From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.1 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_PASS, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6B1D7C28CF6 for ; Fri, 3 Aug 2018 16:37:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 1A8CE21777 for ; Fri, 3 Aug 2018 16:37:52 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="OmPg6ppm" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1A8CE21777 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=chromium.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729612AbeHCSew (ORCPT ); Fri, 3 Aug 2018 14:34:52 -0400 Received: from mail-pg1-f194.google.com ([209.85.215.194]:41232 "EHLO mail-pg1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727362AbeHCSev (ORCPT ); Fri, 3 Aug 2018 14:34:51 -0400 Received: by mail-pg1-f194.google.com with SMTP id z8-v6so3079565pgu.8 for ; Fri, 03 Aug 2018 09:37:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:mime-version:content-disposition; bh=lsbzl/aTVJqe9yg2zOgT5GvTyvwlhm8GeYPdTfOQU6s=; b=OmPg6ppmxkYcgnsVnRuW/4A0FBNY+vzs8ePsMJ6OHfu3rd2emnvwUV3UIB3UQLwIA6 3/K7aztKBQpy+8whKec8uPJidLx7G1USeTnkcElCzfb0NhEuQ7Ow5/C2hojbyowxhZf7 vpKzEYxPtVWaizoRCS9MZbWOfqERB3DGI1LzU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version :content-disposition; bh=lsbzl/aTVJqe9yg2zOgT5GvTyvwlhm8GeYPdTfOQU6s=; b=uPQLiFlmoSl9fOzkJzR7fpz9A7gohtFbLsb6uwgHPBKIhQwHYPG2J/fTE04yTifsfz NK7DT72trTAfYHG5SNaiT3tUT1Qzpy7b68aTGeaikl1gY2DRHVOKywmmbbevORQjEnwV 5dc18fv661InGMweWgF1EbOV0RfehWlrdeq1o7AoEjcqnLv9GKIH12jW6WmNUOrgSaq/ MfbMrWdoGugi6k2IGsEGlgNLNXqxXNJDs1MpXEoXKH1zwWfqjD26lrRe52qDaIRhwgoB e2rzzl30e5I/hObjAWJbbaQ2gxxbAiz7tfBwI7PqJ/C9HUNTm28d7nFJttuw+FO/hLfc u/Yg== X-Gm-Message-State: AOUpUlHZU3XZCx9hxnlwRt3fiBC6GP52iJUIL53BAqbNzcCFRgLHcjiO kh1LOVKBl5xNQLeseAakyuj6hw== X-Google-Smtp-Source: AAOMgpdDx9BWEChtSz8riujxpWrtmtnovqNTQxPZrEc6OZ2S4NHAuVk07ap4LlhoN9W32kjaVShTyQ== X-Received: by 2002:a62:d842:: with SMTP id e63-v6mr5415959pfg.88.1533314268041; Fri, 03 Aug 2018 09:37:48 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id q10-v6sm7343072pfh.124.2018.08.03.09.37.46 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 03 Aug 2018 09:37:46 -0700 (PDT) Date: Fri, 3 Aug 2018 09:37:45 -0700 From: Kees Cook To: Network Development Cc: Paul Mackerras , linux-ppp@vger.kernel.org, "David S. Miller" , linux-kernel@vger.kernel.org Subject: [PATCH net-next] ppp: mppe: Remove VLA usage Message-ID: <20180803163745.GA45715@beast> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org In the quest to remove all stack VLA usage from the kernel[1], this removes the discouraged use of AHASH_REQUEST_ON_STACK (and associated VLA) by switching to shash directly and keeping the associated descriptor allocated with the regular state on the heap. