tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

crypto: omap-aes - Remove VLA usage of skcipher

In the quest to remove all stack VLA usage from the kernel[1], this
replaces struct crypto_skcipher and SKCIPHER_REQUEST_ON_STACK() usage
with struct crypto_sync_skcipher and SYNC_SKCIPHER_REQUEST_ON_STACK(),
which uses a fixed stack size.

[1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Kees Cook and committed by
Herbert Xu e87f203c f805f59d

+9 -10
+8 -9
drivers/crypto/omap-aes.c
··· 522 522 !!(mode & FLAGS_CBC)); 523 523 524 524 if (req->nbytes < aes_fallback_sz) { 525 - SKCIPHER_REQUEST_ON_STACK(subreq, ctx->fallback); 525 + SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->fallback); 526 526 527 - skcipher_request_set_tfm(subreq, ctx->fallback); 527 + skcipher_request_set_sync_tfm(subreq, ctx->fallback); 528 528 skcipher_request_set_callback(subreq, req->base.flags, NULL, 529 529 NULL); 530 530 skcipher_request_set_crypt(subreq, req->src, req->dst, ··· 564 564 memcpy(ctx->key, key, keylen); 565 565 ctx->keylen = keylen; 566 566 567 - crypto_skcipher_clear_flags(ctx->fallback, CRYPTO_TFM_REQ_MASK); 568 - crypto_skcipher_set_flags(ctx->fallback, tfm->base.crt_flags & 567 + crypto_sync_skcipher_clear_flags(ctx->fallback, CRYPTO_TFM_REQ_MASK); 568 + crypto_sync_skcipher_set_flags(ctx->fallback, tfm->base.crt_flags & 569 569 CRYPTO_TFM_REQ_MASK); 570 570 571 - ret = crypto_skcipher_setkey(ctx->fallback, key, keylen); 571 + ret = crypto_sync_skcipher_setkey(ctx->fallback, key, keylen); 572 572 if (!ret) 573 573 return 0; 574 574 ··· 613 613 static int omap_aes_cra_init(struct crypto_tfm *tfm) 614 614 { 615 615 const char *name = crypto_tfm_alg_name(tfm); 616 - const u32 flags = CRYPTO_ALG_ASYNC | CRYPTO_ALG_NEED_FALLBACK; 617 616 struct omap_aes_ctx *ctx = crypto_tfm_ctx(tfm); 618 - struct crypto_skcipher *blk; 617 + struct crypto_sync_skcipher *blk; 619 618 620 - blk = crypto_alloc_skcipher(name, 0, flags); 619 + blk = crypto_alloc_sync_skcipher(name, 0, CRYPTO_ALG_NEED_FALLBACK); 621 620 if (IS_ERR(blk)) 622 621 return PTR_ERR(blk); 623 622 ··· 666 667 struct omap_aes_ctx *ctx = crypto_tfm_ctx(tfm); 667 668 668 669 if (ctx->fallback) 669 - crypto_free_skcipher(ctx->fallback); 670 + crypto_free_sync_skcipher(ctx->fallback); 670 671 671 672 ctx->fallback = NULL; 672 673 }
+1 -1
drivers/crypto/omap-aes.h
··· 101 101 int keylen; 102 102 u32 key[AES_KEYSIZE_256 / sizeof(u32)]; 103 103 u8 nonce[4]; 104 - struct crypto_skcipher *fallback; 104 + struct crypto_sync_skcipher *fallback; 105 105 struct crypto_skcipher *ctr; 106 106 }; 107 107