>,
	Alasdair Kergon <agk@redhat.com>,
	Herbert Xu <herbert@gondor.apana.org.au>
Subject: Re: [dm-devel] [PATCH v4 11/14] treewide: Prepare to remove VLA
	usage for AHASH_REQUEST_ON_STACK
X-BeenThere: dm-devel@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: device-mapper development <dm-devel.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/dm-devel>,
	<mailto:dm-devel-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/dm-devel>
List-Post: <mailto:dm-devel@redhat.com>
List-Help: <mailto:dm-devel-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/dm-devel>,
	<mailto:dm-devel-request@redhat.com?subject=subscribe>
Sender: dm-devel-bounces@redhat.com
Errors-To: dm-devel-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
	(mx1.redhat.com [10.5.110.43]);
	Wed, 18 Jul 2018 15:20:11 +0000 (UTC)
X-Virus-Scanned: ClamAV using ClamSMTP

On 18 July 2018 at 23:50, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
> On 18 July 2018 at 05:59, Arnd Bergmann <arnd@arndb.de> wrote:
>> On Sun, Jul 15, 2018 at 6:28 AM, Kees Cook <keescook@chromium.org> wrote:
>>>
>>> After my ahash to shash conversions, only ccm is left as an ahash
>>> user, since it actually uses sg. But with the hard-coded value reduced
>>> to 376, this doesn't trip the frame warnings any more. :)
>>>
>>> I'll send an updated series soon.
>>
>> Maybe we should get rid of that one as well then and remove
>> AHASH_REQUEST_ON_STACK()?
>>
>> I see that Ard (now on Cc) added this usage only recently. Looking
>> at the code some more, I also find that the descsize is probably
>> much smaller than 376 for all possible cases   of "cbcmac(*)",
>> either alg->cra_blocksize plus a few bytes or sizeof(mac_desc_ctx)
>> (i.e. 20) for arch/arm64/crypto/aes-glue.c.
>>
>> Walking the sglist here means open-coding a shash_ahash_update()
>> implementation in crypto_ccm_auth(), that that doesn't seem to
>> add much complexity over what it already has to do to chain
>> the sglist today.
>>
>
> It would be better to add a variably sized ahash request member to
> struct crypto_ccm_req_priv_ctx, the only problem is that the last
> member of that struct (skreq) is variably sized already, so it would
> involve having a struct ahash_request pointer pointing into the same
> struct, after the skreq member.

Actually, I think the below should already do the trick: ahreq and
skreq are not used at the same time, so we can stick them in a union,
and take the max() of the reqsize to ensure there's enough empty space
after it.

--------8<----------
---
dm-devel mailing list
dm-devel@redhat.com
https://www.redhat.com/mailman/listinfo/dm-devel

diff --git a/crypto/ccm.c b/crypto/ccm.c
index 0a083342ec8c..b242fd0d3262 100644
--- a/crypto/ccm.c
+++ b/crypto/ccm.c
@@ -50,7 +50,10 @@ struct crypto_ccm_req_priv_ctx {
        u32 flags;
        struct scatterlist src[3];
        struct scatterlist dst[3];
-       struct skcipher_request skreq;
+       union {
+               struct ahash_request ahreq;
+               struct skcipher_request skreq;
+       };
 };

 struct cbcmac_tfm_ctx {
@@ -181,7 +184,7 @@
        struct crypto_ccm_req_priv_ctx *pctx = crypto_ccm_reqctx(req);
        struct crypto_aead *aead = crypto_aead_reqtfm(req);
        struct crypto_ccm_ctx *ctx = crypto_aead_ctx(aead);
-       AHASH_REQUEST_ON_STACK(ahreq, ctx->mac);
+       struct ahash_request *ahreq = &pctx->ahreq;
        unsigned int assoclen = req->assoclen;
        struct scatterlist sg[3];
        u8 *odata = pctx->odata;
@@ -427,7 +430,7 @@
        crypto_aead_set_reqsize(
                tfm,
                align + sizeof(struct crypto_ccm_req_priv_ctx) +
-               crypto_skcipher_reqsize(ctr));
+               max(crypto_ahash_reqsize(mac), crypto_skcipher_reqsize(ctr)));

        return 0;