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Signed-off-by: Kees Cook Acked-by: Arnd Bergmann --- Paul suggested this go via netdev directly: https://lkml.kernel.org/r/20180803031315.GA30807@fergus --- drivers/net/ppp/ppp_mppe.c | 56 ++++++++++++++++++++------------------ 1 file changed, 30 insertions(+), 26 deletions(-) diff --git a/drivers/net/ppp/ppp_mppe.c b/drivers/net/ppp/ppp_mppe.c index 6c7fd98cb00a..a205750b431b 100644 --- a/drivers/net/ppp/ppp_mppe.c +++ b/drivers/net/ppp/ppp_mppe.c @@ -96,7 +96,7 @@ static inline void sha_pad_init(struct sha_pad *shapad) */ struct ppp_mppe_state { struct crypto_skcipher *arc4; - struct crypto_ahash *sha1; + struct shash_desc *sha1; unsigned char *sha1_digest; unsigned char master_key[MPPE_MAX_KEY_LEN]; unsigned char session_key[MPPE_MAX_KEY_LEN]; @@ -136,25 +136,16 @@ struct ppp_mppe_state { */ static void get_new_key_from_sha(struct ppp_mppe_state * state) { - AHASH_REQUEST_ON_STACK(req, state->sha1); - struct scatterlist sg[4]; - unsigned int nbytes; - - sg_init_table(sg, 4); - - nbytes = setup_sg(&sg[0], state->master_key, state->keylen); - nbytes += setup_sg(&sg[1], sha_pad->sha_pad1, - sizeof(sha_pad->sha_pad1)); - nbytes += setup_sg(&sg[2], state->session_key, state->keylen); - nbytes += setup_sg(&sg[3], sha_pad->sha_pad2, - sizeof(sha_pad->sha_pad2)); - - ahash_request_set_tfm(req, state->sha1); - ahash_request_set_callback(req, 0, NULL, NULL); - ahash_request_set_crypt(req, sg, state->sha1_digest, nbytes); - - crypto_ahash_digest(req); - ahash_request_zero(req); + crypto_shash_init(state->sha1); + crypto_shash_update(state->sha1, state->master_key, + state->keylen); + crypto_shash_update(state->sha1, sha_pad->sha_pad1, + sizeof(sha_pad->sha_pad1)); + crypto_shash_update(state->sha1, state->session_key, + state->keylen); + crypto_shash_update(state->sha1, sha_pad->sha_pad2, + sizeof(sha_pad->sha_pad2)); + crypto_shash_final(state->sha1, state->sha1_digest); } /* @@ -200,6 +191,7 @@ static void mppe_rekey(struct ppp_mppe_state * state, int initial_key) static void *mppe_alloc(unsigned char *options, int optlen) { struct ppp_mppe_state *state; + struct crypto_shash *shash; unsigned int digestsize; if (optlen != CILEN_MPPE + sizeof(state->master_key) || @@ -217,13 +209,21 @@ static void *mppe_alloc(unsigned char *options, int optlen) goto out_free; } - state->sha1 = crypto_alloc_ahash("sha1", 0, CRYPTO_ALG_ASYNC); - if (IS_ERR(state->sha1)) { - state->sha1 = NULL; + shash = crypto_alloc_shash("sha1", 0, 0); + if (IS_ERR(shash)) + goto out_free; + + state->sha1 = kmalloc(sizeof(*state->sha1) + + crypto_shash_descsize(shash), + GFP_KERNEL); + if (!state->sha1) { + crypto_free_shash(shash); goto out_free; } + state->sha1->tfm = shash; + state->sha1->flags = 0; - digestsize = crypto_ahash_digestsize(state->sha1); + digestsize = crypto_shash_digestsize(shash); if (digestsize < MPPE_MAX_KEY_LEN) goto out_free; @@ -246,7 +246,10 @@ static void *mppe_alloc(unsigned char *options, int optlen) out_free: kfree(state->sha1_digest); - crypto_free_ahash(state->sha1); + if (state->sha1) { + crypto_free_shash(state->sha1->tfm); + kzfree(state->sha1); + } crypto_free_skcipher(state->arc4); kfree(state); out: @@ -261,7 +264,8 @@ static void mppe_free(void *arg) struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; if (state) { kfree(state->sha1_digest); - crypto_free_ahash(state->sha1); + crypto_free_shash(state->sha1->tfm); + kzfree(state->sha1); crypto_free_skcipher(state->arc4); kfree(state); } -- 2.17.1 -- Kees Cook Pixel Security