drbd: dynamically allocate shash descriptor

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Building with clang and KASAN, we get a warning about an overly large
stack frame on 32-bit architectures:

drivers/block/drbd/drbd_receiver.c:921:31: error: stack frame size of 1280 bytes in function 'conn_connect'
[-Werror,-Wframe-larger-than=]

We already allocate other data dynamically in this function, so
just do the same for the shash descriptor, which makes up most of
this memory.

Link: https://lore.kernel.org/lkml/20190617132440.2721536-1-arnd@arndb.de/
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Roland Kammerer <roland.kammerer@linbit.com>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

authored by

Arnd Bergmann and committed by

Jens Axboe 6 years ago 77ce56e2 327fe1d4

+12 -2

1 changed file

expand all

drivers

block

drbd

drbd_receiver.c

+12 -2

drivers/block/drbd/drbd_receiver.c

··· 5417 5417 unsigned int key_len; 5418 5418 char secret[SHARED_SECRET_MAX]; /* 64 byte */ 5419 5419 unsigned int resp_size; 5420 - SHASH_DESC_ON_STACK(desc, connection->cram_hmac_tfm); 5420 + struct shash_desc *desc; 5421 5421 struct packet_info pi; 5422 5422 struct net_conf *nc; 5423 5423 int err, rv; ··· 5430 5430 memcpy(secret, nc->shared_secret, key_len); 5431 5431 rcu_read_unlock(); 5432 5432 5433 + desc = kmalloc(sizeof(struct shash_desc) + 5434 + crypto_shash_descsize(connection->cram_hmac_tfm), 5435 + GFP_KERNEL); 5436 + if (!desc) { 5437 + rv = -1; 5438 + goto fail; 5439 + } 5433 5440 desc->tfm = connection->cram_hmac_tfm; 5434 5441 5435 5442 rv = crypto_shash_setkey(connection->cram_hmac_tfm, (u8 *)secret, key_len); ··· 5578 5571 kfree(peers_ch); 5579 5572 kfree(response); 5580 5573 kfree(right_response); 5581 - shash_desc_zero(desc); 5574 + if (desc) { 5575 + shash_desc_zero(desc); 5576 + kfree(desc); 5577 + } 5582 5578 5583 5579 return rv; 5584 5580 }