[v7,2/9] crypto: cbc: Remove VLA usage

Message ID	20180802225152.19194-3-keescook@chromium.org (mailing list archive)
State	Changes Requested
Delegated to:	Herbert Xu
Headers	show Return-Path: <linux-crypto-owner@kernel.org> From: Kees Cook <keescook@chromium.org> To: Herbert Xu <herbert@gondor.apana.org.au> Cc: Kees Cook <keescook@chromium.org>, Ard Biesheuvel <ard.biesheuvel@linaro.org>, Giovanni Cabiddu <giovanni.cabiddu@intel.com>, Alasdair Kergon <agk@redhat.com>, Mike Snitzer <snitzer@redhat.com>, dm-devel@redhat.com, Tudor-Dan Ambarus <tudor.ambarus@microchip.com>, Andrew Morton <akpm@linux-foundation.org>, Thomas Gleixner <tglx@linutronix.de>, Geert Uytterhoeven <geert@linux-m68k.org>, Arnd Bergmann <arnd@arndb.de>, Will Deacon <will.deacon@arm.com>, Rasmus Villemoes <linux@rasmusvillemoes.dk>, David Woodhouse <dwmw@amazon.co.uk>, Matthew Wilcox <mawilcox@microsoft.com>, "David S. Miller" <davem@davemloft.net>, linux-crypto@vger.kernel.org, qat-linux@intel.com, linux-kernel@vger.kernel.org Subject: [PATCH v7 2/9] crypto: cbc: Remove VLA usage Date: Thu, 2 Aug 2018 15:51:45 -0700 Message-Id: <20180802225152.19194-3-keescook@chromium.org> In-Reply-To: <20180802225152.19194-1-keescook@chromium.org> References: <20180802225152.19194-1-keescook@chromium.org> Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk
Series	crypto: Remove VLA usage \| expand [v7,0/9] crypto: Remove VLA usage [v7,1/9] crypto: xcbc: Remove VLA usage [v7,2/9] crypto: cbc: Remove VLA usage [v7,3/9] crypto: ccm: Remove VLA usage [v7,4/9] crypto: hash: Remove VLA usage [v7,5/9] dm: Remove VLA usage from hashes [v7,6/9] crypto alg: Introduce generic max blocksize and alignmask [v7,7/9] crypto: qat: Remove VLA usage [v7,8/9] crypto: shash: Remove VLA usage in unaligned hashing [v7,9/9] crypto: skcipher: Remove VLA usage for SKCIPHER_REQUEST_ON_STACK

Message ID

20180802225152.19194-3-keescook@chromium.org (mailing list archive)

State

Changes Requested

Delegated to:

Herbert Xu

Headers

From: Kees Cook <keescook@chromium.org>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Kees Cook <keescook@chromium.org>,
        Ard Biesheuvel <ard.biesheuvel@linaro.org>,
        Giovanni Cabiddu <giovanni.cabiddu@intel.com>,
        Alasdair Kergon <agk@redhat.com>,
        Mike Snitzer <snitzer@redhat.com>, dm-devel@redhat.com,
        Tudor-Dan Ambarus <tudor.ambarus@microchip.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Geert Uytterhoeven <geert@linux-m68k.org>,
        Arnd Bergmann <arnd@arndb.de>,
        Will Deacon <will.deacon@arm.com>,
        Rasmus Villemoes <linux@rasmusvillemoes.dk>,
        David Woodhouse <dwmw@amazon.co.uk>,
        Matthew Wilcox <mawilcox@microsoft.com>,
        "David S. Miller" <davem@davemloft.net>,
        linux-crypto@vger.kernel.org, qat-linux@intel.com,
        linux-kernel@vger.kernel.org
Subject: [PATCH v7 2/9] crypto: cbc: Remove VLA usage
Date: Thu,  2 Aug 2018 15:51:45 -0700
Message-Id: <20180802225152.19194-3-keescook@chromium.org>
In-Reply-To: <20180802225152.19194-1-keescook@chromium.org>
References: <20180802225152.19194-1-keescook@chromium.org>
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk

Series

crypto: Remove VLA usage | expand

Commit Message

Kees Cook Aug. 2, 2018, 10:51 p.m. UTC

In the quest to remove all stack VLA usage from the kernel[1], this
uses the upper bounds on blocksize. Since this is always a cipher
blocksize, use the existing cipher max blocksize.

