block: cryptoloop: Remove VLA usage of skcipher

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

In the quest to remove all stack VLA usage from the kernel[1], this
replaces struct crypto_skcipher and SKCIPHER_REQUEST_ON_STACK() usage
with struct crypto_sync_skcipher and SYNC_SKCIPHER_REQUEST_ON_STACK(),
which uses a fixed stack size.

[1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com

Cc: Jens Axboe <axboe@kernel.dk>
Cc: linux-block@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Kees Cook and committed by

Herbert Xu 7 years ago dc568baf 88fe0b95

+11 -11

1 changed file

expand all

drivers

block

cryptoloop.c

+11 -11

drivers/block/cryptoloop.c

··· 45 45 char cms[LO_NAME_SIZE]; /* cipher-mode string */ 46 46 char *mode; 47 47 char *cmsp = cms; /* c-m string pointer */ 48 - struct crypto_skcipher *tfm; 48 + struct crypto_sync_skcipher *tfm; 49 49 50 50 /* encryption breaks for non sector aligned offsets */ 51 51 ··· 80 80 *cmsp++ = ')'; 81 81 *cmsp = 0; 82 82 83 - tfm = crypto_alloc_skcipher(cms, 0, CRYPTO_ALG_ASYNC); 83 + tfm = crypto_alloc_sync_skcipher(cms, 0, 0); 84 84 if (IS_ERR(tfm)) 85 85 return PTR_ERR(tfm); 86 86 87 - err = crypto_skcipher_setkey(tfm, info->lo_encrypt_key, 88 - info->lo_encrypt_key_size); 89 - 87 + err = crypto_sync_skcipher_setkey(tfm, info->lo_encrypt_key, 88 + info->lo_encrypt_key_size); 89 + 90 90 if (err != 0) 91 91 goto out_free_tfm; 92 92 ··· 94 94 return 0; 95 95 96 96 out_free_tfm: 97 - crypto_free_skcipher(tfm); 97 + crypto_free_sync_skcipher(tfm); 98 98 99 99 out: 100 100 return err; ··· 109 109 struct page *loop_page, unsigned loop_off, 110 110 int size, sector_t IV) 111 111 { 112 - struct crypto_skcipher *tfm = lo->key_data; 113 - SKCIPHER_REQUEST_ON_STACK(req, tfm); 112 + struct crypto_sync_skcipher *tfm = lo->key_data; 113 + SYNC_SKCIPHER_REQUEST_ON_STACK(req, tfm); 114 114 struct scatterlist sg_out; 115 115 struct scatterlist sg_in; 116 116 ··· 119 119 unsigned in_offs, out_offs; 120 120 int err; 121 121 122 - skcipher_request_set_tfm(req, tfm); 122 + skcipher_request_set_sync_tfm(req, tfm); 123 123 skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, 124 124 NULL, NULL); 125 125 ··· 175 175 static int 176 176 cryptoloop_release(struct loop_device *lo) 177 177 { 178 - struct crypto_skcipher *tfm = lo->key_data; 178 + struct crypto_sync_skcipher *tfm = lo->key_data; 179 179 if (tfm != NULL) { 180 - crypto_free_skcipher(tfm); 180 + crypto_free_sync_skcipher(tfm); 181 181 lo->key_data = NULL; 182 182 return 0; 183 183 }