crypto: xcbc - Remove VLA usage
In the quest to remove all stack VLA usage from the kernel[1], this uses the maximum blocksize and adds a sanity check. For xcbc, the blocksize must always be 16, so use that, since it's already being enforced during instantiation. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Change-Id: I4b1f851ccd31004cc5c0c28e73385aa16bcb53a9 Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Git-Repo: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git Git-Commit: 3bdd23f886c08a0d649c535e1e2cf083ec600036 Signed-off-by: Rishabh Bhatnagar <rishabhb@codeaurora.org>
This commit is contained in:
parent
69aafa11ff
commit
6d56799a6a
1 changed files with 5 additions and 3 deletions
|
@ -57,15 +57,17 @@ struct xcbc_desc_ctx {
|
||||||
u8 ctx[];
|
u8 ctx[];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
#define XCBC_BLOCKSIZE 16
|
||||||
|
|
||||||
static int crypto_xcbc_digest_setkey(struct crypto_shash *parent,
|
static int crypto_xcbc_digest_setkey(struct crypto_shash *parent,
|
||||||
const u8 *inkey, unsigned int keylen)
|
const u8 *inkey, unsigned int keylen)
|
||||||
{
|
{
|
||||||
unsigned long alignmask = crypto_shash_alignmask(parent);
|
unsigned long alignmask = crypto_shash_alignmask(parent);
|
||||||
struct xcbc_tfm_ctx *ctx = crypto_shash_ctx(parent);
|
struct xcbc_tfm_ctx *ctx = crypto_shash_ctx(parent);
|
||||||
int bs = crypto_shash_blocksize(parent);
|
|
||||||
u8 *consts = PTR_ALIGN(&ctx->ctx[0], alignmask + 1);
|
u8 *consts = PTR_ALIGN(&ctx->ctx[0], alignmask + 1);
|
||||||
int err = 0;
|
int err = 0;
|
||||||
u8 key1[bs];
|
u8 key1[XCBC_BLOCKSIZE];
|
||||||
|
int bs = sizeof(key1);
|
||||||
|
|
||||||
if ((err = crypto_cipher_setkey(ctx->child, inkey, keylen)))
|
if ((err = crypto_cipher_setkey(ctx->child, inkey, keylen)))
|
||||||
return err;
|
return err;
|
||||||
|
@ -212,7 +214,7 @@ static int xcbc_create(struct crypto_template *tmpl, struct rtattr **tb)
|
||||||
return PTR_ERR(alg);
|
return PTR_ERR(alg);
|
||||||
|
|
||||||
switch(alg->cra_blocksize) {
|
switch(alg->cra_blocksize) {
|
||||||
case 16:
|
case XCBC_BLOCKSIZE:
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
goto out_put_alg;
|
goto out_put_alg;
|
||||||
|
|
Loading…
Reference in a new issue