[1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com

Signed-off-by: Kees Cook <keescook@chromium.org>
---
 include/crypto/cbc.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Comments

Herbert Xu Aug. 7, 2018, 9:47 a.m. UTC | #1

On Thu, Aug 02, 2018 at 03:51:45PM -0700, Kees Cook wrote:
> In the quest to remove all stack VLA usage from the kernel[1], this
> uses the upper bounds on blocksize. Since this is always a cipher
> blocksize, use the existing cipher max blocksize.
> 
> [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com
> 
> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---
>  include/crypto/cbc.h | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/include/crypto/cbc.h b/include/crypto/cbc.h
> index f5b8bfc22e6d..47db0aac2ab9 100644
> --- a/include/crypto/cbc.h
> +++ b/include/crypto/cbc.h
> @@ -113,7 +113,9 @@ static inline int crypto_cbc_decrypt_inplace(
>  	unsigned int bsize = crypto_skcipher_blocksize(tfm);
>  	unsigned int nbytes = walk->nbytes;
>  	u8 *src = walk->src.virt.addr;
> -	u8 last_iv[bsize];
> +	u8 last_iv[MAX_CIPHER_BLOCKSIZE];
> +
> +	BUG_ON(bsize > sizeof(last_iv));

Ugh, please don't add these BUG_ONs.  Add them to the places where
the algorithm is created (if they aren't checking that already).

Thanks,

Kees Cook Aug. 7, 2018, 8:52 p.m. UTC | #2

On Tue, Aug 7, 2018 at 2:47 AM, Herbert Xu <herbert@gondor.apana.org.au> wrote:
> On Thu, Aug 02, 2018 at 03:51:45PM -0700, Kees Cook wrote:
>> In the quest to remove all stack VLA usage from the kernel[1], this
>> uses the upper bounds on blocksize. Since this is always a cipher
>> blocksize, use the existing cipher max blocksize.
>>
>> [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com
>>
>> Signed-off-by: Kees Cook <keescook@chromium.org>
>> ---
>>  include/crypto/cbc.h | 4 +++-
>>  1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/include/crypto/cbc.h b/include/crypto/cbc.h
>> index f5b8bfc22e6d..47db0aac2ab9 100644
>> --- a/include/crypto/cbc.h
>> +++ b/include/crypto/cbc.h
>> @@ -113,7 +113,9 @@ static inline int crypto_cbc_decrypt_inplace(
>>       unsigned int bsize = crypto_skcipher_blocksize(tfm);
>>       unsigned int nbytes = walk->nbytes;
>>       u8 *src = walk->src.virt.addr;
>> -     u8 last_iv[bsize];
>> +     u8 last_iv[MAX_CIPHER_BLOCKSIZE];
>> +
>> +     BUG_ON(bsize > sizeof(last_iv));
>
> Ugh, please don't add these BUG_ONs.  Add them to the places where
> the algorithm is created (if they aren't checking that already).

It's already being checked (cra_blocksize vs MAX_CIPHER_BLOCKSIZE) so
I was just adding the BUG_ON to catch "impossible" behavior. I'll
leave it out in the next revision.

-Kees

diff --git a/include/crypto/cbc.h b/include/crypto/cbc.h
index f5b8bfc22e6d..47db0aac2ab9 100644
--- a/include/crypto/cbc.h
+++ b/include/crypto/cbc.h
@@ -113,7 +113,9 @@  static inline int crypto_cbc_decrypt_inplace(
 	unsigned int bsize = crypto_skcipher_blocksize(tfm);
 	unsigned int nbytes = walk->nbytes;
 	u8 *src = walk->src.virt.addr;
-	u8 last_iv[bsize];
+	u8 last_iv[MAX_CIPHER_BLOCKSIZE];
+
+	BUG_ON(bsize > sizeof(last_iv));
 
 	/* Start of the last block. */
 	src += nbytes - (nbytes & (bsize - 1)) - bsize;

[v7,2/9] crypto: cbc: Remove VLA usage

Commit Message

Comments

Patch